Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Uninstall programs wont open


  • This topic is locked This topic is locked
26 replies to this topic

#1 Aceshigh24

Aceshigh24

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:10 PM

Posted 08 October 2012 - 04:40 PM

My girlfriend decided it would be a great idea to download "Call me maybe" on my computer without my knowledge and now when i open up a web page it immediately takes me to a "Babylon Search" page instead of my Google homepage. Also i can no longer open "Uninstall programs" inside of the control panel and it sounds like i have some sort of virus on my computer now curtsey of her downloading this song.

Any suggestions out there on how i can remove this babylon search/virus?

Edited by hamluis, 08 October 2012 - 08:02 PM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:10 PM

Posted 08 October 2012 - 05:47 PM

Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE


Run a scan with Eset.
http://www.eset.com/us/online-scanner/
When the scan finish list found threats save to clipboard copy to notepad Post the log here.




Please download FarbarServiceScanner and run it on the computer with the issue.
http://download.bleepingcomputer.com/farbar/FSS.exe


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:


Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Download Norman Malware Cleaner Run it Go to options then put a tick next to Enable rootkit cleaning. Hit the Full Scan>>>>>>>>Let it finish>>>>>>>>Go to the quarantine Tab>>>>>>> Tick the Select All>>>>>Then the Delete>>>>>>Quit
http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe
A log will appear on your desktop post that here in your next reply.


REBoot after Norman.

Edited by InadequateInfirmity, 08 October 2012 - 08:12 PM.
PM sent re reporting topics for action - Hamluis.


#3 Aceshigh24

Aceshigh24
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:10 PM

Posted 08 October 2012 - 06:04 PM

Holy cow, this is my first time on this site so forgive me for putting this in the wrong thread. Also thank you for this information i will check it out when i get home with my computer.


Thank you so much.

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:10 PM

Posted 08 October 2012 - 06:08 PM

:thumbup2:

No problem just post the logs as soon as you can.

#5 Aceshigh24

Aceshigh24
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:10 PM

Posted 09 October 2012 - 06:45 PM

"""Update"""

Still in the process of doing all of this. I will post when everything is complete.

#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:10 PM

Posted 09 October 2012 - 07:10 PM

:thumbup2:

#7 Aceshigh24

Aceshigh24
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:10 PM

Posted 10 October 2012 - 12:44 AM

Here are my results from the FarbarServiceScanner:


Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit



Here are my results from MINITOOLBOX:


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0
========================= IP Configuration: ================================

NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter = Wireless Network Connection (Connected)
Intel® 82566DC Gigabit Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Mike-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : socal.rr.com

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : socal.rr.com
Description . . . . . . . . . . . : NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter
Physical Address. . . . . . . . . : 00-14-6C-66-2C-E9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::98bb:6c04:3216:f25e%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, October 09, 2012 7:38:07 AM
Lease Expires . . . . . . . . . . : Wednesday, October 10, 2012 7:38:06 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234886252
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0D-6B-19-A7-00-19-D1-22-F9-88
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82566DC Gigabit Network Connection
Physical Address. . . . . . . . . : 00-19-D1-22-F9-88
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:188b:6a3:3f57:fe98(Preferred)
Link-local IPv6 Address . . . . . : fe80::188b:6a3:3f57:fe98%8(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{F9BDA046-3DE5-4751-8489-54FE68A9AF82}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : socal.rr.com
Description . . . . . . . . . . . : isatap.socal.rr.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2607:f8b0:4007:801::1005
74.125.224.227
74.125.224.228
74.125.224.229
74.125.224.230
74.125.224.231
74.125.224.232
74.125.224.233
74.125.224.238
74.125.224.224
74.125.224.225
74.125.224.226



Pinging google.com [74.125.239.8] with 32 bytes of data:

Reply from 74.125.239.8: bytes=32 time=15ms TTL=54

Reply from 74.125.239.8: bytes=32 time=15ms TTL=54



Ping statistics for 74.125.239.8:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 15ms, Maximum = 15ms, Average = 15ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=97ms TTL=47

Reply from 98.138.253.109: bytes=32 time=127ms TTL=47



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 97ms, Maximum = 127ms, Average = 112ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
10 ...00 14 6c 66 2c e9 ...... NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter
9 ...00 19 d1 22 f9 88 ...... Intel® 82566DC Gigabit Network Connection
1 ........................... Software Loopback Interface 1
8 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
16 ...00 00 00 00 00 00 00 e0 isatap.{F9BDA046-3DE5-4751-8489-54FE68A9AF82}
11 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
17 ...00 00 00 00 00 00 00 e0 isatap.socal.rr.com
14 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
18 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.103 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.103 286
192.168.1.103 255.255.255.255 On-link 192.168.1.103 286
192.168.1.255 255.255.255.255 On-link 192.168.1.103 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.103 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.103 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
8 18 ::/0 On-link
1 306 ::1/128 On-link
8 18 2001::/32 On-link
8 266 2001:0:9d38:6ab8:188b:6a3:3f57:fe98/128
On-link
10 286 fe80::/64 On-link
8 266 fe80::/64 On-link
8 266 fe80::188b:6a3:3f57:fe98/128
On-link
10 286 fe80::98bb:6c04:3216:f25e/128
On-link
1 306 ff00::/8 On-link
8 266 ff00::/8 On-link
10 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/09/2012 07:34:48 AM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.

Details:
Class not registered
(0x80040154)

Error: (10/09/2012 07:34:47 AM) (Source: Windows Search Service) (User: )
Description: The protocol handler Search.CscHandler.1 cannot be loaded. Error description: Class not registered
.

Error: (10/09/2012 02:00:08 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 800700C1

Error: (10/08/2012 07:00:01 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 800700C1

Error: (10/07/2012 00:00:01 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 800700C1

Error: (10/06/2012 05:00:01 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 800700C1

Error: (10/06/2012 00:33:58 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 800700C1

Error: (10/05/2012 03:00:01 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 800700C1

Error: (10/04/2012 08:00:01 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 800700C1

Error: (10/03/2012 01:00:01 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 800700C1


System errors:
=============
Error: (10/09/2012 07:38:28 AM) (Source: Service Control Manager) (User: )
Description: SupportSoft Sprocket Service (dellsupportcenter)%%2

Error: (10/09/2012 07:37:42 AM) (Source: Application Popup) (User: )
Description: Driver DLACDBHM.SYS has been blocked from loading.

Error: (10/09/2012 07:38:03 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:35:28 AM on 10/9/2012 was unexpected.

Error: (10/09/2012 00:12:41 AM) (Source: Service Control Manager) (User: )
Description: SupportSoft Sprocket Service (dellsupportcenter)%%2

Error: (10/09/2012 00:12:08 AM) (Source: Application Popup) (User: )
Description: Driver DLACDBHM.SYS has been blocked from loading.

Error: (10/08/2012 11:52:34 PM) (Source: Service Control Manager) (User: )
Description: SupportSoft Sprocket Service (dellsupportcenter)%%2

Error: (10/08/2012 11:51:44 PM) (Source: Application Popup) (User: )
Description: Driver DLACDBHM.SYS has been blocked from loading.

Error: (10/08/2012 08:57:03 PM) (Source: Service Control Manager) (User: )
Description: 30000SysMain

Error: (10/08/2012 08:56:34 PM) (Source: Service Control Manager) (User: )
Description: 30000TrkWks

Error: (09/30/2012 10:17:31 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.


Microsoft Office Sessions:
=========================
Error: (10/09/2012 07:34:48 AM) (Source: Windows Search Service)(User: )
Description: Details:
Class not registered
(0x80040154)

Error: (10/09/2012 07:34:47 AM) (Source: Windows Search Service)(User: )
Description: Search.CscHandler.1Class not registered

Error: (10/09/2012 02:00:08 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 800700C1

Error: (10/08/2012 07:00:01 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 800700C1

Error: (10/07/2012 00:00:01 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 800700C1

Error: (10/06/2012 05:00:01 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 800700C1

Error: (10/06/2012 00:33:58 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 800700C1

Error: (10/05/2012 03:00:01 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 800700C1

Error: (10/04/2012 08:00:01 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 800700C1

Error: (10/03/2012 01:00:01 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 800700C1


=========================== Installed Programs ============================

3ivx MPEG-4 5.0.3 (remove only) (Version: 5.0.3)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
AIM for Windows
Amazon Games & Software Downloader (Version: 2.0.2.0)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Auslogics Disk Defrag (Version: version 3.3)
BabylonObjectInstaller (Version: 2.0.0.2)
Bejeweled 2 Deluxe 1.0
Bonjour (Version: 3.0.0.10)
Bowl Bound College Football
Bowl Bound College Football Update 1.11
Caribbean Explorer 1.0.0.9
CCleaner (Version: 3.19)
CDDRV_Installer (Version: 4.60)
Chuzzle Deluxe 1.0
Conexant D850 PCI V.92 Modem
Dell System Customization Wizard (Version: 1.00.0000)
DellSupport (Version: 6.0.3030)
Digital Line Detect (Version: 1.20)
DivX Content Uploader (Version: 1.2.1)
DivX Web Player (Version: 1.3.1)
Documentation & Support Launcher (Version: 1.00.0000)
Download Updater (AOL LLC)
Draft Day Sports: College Basketball 2
Draft Day Sports: College Basketball 2 1.6 (Version: 1.5)
Draft Day Sports: Pro Basketball 2
EarthLink Setup Files (Version: 2005.2.178.0.2.2)
ESET Online Scanner v3
Fast Break Basketball
Fast Break College Basketball 2010
FlipShare (Version: 5.0.5.52727)
Football Manager 2011 (Version: 11.1.1.0)
Front Office Football 2007 (Version: 6.3.1)
Full Tilt Poker (Version: 4.17.11.WIN.FullTilt.Real)
Games, Music, & Photos Launcher (Version: 1.00.0000)
Google Chrome (Version: 22.0.1229.92)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Intel® Matrix Storage Manager
Intel® Viiv™ Software (Version: 1.6.429.0)
Internet Service Offers Launcher (Version: 1.00.0000)
iPod for Windows 2005-06-26 (Version: 3.8.0)
iTunes (Version: 10.6.3.25)
J2SE Runtime Environment 5.0 Update 4 (Version: 1.5.0.40)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Java™ SE Runtime Environment 6 (Version: 1.6.0.0)
Jump Shot Basketball version 5.7 (Version: 5.7)
KhalInstallWrapper (Version: 2.00.0000)
LiveUpdate 3.2 (Symantec Corporation) (Version: 3.2.0.68)
LiveUpdate Notice (Symantec Corporation) (Version: 1.4.5)
Logitech Desktop Messenger (Version: 2.01.02)
Logitech SetPoint (Version: 4.80)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Small Business Edition 2003 (Version: 11.0.8173.0)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 08.05.0818)
Modem Diagnostic Tool (Version: 1.0.17.8)
Move Media Player
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NCAA 2011 MOD
NCAA 2011 Update 1
NetWaiting (Version: 2.5.41)
NHL Eastside Hockey Manager 2007 (Version: 3.0.0)
Norton AntiVirus (Version: 19.7.1.5)
NVIDIA Drivers (Version: 1.3)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Out of the Park Baseball 13 (Version: 13)
Out of the Park Baseball 6
Out of the Park Baseball 6.51a
Professional Football Simulator (Version: 1.1.97)
QuickTime (Version: 7.71.80.42)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator BDAV Plugin (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator DE (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Drag-to-Disc (Version: 9.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio MyDVD DE (Version: 9.0.116)
Roxio Update Manager (Version: 3.0.0)
SigmaTel Audio (Version: 5.10.5003.0)
Sonic Activation Module (Version: 1.0)
SUPERAntiSpyware (Version: 5.6.1010)
TeamViewer 7 (Version: 7.0.14563)
The College Years
Total Pro Golf 2
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
URL Assistant
User's Guides
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WinRAR archiver
WMMA3

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 3069.03 MB
Available physical RAM: 1837.48 MB
Total Pagefile: 6345.07 MB
Available Pagefile: 5108.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1945.26 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:222.78 GB) (Free:116.05 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.86 GB) NTFS
3 Drive e: (Lost Secrets 4PK) (CDROM) (Total:0.34 GB) (Free:0 GB) CDFS


Here are my results from Adware Cleaner:




***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\user.js
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\Mike\AppData\LocalLow\Viewpoint
Folder Deleted : C:\Users\Mike\AppData\LocalLow\Zynga
Folder Deleted : C:\Users\Mike\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\xcku28mm.default\prefs.js

C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\xcku28mm.default\user.js ... Deleted !

Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112555&tt=220512_53ctrl");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "2a672bf600000000000000146c662ce9");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "2a672bf600000000000000146c662ce9");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15493");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=112555&tt=22051[...]
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1716:03:01");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=112555&tt=220512_53ctrl&babsrc=KW_ss&mntr[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.34] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Deleted [l.37] : keyword = "babylon.com",
Deleted [l.40] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&tt=220512_53ctrl&babsrc=SP_crm",

*************************



Here are my results from Norman Malware Cleaner:




Norman Malware Cleaner v2.05.06
Copyright © 1990 - 2012, Norman ASA.

Norman Scanner Engine Version: 6.08.06
nvcbin.def: Version: 6.08.00, Date: 2012/10/08 22:28:00, Variants: 18854616
nvcmacro.def: Version: 6.08.00, Date: 2011/12/19 02:20:35, Variants: 20465

Operating System: Windows Vista Service Pack 2

Switches: /iagree /cleanrootkit /nosb

Scan started: 2012/10/09 08:09:30

Running pre-scan cleanup routine...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s

Scanning system for active rootkit activity...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s

Scanning running processes and process memory...

Number of objects found: 2596
Number of objects scanned: 2596
Number of objects not scanned: 0
Number of malicious memory objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 3m 12s

Scanning system for FakeAV...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s

Running full scan...
C:\Boot\BCD: Error opening file for read: 0x00000020
C:\Boot\BCD.LOG: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\chandir.dat: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\chandir.idx: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\chn.dat: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\chn.idx: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\D0000000.FCS: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\L0000044.FCS: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\prs.dat: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\prs.idx: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\prs_die.dat: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\prs_die.idx: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\prs_dnd.dat: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\prs_dnd.idx: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\prs_ext.dat: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\prs_ext.idx: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\prs_rcv.dat: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\prs_rcv.idx: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\storydb.dat: Error opening file for read: 0x00000020
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Mike\Data\storydb.idx: Error opening file for read: 0x00000020
C:\ProgramData\AOL Downloads\triton_suite_install\6.1.32.1\ocpinst.exe: File infected with Suspicious_Gen2.BNVBU
Delete file: C:\ProgramData\AOL Downloads\triton_suite_install\6.1.32.1\ocpinst.exe
Cleaning successful
C:\ProgramData\AOL Downloads\triton_suite_install\6.1.41.2\migrator.exe: File infected with W32/Suspicious_Gen2.ATVLM
Delete file: C:\ProgramData\AOL Downloads\triton_suite_install\6.1.41.2\migrator.exe
Cleaning successful
C:\ProgramData\AOL Downloads\triton_suite_install\6.1.41.2\ocpinst.exe: File infected with Suspicious_Gen2.BNVBU
Delete file: C:\ProgramData\AOL Downloads\triton_suite_install\6.1.41.2\ocpinst.exe
Cleaning successful
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Error opening file for read: 0x00000020
C:\ProgramData\Norton\00000082\00000119\0000057c\cltLMS1.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\00000082\00000119\0000057c\cltLMS2.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\ccGEvt\Global\LM2.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\ccGLog\ccGenericLog.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\ccJobMgr\JobMgr.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\ccJobMgr\JobMgr.dat.log: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\ccSetMgr\f3e77630-309c-4148-bbc2-5bb839273bad.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\ccSetMgr\settings_19.7.1.5.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\ccSetMgr\Volatile.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\ccSetMgr\Volatile.dat.log: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\EMPxyOpt.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\SBSDKEng.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\_lck\_AVPAPP_{BB639333-810A-4bf8-85F5-C537857F55FC}1: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\_lck\_ISDATAPR_{E8EFD4CD-DE52-4444-9511-EFF3B158724B}1: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\_lck\_ISDATAPR_{FF9AC67A-E394-46ae-B150-B3365343F166}G: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\_lck\_NPC.Tray.{1AFE47BB-FCF1-4096-9039-1FEBC9A0CCCF}1: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\_lck\_RDRPluginG: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\_lck\_SNDPluginG: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\_lck\_SvcMgr-A2B50D70-5EA1-45a0-A983-0DB9E7101676G: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\CmnClnt\_lck\_UI.Host.{1AFE47BB-FCF1-4096-9039-1FEBC9A0CCCF}1: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Connections\connectn.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\diStRptr\diStRptr.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\diStRptr\diStRptr.dat.log: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{05DD78B7-77A1-4393-888E-D8EC961A3B19}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{0693F93A-DEFD-22EE-B444-87D156D89593}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{2F090208-20DC-42f0-BBD8-B68B472F7215}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{511C2222-DEFD-22EE-B154-4A6A546B9793}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{591D2F72-6BF6-4E6D-AEE1-2C53200DE57E}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{591D2F72-BEEF-4E6D-AEE1-2C53200DE57E}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{5B2B85BE-2999-486f-87D2-CEFAEA5984A2}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{5BD0D294-A689-4606-B58C-47A511ED1C14}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{5BD0D294-BEEF-4606-B58C-47A511ED1C14}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{5DE264E3-CED0-4cee-B206-6D287630A7B9}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{65190544-26C3-43a4-A78A-694964901607}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{69EDD4E1-116E-4773-A0AC-C59945720C2A}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{6A585666-3EAE-44c3-8821-711CCE3F2873}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{6C76977D-A5FD-452b-AAAF-51799B8EA9B4}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{6C817099-B8B4-4137-A53F-68B7EA75EC55}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{6E3396BD-C6A6-4f0f-9254-267F9058FEC4}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{70623C4D-9D8A-4025-91D1-3307B948E7DD}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{70623C4D-BEEF-4025-91D1-3307B948E7DD}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{89E020E9-BE3E-40cc-9C00-66A3FBA23106}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{93545EED-DE0A-4efa-B44D-68C5CBF1D4F7}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{98A25227-3754-475b-B325-D658972C6E98}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{9F920DB1-1600-4bba-817B-A4F33B0607D1}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{A96E24EE-101F-4f7f-887C-30680DCFF3E4}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{D418C996-433A-42df-8D3C-E1A24C0AD3C0}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{DEC5A7DC-730A-4eff-89E6-DCEEC5DB5287}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{D4F4CC32-7A41-4684-AE57-41E59E9B4503}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{E6941702-E564-4caf-84E1-572AEB95826F}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{E8827B4A-4F58-4dea-8C93-07B32A63D1C5}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{E8827B4A-BEEF-4dea-8C93-07B32A63D1C5}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{F9AF8C8D-DED9-40db-A228-0F22ECC66E88}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{FD0D6765-46D2-4399-82E1-8E9D500823F8}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\DuLuCbkPkg\{F9AF8C8D-BEEF-40db-A228-0F22ECC66E88}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Framework\O2Reg.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Framework\oxygen.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Framework\SpocSelfTune.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Logs\bash.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Logs\ClientIDS.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Logs\LU.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Logs\Performance.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Logs\SymNetDrv.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Lue\LueDyn.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\LuReg\{648D9F44-15C3-4554-9624-36BEA55E1B88}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\LuReg\{82E8AF44-7C45-42a1-B9D5-A531BEEA7C9E}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\LuReg\{C6EC303F-DEB3-4b76-AA4A-652A7641B359}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\LuReg\{D06948D5-FB30-4721-9983-45F86F6D2D85}.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\NPC\InstOpts.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\NPC\Settings.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\NPC\Support.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\NUM\Settings.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Product\CAVDNode.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Product\CAVDNode.dat.log: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Product\cltDynam.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Product\cltDynam.dat.log: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Product\depend.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Product\Layout.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Product\LCset.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Product\OEM.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Product\ProdExcl.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Product\set-priv.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Product\set-priv.dat.log: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Product\User.dat: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Product\User.dat.log: Error opening file for read: 0x00000020
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\SRTSP\SrtspSet.dat: Error opening file for read: 0x00000020
C:\Users\Mike\AppData\Local\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020
C:\Users\Mike\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\Mike\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2: Error opening file for read: 0x00000020
C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\xcku28mm.default\parent.lock: Error opening file for read: 0x00000020
C:\Users\Mike\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\Mike\ntuser.dat.LOG2: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\ntuser.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG2: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0: Error opening file for read: 0x00000020
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\edb.log: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb: Error opening file for read: 0x00000020
C:\Windows\System32\config\components: Error opening file for read: 0x00000020
C:\Windows\System32\config\COMPONENTS.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\COMPONENTS.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\default: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\COMPONENTS: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\DEFAULT: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SAM: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SECURITY: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SOFTWARE: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SYSTEM: Error opening file for read: 0x00000020
C:\Windows\System32\config\sam: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\security: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\software: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\system: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl: Error opening file for read: 0x00000020

C:\Windows\System32\mmf.sys: Error opening file for read: 0x00000020
D:\Windows\winsxs\Backup\x86_microsoft-windows-font-bitmap-terminal_31bf3856ad364e35_6.0.6000.16386_none_123896e8c4717b88_ega80woa.fon_72a205e7: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-i..er-engine.resources_31bf3856ad364e35_6.0.6000.16386_zh-cn_a471988048f7323a.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-i..ional-codepage-1253_31bf3856ad364e35_6.0.6000.16386_none_2056942a0d17f6d9.manifest: I/O error scanning file: 0x00000001
x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-i..ional-codepage-1256_31bf3856ad364e35_6.0.6000.16386_none_21ab29b40c3d046e_c_1256.nls_72f6d1a9: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-i..tional-codepage-708_31bf3856ad364e35_6.0.6000.16386_none_ccb692fd9e43c203_c_708.nls_a9f9a85e: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-mlang.resources_31bf3856ad364e35_6.0.6000.16386_lv-lv_fadea048b740720d_mlang.dll.mui_2904864a: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-mlang.resources_31bf3856ad364e35_6.0.6000.16386_ro-ro_cac4ad00686dd7e1_mlang.dll.mui_2904864a: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-mlang.resources_31bf3856ad364e35_6.0.6000.16386_sk-sk_6c47fd395c028cdb_mlang.dll.mui_2904864a: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-mlang.resources_31bf3856ad364e35_6.0.6000.16386_sv-se_6927e3015e11a50c_mlang.dll.mui_2904864a: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-mlang.resources_31bf3856ad364e35_6.0.6000.16386_zh-hk_e23d43d3fde0ebac.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-mlang.resources_31bf3856ad364e35_6.0.6000.16386_zh-hk_e23d43d3fde0ebac_mlang.dll.mui_2904864a: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.0.6000.16386_none_f06162ca0a1ab2c0_msmmsp.dll_eaaf0717: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-msls31_31bf3856ad364e35_6.0.6000.16386_none_c9c911baa588ad17_msls31.dll_8d36fcb7: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-mup_31bf3856ad364e35_6.0.6000.16386_none_aabb87325b98b7e4_mup.sys_ea6a9c41: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-ntdll.resources_31bf3856ad364e35_6.0.6000.16386_en-us_665df1195f36e2c5.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-p..structure.resources_31bf3856ad364e35_6.0.6000.16386_en-us_62e599a3beff4160_perfd.dat_f1e3dfd2: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-pshed.resources_31bf3856ad364e35_6.0.6000.16386_en-us_915d82a07c394fbd.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6000.16386_none_0da33cba68680e8f_rasacd.sys_43640ee7: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.0.6000.16386_none_0ba9a5e57d843445_kmddsp.tsp_c999e400: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-rpc-kernel_31bf3856ad364e35_6.0.6000.16386_none_bcd5c1d984fb831b_msrpc.sys_2e252236: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-rpc-local.resources_31bf3856ad364e35_6.0.6000.16386_en-us_9984dca1c0a0202e.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-sens-client_31bf3856ad364e35_6.0.6000.16386_none_ff0beccac0362b51_sensapi.dll_9e623aad: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-setupapi_31bf3856ad364e35_6.0.6000.16386_none_32be97b4c952c981.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Backup\x86_microsoft-windows-standardvga_31bf3856ad364e35_6.0.6000.16386_none_9a556f89dd14aba7_framebuf.dll_3e9737b8: I/O error scanning file: 0x00000001
D:\Windows\winsxs\FileMaps\$$_boot_pxe_zh-hk_32ef72b95f07590b.cdf-ms: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_fi-fi_55c5899840648a19.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_ja-jp_e5af703e0869a5aa.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_nl-nl_6feb1965d42ba251.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_ru-ru_00003fbb9c28a1f1.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-cdosys.resources_31bf3856ad364e35_6.0.6000.16386_es-es_5ddf65d3c52be9d5.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-cdosys.resources_31bf3856ad364e35_6.0.6000.16386_zh-tw_c196b0b3a997aeb2.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-comctl32-v5.resources_31bf3856ad364e35_6.0.6000.16386_en-us_609301cf98f7f452.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_nl-nl_55ec71f6a1556958.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-i..l-keyboard-0000043b_31bf3856ad364e35_6.0.6000.16386_none_fac5fdc55954d370.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-i..l-keyboard-00000451_31bf3856ad364e35_6.0.6000.16386_none_e50af067674d28db.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-i..l-keyboard-00000452_31bf3856ad364e35_6.0.6000.16386_none_e57c779567042d62.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-i..onal-codepage-20269_31bf3856ad364e35_6.0.6000.16386_none_51b4c993e8350083.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-i..onal-codepage-20277_31bf3856ad364e35_6.0.6000.16386_none_523bf099e7dbcd28.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-i..onal-codepage-20280_31bf3856ad364e35_6.0.6000.16386_none_52f9273be75a0e18.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-i..onal-codepage-20285_31bf3856ad364e35_6.0.6000.16386_none_52c3179fe78299cd.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-i..onal-codepage-28591_31bf3856ad364e35_6.0.6000.16386_none_53679c75e712462b.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-ratings.resources_31bf3856ad364e35_6.0.6000.16386_en-us_57866a998cdbaed6.manifest: I/O error scanning file: 0x00000001
D:\Windows\winsxs\x86_microsoft-windows-m..odeupdate-servicing_31bf3856ad364e35_6.0.6000.16386_none_a15142f3a9192ea5\ucsvc.exe: I/O error scanning file: 0x00000001

Number of files found: 581736
Number of archives unpacked: 9410
Number of objects found: 1207357
Number of objects scanned: 1205249
Number of objects not scanned: 2108
Number of malicious objects found: 3
Number of malicious objects cleaned: 3
Number of malicious files found: 3
Number of malicious files cleaned: 3
Scanning time: 12h 5m 52s

Running post-scan cleanup routine...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s

Results:
Total number of files found: 581736
Total number of archives unpacked: 9410
Total number of objects found: 1209953
Total number of objects scanned: 1207845
Total number of objects not scanned: 2108
Total number of malicious objects found: 3
Total number of malicious objects cleaned: 3
Total number of malicious files found: 3
Total number of malicious files cleaned: 3
Total number of objects quarantined: 3
Total scanning time: 12h 9m 4s



Also for some reason it didn't give me a log for http://www.eset.com/us/online-scanner/. Is it OK that i didn't include this in the reporting? If you need it i can try to scan it again to get a log.

Again thanks for you help and let me know what i need to do.


Also I was able to see that the Babylon search went away but i still can't open up the "Uninstall Programs"

Edited by Aceshigh24, 10 October 2012 - 12:51 AM.


#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:10 PM

Posted 10 October 2012 - 06:01 AM

We will get to the Uninstall Programs issue. :)


Did eset find anything as a threat?

Can you post the Malwarebytes log here please.


Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Right Click it Run as Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results



Run the program below as admin hit the scan button allow it to finish then hit the delete button.

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Download Rkill run it post the log.
http://www.bleepingcomputer.com/download/rkill/

Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe


Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

http://download.sysinternals.com/files/Autoruns.zip

#9 Aceshigh24

Aceshigh24
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:10 PM

Posted 10 October 2012 - 03:16 PM

I think this might be the log from the ESET scan that i did. I found it in the ESET folder on my computer. Is this the right information you needed?


ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1a4f15bb36450c4c9631aad382e90025
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-09 12:16:19
# local_time=2012-10-09 05:16:19 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=3584 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 90897212 186374886 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=591787
# found=0
# cleaned=0
# scan_time=17620


Here is the log from the Malwarebytes:


Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.09.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Mike :: MIKE-PC [administrator]

10/8/2012 11:37:46 PM
mbam-log-2012-10-08 (23-37-46).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 231470
Time elapsed: 9 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCU\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



I am going to work on the new programs you just listed for me. Let me know if you need anything else.

#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:10 PM

Posted 10 October 2012 - 03:18 PM

Just follow through with the instructions and post the requested info. :thumbup2:

#11 Aceshigh24

Aceshigh24
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:10 PM

Posted 10 October 2012 - 04:14 PM

Ran the TDSS Killer and it came up with "No Threats Detected"


Here are the results for Rogue Killer:


RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Mike [Admin rights]
Mode : Remove -- Date : 10/10/2012 13:33:16

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] Runservice.exe -- C:\Windows\runservice.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
SSDT[13] : NtAlertResumeThread @ 0x820D965D -> HOOKED (Unknown @ 0x880D5E48)
SSDT[14] : NtAlertThread @ 0x82052295 -> HOOKED (Unknown @ 0x880D5F28)
SSDT[18] : NtAllocateVirtualMemory @ 0x8208E54B -> HOOKED (Unknown @ 0x881BCBA0)
SSDT[21] : NtAlpcConnectPort @ 0x8203088B -> HOOKED (Unknown @ 0x871D1B70)
SSDT[42] : NtAssignProcessToJobObject @ 0x82003B47 -> HOOKED (Unknown @ 0x880D7E10)
SSDT[67] : NtCreateMutant @ 0x82066862 -> HOOKED (Unknown @ 0x880D6F80)
SSDT[77] : NtCreateSymbolicLinkObject @ 0x8200635E -> HOOKED (Unknown @ 0x880D8F38)
SSDT[78] : NtCreateThread @ 0x820D7C74 -> HOOKED (Unknown @ 0x881B9B50)
SSDT[116] : NtDebugActiveProcess @ 0x820AAD78 -> HOOKED (Unknown @ 0x880D7EF0)
SSDT[129] : NtDuplicateObject @ 0x8203E581 -> HOOKED (Unknown @ 0x881BBBA0)
SSDT[147] : NtFreeVirtualMemory @ 0x81ECAF1D -> HOOKED (Unknown @ 0x881BDAF8)
SSDT[156] : NtImpersonateAnonymousToken @ 0x82000F16 -> HOOKED (Unknown @ 0x880D5C88)
SSDT[158] : NtImpersonateThread @ 0x82016553 -> HOOKED (Unknown @ 0x880D5D68)
SSDT[165] : NtLoadDriver @ 0x81FB1DEE -> HOOKED (Unknown @ 0x8713FC20)
SSDT[177] : NtMapViewOfSection @ 0x820568DA -> HOOKED (Unknown @ 0x880D2D50)
SSDT[184] : NtOpenEvent @ 0x8203FDFF -> HOOKED (Unknown @ 0x880D6EC0)
SSDT[194] : NtOpenProcess @ 0x82066FFE -> HOOKED (Unknown @ 0x881B9A38)
SSDT[195] : NtOpenProcessToken @ 0x82047A60 -> HOOKED (Unknown @ 0x881BBAE0)
SSDT[197] : NtOpenSection @ 0x820576AD -> HOOKED (Unknown @ 0x880D6D00)
SSDT[201] : NtOpenThread @ 0x8206254F -> HOOKED (Unknown @ 0x881BAB18)
SSDT[210] : NtProtectVirtualMemory @ 0x82060332 -> HOOKED (Unknown @ 0x880D7D20)
SSDT[282] : NtResumeThread @ 0x82061B9A -> HOOKED (Unknown @ 0x880D4C00)
SSDT[289] : NtSetContextThread @ 0x820D910B -> HOOKED (Unknown @ 0x880D4EA0)
SSDT[305] : NtSetInformationProcess @ 0x8205A908 -> HOOKED (Unknown @ 0x880D4F80)
SSDT[317] : NtSetSystemInformation @ 0x8202CEEF -> HOOKED (Unknown @ 0x880D7FD0)
SSDT[330] : NtSuspendProcess @ 0x820D9597 -> HOOKED (Unknown @ 0x880D6DE0)
SSDT[331] : NtSuspendThread @ 0x81FE092D -> HOOKED (Unknown @ 0x880D4CE0)
SSDT[335] : NtTerminateThread @ 0x82062584 -> HOOKED (Unknown @ 0x880D4DC0)
SSDT[348] : NtUnmapViewOfSection @ 0x82056B9D -> HOOKED (Unknown @ 0x880D2C70)
SSDT[358] : NtWriteVirtualMemory @ 0x8205396D -> HOOKED (Unknown @ 0x881BCA48)
SSDT[382] : NtCreateThreadEx @ 0x82062039 -> HOOKED (Unknown @ 0x880D7C20)
S_SSDT[317] : Unknown -> HOOKED (Unknown @ 0x87783108)
S_SSDT[397] : Unknown -> HOOKED (Unknown @ 0x8926C1F8)
S_SSDT[428] : Unknown -> HOOKED (Unknown @ 0x8926C138)
S_SSDT[430] : Unknown -> HOOKED (Unknown @ 0x87FA9C00)
S_SSDT[442] : Unknown -> HOOKED (Unknown @ 0x87FA9C80)
S_SSDT[479] : Unknown -> HOOKED (Unknown @ 0x880709F0)
S_SSDT[497] : Unknown -> HOOKED (Unknown @ 0x88070B90)
S_SSDT[498] : Unknown -> HOOKED (Unknown @ 0x88070AC0)
S_SSDT[573] : Unknown -> HOOKED (Unknown @ 0x8926B0B0)
S_SSDT[576] : Unknown -> HOOKED (Unknown @ 0x862AA650)

¤¤¤ Extern Hives: ¤¤¤
-> D:\windows\system32\config\SOFTWARE
-> D:\Users\Default\NTUSER.DAT

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG SP2504C +++++
--- User ---
[MBR] ce16a8f1c6539d02b81b1f6769686695
[BSP] 162060bb474056eae6dde76395768ebf : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 98304 | Size: 10240 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21069824 | Size: 228129 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt



Here is the log for RKill:



Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/10/2012 01:36:24 PM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\sttray.exe (PID: 2464) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 10/10/2012 01:36:39 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)



As far as the JRT program goes my Norton Antivirus won't allow me to download it as it's saying it's a threat and i can't seem to find where to shut that function off so i can download it.



Here is the results from the Autoruns Log:


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "AmazonGSDownloaderTray" "TaskTray Application" "Amazon.com" "c:\program files\amazon\amazon games & software downloader\amazongsdownloadertray.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "Blubster" "" "" "File not found: C:\Program Files\Blubster\Blubster.exe SILENT"
+ "CCUTRAYICON" "Intel® Viiv™ Settings" "Intel® Corporation" "c:\program files\intel\inteldh\ccu\ccu_trayicon.exe"
+ "DellSupportCenter" "" "" "File not found: C:\Program Files\Dell Support Center\bin\sprtcmd.exe"
+ "ECenter" " " " " "c:\dell\e-center\eulalauncher.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaanotif.exe"
+ "ISUSPM Startup" "Macrovision FLEXnet Connect Software Manager" "Macrovision Corporation" "c:\program files\common files\installshield\updateservice\isuspm.exe"
+ "ISUSScheduler" "Macrovision FLEXnet Connect Scheduler" "Macrovision Corporation" "c:\program files\common files\installshield\updateservice\issch.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "NvMediaCenter" "NVIDIA Media Center Library" "NVIDIA Corporation" "c:\windows\system32\nvmctray.dll"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "SetPoint" "Logitech SetPoint Event Manager (UNICODE)" "Logitech, Inc." "c:\program files\logitech\setpoint\setpoint.exe"
+ "SigmatelSysTrayApp" "Sigmatel Audio system tray application" "SigmaTel, Inc." "c:\windows\sttray.exe"
+ "Symantec PIF AlertEng" "LiveUpdate Notice Service" "Symantec Corporation" "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe"
+ "Windows Defender" "Windows Defender User Interface" "Microsoft Corporation" "c:\program files\windows defender\msascui.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Digital Line Detect.lnk" "Digital Line Detection" "Avanquest Software " "c:\program files\digital line detect\dlg.exe"
+ "Logitech Desktop Messenger.lnk" "LDM Configuration Application" "Logitech" "c:\program files\logitech\desktop messenger\8876480\program\ldmconf.exe"
+ "Logitech SetPoint.lnk" "Logitech SetPoint Event Manager (UNICODE)" "Logitech, Inc." "c:\program files\logitech\setpoint\setpoint.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DellSupport" "Dell Support" "Gteko Ltd." "c:\program files\dellsupport\dsagnt.exe"
+ "DellSupportCenter" "" "" "File not found: C:\Program Files\Dell Support Center\bin\sprtcmd.exe"
+ "LDM" "Logitech Desktop Messenger" "Logitech" "c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe"
+ "Sidebar" "Windows Sidebar" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
+ "updateMgr" "" "" "File not found: C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe"
+ "WMPNSCFG" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office11\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "bw+0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw+0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw-0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw-0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw00" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw00s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw10" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw10s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw20" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw20s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw30" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw30s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw40" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw40s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw50" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw50s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw60" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw60s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw70" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw70s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw80" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw80s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw90" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bw90s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwa0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwa0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwb0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwb0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwc0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwc0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwd0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwd0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwe0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwe0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwf0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwf0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwfile-8876480" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\gaplugprotocol-8876480.dll"
+ "bwg0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwg0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwh0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwh0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwi0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwi0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwj0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwj0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwk0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwk0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwl0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwl0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwm0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwm0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwn0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwn0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwo0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwo0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwp0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwp0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwq0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwq0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwr0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwr0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bws0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bws0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwt0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwt0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwu0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwu0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwv0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwv0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bww0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bww0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwx0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwx0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwy0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwy0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwz0" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "bwz0s" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
+ "ms-itss" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"
+ "mso-offdap11" "Microsoft Office Web Components 2003" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\11\owc11.dll"
+ "offline-8876480" "BackWeb Runner Application " "BackWeb Technologies Inc. " "c:\program files\logitech\desktop messenger\8876480\program\bwplugprotocol-8876480.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "LavasoftShellExt" "" "" "File not found: C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton antivirus\engine\19.7.1.5\navshext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "Roxio DragToDisc Shell Extension" "DirectCD Shell Extention DLL" "Roxio" "c:\program files\roxio\drag-to-disc\shellex.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Roxio DragToDisc Shell Extension" "DirectCD Shell Extention DLL" "Roxio" "c:\program files\roxio\drag-to-disc\shellex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "NvCplDesktopContext" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "LavasoftShellExt" "" "" "File not found: C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton antivirus\engine\19.7.1.5\navshext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "CBrowserHelperObject Object" "BAE.dll" "Dell Inc." "c:\program files\bae\bae.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Norton Vulnerability Protection" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files\norton antivirus\engine\19.7.1.5\ips\ipsbho.dll"
+ "SSVHelper Class" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre1.6.0\bin\ssv.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Sun Java Console" "Java Plug-in 1.6.0 for Netscape Navigator (DLL Helper)" "Sun Microsystems, Inc." "c:\program files\java\jre1.6.0\bin\npjpi160.dll"
"Task Scheduler" "" "" ""
+ "\Ad-Aware Update (Weekly)" "" "" "File not found: C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe"
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\Microsoft\Windows\Tcpip\WSHReset" "" "" "c:\windows\system32\schtasks.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\Norton AntiVirus\Norton Error Analyzer" "Symantec Error Reporting" "Symantec Corporation" "c:\program files\norton antivirus\engine\19.7.1.5\symerr.exe"
+ "\Norton AntiVirus\Norton Error Processor" "Symantec Error Reporting" "Symantec Corporation" "c:\program files\norton antivirus\engine\19.7.1.5\symerr.exe"
+ "\Norton WSC Integration" "WSCStub" "Symantec Corporation" "c:\program files\norton antivirus\engine\19.7.1.5\wscstub.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AlertService" "This service reports the notices from Intel® Viiv™ software. If this service is stopped or disabled, components of Intel Viiv software that depend on the notices will not receive them." "Intel® Corporation" "c:\program files\intel\inteldh\ccu\alertservice.exe"
+ "Amazon Download Agent" "Amazon Games & Software Downloader Service" "Amazon.com" "c:\program files\amazon\amazon games & software downloader\amazongsdownloaderservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Automatic LiveUpdate Scheduler" "Manages the scheduling of Automatic LiveUpdate sessions" "Symantec Corporation" "c:\program files\symantec\liveupdate\aluschedulersvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "CLTNetCnService" "Symantec Lic NetConnect Service" "" "File not found: C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe"
+ "DQLWinService" "DQLWinSe Application" "" "c:\program files\common files\intel\inteldh\nms\adpplugins\dqlwinservice.exe"
+ "DSBrokerService" "Gteko BrkrSvc Application" "" "c:\program files\dellsupport\brkrsvc.exe"
+ "FlipShare Service" "FlipShare Service" "" "c:\program files\flip video\flipshare\flipshareservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaantmon.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "ISSM" "Intel® Software services manager" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\issm.exe"
+ "LBTServ" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logitech\bluetooth\lbtserv.exe"
+ "LicCtrlService" "License Control Service" "" "c:\windows\runservice.exe"
+ "LiveUpdate" "LiveUpdate Core Engine" "Symantec Corporation" "c:\program files\symantec\liveupdate\lucomserver_3_2.exe"
+ "LiveUpdate Notice Ex" "Manages Norton product notices." "" "File not found: C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe"
+ "LiveUpdate Notice Service" "Manages Norton product notices" "Symantec Corporation" "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe"
+ "M1 Server" "" "" "c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe"
+ "MCLServiceATL" "Intel® Application Tracker" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\shells\mclserviceatl.exe"
+ "MDM" "Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly." "Microsoft Corporation" "c:\program files\common files\microsoft shared\vs7debug\mdm.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "NAV" "Norton AntiVirus" "Symantec Corporation" "c:\program files\norton antivirus\engine\19.7.1.5\ccsvchst.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "Remote UI Service" "Intel® Remoting Service" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe"
+ "RoxMediaDB9" "Roxio RoxMediaDB9 Service" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe"
+ "RoxWatch9" "RoxSniffer9 Module" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\sharedcom\roxwatch9.exe"
+ "sprtsvc_dellsupportcenter" "SupportSoft Sprocket Service" "" "File not found: C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files\common files\surething shared\stllssvr.exe"
+ "TeamViewer7" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files\teamviewer\version7\teamviewer_service.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "XAudioService" "User-mode gate for Modem Speakephone" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "BHDrvx86" "SONAR Engine Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_19.5.1.2\definitions\bashdefs\20120928.001\bhdrvx86.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "ccSet_NAV" "Common Client Settings Driver" "Symantec Corporation" "c:\windows\system32\drivers\nav\1307010.005\ccsetx86.sys"
+ "DLABMFSM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlabmfsm.sys"
+ "DLABOIOM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaboiom.sys"
+ "DLACDBHM" "Shared Driver Component" "Roxio" "c:\windows\system32\drivers\dlacdbhm.sys"
+ "DLADResM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dladresm.sys"
+ "DLAIFS_M" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaifs_m.sys"
+ "DLAOPIOM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaopiom.sys"
+ "DLAPoolM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlapoolm.sys"
+ "DLARTL_M" "Shared Driver Component" "Roxio" "c:\windows\system32\drivers\dlartl_m.sys"
+ "DLAUDF_M" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaudf_m.sys"
+ "DLAUDFAM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaudfam.sys"
+ "DRVMCDB" "Device Driver" "Sonic Solutions" "c:\windows\system32\drivers\drvmcdb.sys"
+ "DRVNDDM" "Device Driver Manager" "Roxio" "c:\windows\system32\drivers\drvnddm.sys"
+ "DSproct" "Process Trigger Driver" "Gteko Ltd." "c:\program files\dellsupport\gtaction\triggers\dsproct.sys"
+ "dsunidrv" "GUniDriver" "Gteko Ltd." "c:\program files\dellsupport\drivers\dsunidrv.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6032.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eectrl.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HSF_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_dpv.sys"
+ "HSXHWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsxhwbs2.sys"
+ "iaStor" "Intel Matrix Storage Manager driver" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "IDSVix86" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_19.5.1.2\definitions\ipsdefs\20121009.001\idsvix86.sys"
+ "IntelDH" "Intel® software driver for Intel® Viiv™ technology" "Intel Corporation" "c:\windows\system32\drivers\inteldh.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "LHidFilt" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhidfilt.sys"
+ "lmimirr" "" "" "File not found: system32\DRIVERS\lmimirr.sys"
+ "LMouFilt" "Logitech Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lmoufilt.sys"
+ "LUsbFilt" "Logitech USB Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lusbfilt.sys"
+ "mdmxsdk" "Diagnostic Interface x86 Driver" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "MonitorFunction" "TVMonitor.sys" "TeamViewer GmbH" "c:\windows\system32\drivers\tvmonitor.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_19.5.1.2\definitions\virusdefs\20121010.001\naveng.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_19.5.1.2\definitions\virusdefs\20121010.001\navex15.sys"
+ "nmsgopro" "GoProto Protocol Driver for NMS" "Gteko Ltd." "c:\windows\system32\drivers\nmsgopro.sys"
+ "nmsunidr" "GUniDriver" "Gteko Ltd." "c:\windows\system32\drivers\nmsunidr.sys"
+ "nvlddmkm" "NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 182.24 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "PCDSRVC{E9D79540-57D5953E-06020101}_0" "" "" "File not found: c:\program files\dell support center\pcdsrvc.pkms"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "R300" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "RTL8187" "NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NDIS Driver" "NETGEAR Inc." "c:\windows\system32\drivers\wg111v2.sys"
+ "RTLWUSB" "NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NDIS Driver" "NETGEAR Inc." "c:\windows\system32\drivers\wg111v2.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv.sys"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil.sys"
+ "SDDMI2" "" "" "File not found: C:\Windows\system32\DDMI2.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\nav\1307010.005\srtsp.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\nav\1307010.005\srtspx.sys"
+ "STHDA" "NDRC" "SigmaTel, Inc." "c:\windows\system32\drivers\stwrt.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\nav\1307010.005\symds.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\nav\1307010.005\symefa.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent.sys"
+ "SYMFW" "" "" "File not found: C:\Windows\System32\Drivers\NAV\1008000.029\SYMFW.SYS"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\nav\1307010.005\ironx86.sys"
+ "SYMNDISV" "" "" "File not found: C:\Windows\System32\Drivers\NAV\1008000.029\SYMNDISV.SYS"
+ "SYMTDIv" "Network Dispatch Driver" "Symantec Corporation" "c:\windows\system32\drivers\nav\1307010.005\symtdiv.sys"
+ "TSHWMDTCP" "" "" "c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_cnxt.sys"
+ "XAudio" "Modem Audio Device Driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.3IV2" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\windows\system32\3ivxvfwcodec.dll"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\system32\vp6vfw.dll"
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\system32\vp6vfw.dll"
+ "vidc.VP62" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\system32\vp6vfw.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "3ivx Decoder Filter" "3ivx MPEG-4 5.0.3 DirectShow Video Decoder" "3ivx Technologies Pty. Ltd." "c:\program files\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideodecoder.ax"
+ "3ivx Media Muxer" "3ivx MPEG-4 5.0.3 DirectShow Media Muxer" "3ivx Technologies Pty. Ltd." "c:\program files\3ivx\3ivx mpeg-4 5.0.3\3ivxdsmediamux.ax"
+ "3ivx Media Splitter" "3ivx MPEG-4 5.0.3 DirectShow Media Splitter" "3ivx Technologies Pty. Ltd." "c:\program files\3ivx\3ivx mpeg-4 5.0.3\3ivxdsmediasplitter.ax"
+ "3ivx MPEG-4 Video Encoder" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\program files\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideoencoder.ax"
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "DivX Video Encoder (3ivx)" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\program files\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideoencoder.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Intel DVRMS TrickMode Filter" "Intel ® TSDVRMSTrickMode Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\tsdvrmstrickmode.ax"
+ "Intel Metadata Skipper" "Metadata Skipper" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\metaskipper.ax"
+ "Intel Pull Mode MPEG2 Transcoder" "Intel ® WLTranscoder Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\wltranscoder.ax"
+ "Intel Transport Sink Filter" "Intel ® Transport Sink Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\tstransportsink.ax"
+ "Intel Video Transcoder" "Intel ® Video Transcoder Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\tstranscoder.ax"
+ "Intel WMV Source Filter" "Intel ® WMV Source Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\tswmvreader.ax"
+ "Intel® IPP AAC Decoder" "Intel® AAC Decoder Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_aac_dec_filter.ax"
+ "Intel® IPP AAC Parser" "Intel® AAC Splitter Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_aac_spl_filter.ax"
+ "Intel® IPP Audio Resampling" "Intel® Audio Resampling Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_audio_resampl_filter.ax"
+ "Intel® IPP AVI Splitter" "Intel® AVI Splitter Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_avi_spl_filter.ax"
+ "Intel® IPP MP3 Decoder" "Intel® MP3 Decoder Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_mp3_dec_filter.ax"
+ "Intel® IPP MP4 Splitter" "Intel® MPEG4 Splitter Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_mpeg4_spl_filter.ax"
+ "Intel® IPP MPEG-4 Decoder" "Intel® MPEG4 Decoder Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_mpeg4_dec_filter.ax"
+ "Intel® IPP VOB Source Filter" "Intel® vob source filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_vob_source_filter.ax"
+ "Ligos Audio Decoder Filter" "Ligos MPEG Audio Decoder" "Ligos Corporation" "c:\windows\system32\lmpgac3.ax"
+ "Ligos D-10 Parser" "Ligos D-10 MPEG Parser" "Ligos Corporation" "c:\windows\system32\lmpgd10.ax"
+ "Ligos MPEG Splitter" "Ligos Transport Stream Splitter" "Ligos Corporation" "c:\windows\system32\lmpgtspl.ax"
+ "Ligos MPEG Splitter" "Ligos MPEG Splitter" "Ligos Corporation" "c:\windows\system32\lmpgspl.ax"
+ "Ligos MPEG Video Decoder" "Ligos MPEG Video Decoder" "Ligos Corporation" "c:\windows\system32\lmpgvd.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmwriter.ax"
+ "MainConcept (Sonic) DV Video Decoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"
+ "MainConcept (Sonic) DV Video Encoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mediaanalyser.ax"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "PDFrameGrabFilter" "FrameGrabFilter" "" "c:\program files\flip video\flipshare\framegrabfilter.ax"
+ "PDT IPP AAC Encoder" "" "" "c:\program files\flip video\flipshare\ipp6_0_aacencoder.ax"
+ "PDT IPP H264 Encoder" "IPPH264Encoder" "" "c:\program files\flip video\flipshare\ipph264encoder.ax"
+ "PDT IPP MP4 Muxer" "IPPMP4Muxer" "" "c:\program files\flip video\flipshare\ippmp4muxer.ax"
+ "PDT IPP MP4 Splitter" "IPPMp4Splitter" "" "c:\program files\flip video\flipshare\ippmp4splitter.ax"
+ "PDT IPP MPEG Audio Decoder" "IPPMPEGAudioDecoder" "" "c:\program files\flip video\flipshare\ippmpegaudiodecoder.ax"
+ "PDT IPP Video Decoder" "IPPVideoDecoder" "" "c:\program files\flip video\flipshare\ippvideodecoder.ax"
+ "PDT Resize and Letterbox Filter" "PurpleComposite" "" "c:\program files\flip video\flipshare\purplecomposite.ax"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "PSI Parser" "" "" "c:\program files\roxio\videocore 9\psiparser.ax"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Roxio Audio Decoder (DVD)" "ROXIO Audio Decoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiodvdaudio.dll"
+ "ROXIO Audio Source 3.0" "VW Audio Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\audiosrc.ax"
+ "ROXIO Audio VCFChunker 3.0" "Chunker Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\chunker.ax"
+ "ROXIO Audio VCFLooper 3.0" "Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\looper.ax"
+ "ROXIO AudioConvert 3.0" "AudioConvert Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audconv.ax"
+ "ROXIO AudioGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO ColorSpace Converter 3.0" "ROXIO Color Space Converter" "Sonic Solutions" "c:\program files\roxio\videocore 9\colorspconv.dll"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "roxio DCFilters Audio Sync Filter 2" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Dragons Lair" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVD Muxer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Reader" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Splitter" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Mpeg I/II Decoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Smart Resizer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Subpicture Mixer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "ROXIO Deinterlace 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\deinter.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO Image/Colour Source 3.0" "Colour Frame Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\imagesource.ax"
+ "ROXIO ListImage Source 3.0" "ListFrameSource" "Sonic Solutions" "c:\program files\roxio\videocore 9\listimagesource.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmasync.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\panzoom.ax"
+ "ROXIO Pin Tee" "" "" "c:\program files\roxio\videocore 9\roxioinftee.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "ROXIO QT Source" "QuickTime Loader" "Sonic Solutions" "c:\program files\roxio\videocore 9\qtsource.ax"
+ "ROXIO QuickGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenedetector.ax"
+ "ROXIO SceneRecorder 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenerecorderfilt.ax"
+ "ROXIO Simple Dump 3.0" "Simple Dump Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\rxsimpledump.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAudioMixer 3.0" "AudioFlt Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audmf.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvscenedetectfilt.ax"
+ "ROXIO VCFLatency 3.0" "Latency Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\latency.ax"
+ "ROXIO VCFpeakmeter 3.0" "Peakmeter Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\peakmeter.ax"
+ "ROXIO VCFVideoCutList 3.0" "Video CutList Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vcutlist.ax"
+ "ROXIO VCFWaveform 1.0" "Waveform Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\waveform.ax"
+ "ROXIO Video Resampler 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vresamfilt.ax"
+ "ROXIO Video VCFLooper 3.0" "Video Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\vlooper.ax"
+ "ROXIO VideoCombine 3.0" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\videocombine.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobloader.ax"
+ "ROXIO WAV Dest 3.0" "MGI Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\wavhead.ax"
+ "Samsung Video Encoder (3ivx)" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\program files\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideoencoder.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files\roxio\videocore 9\mvwcdsutil.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic MPEG Audio Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG Video Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc" "c:\program files\common files\sonic shared\sonicmc01\sonicm2vd.ax"
+ "Sonic MPEG-4 Video Decoder" "Sonic Mpeg-4 Video Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicm4vd.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCG Video Mixer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCGImageSource" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VW Input Selector" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "VW Input Selector 2" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "{1AD512C6-24AF-4395-82B4-2D3CF21F44A2}" "Roxio MP3 Encoder Dynamic Link Library" "Roxio" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "{472C92F0-5438-423D-9B30-FD2932EA44EE}" "Roxio Audio Source Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiosource.ax"
+ "{58FF69ED-8388-483B-B9AC-3EB04BBEB913}" "Roxio Audio Stream Reader Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamreader.ax"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders" "" "" ""
+ "msansspc.dll" "" "" "File not found: msansspc.dll"
"C:\Users\Mike\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Gadget.xml"
+ "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Gadget.xml"
+ "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Gadget.xml"
+ "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Gadget.xml"
+ "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Gadget.xml"
+ "Norton AntiVirus" "Protect your computer against viruses, spyware, and more." "Symantec Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Norton.Gadget\en-US\Gadget.xml"



What should i do about the JRT?

#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:10 PM

Posted 10 October 2012 - 04:22 PM

For now I highly suggest that you remove norton from this machine.
Run the Norton removal tool.
http://download1us.softpedia.com/dl/77e18d6920df3818325497842c11f7e1/5075d5bc/100026173/software/tweak/Norton_Removal_Tool.exe

reboot and install avast free.
http://www.filehippo.com/download_avast_antivirus/download/1b94c71a1cf72c7d7c77d647fc834999/

You can re-install Norton later if you wish.


After you remove norton run the JRT :)

Download Hitman Pro .
http://dl.surfright.nl/HitmanPro36.exe
Start the scan Go to setings.
Un-tick Scan for tracking Cookies.
Go back to scan Tab
Select ok
Then Next
No I only want to perform a one time scan to check this computer.
Enter your email to register.
Next.
After the scan make sure to select quarantine found threats.
Then select activate free license then follow the prompts.
Reboot your machine.

#13 Aceshigh24

Aceshigh24
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:10 PM

Posted 10 October 2012 - 09:43 PM

Here is the log for JRT:



*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{9afb8248-617f-460d-9366-d71cdeda3179}
Successfully deleted: [KEY] hkey_classes_root\clsid\{e5c66dd8-308b-4a4f-af0a-3d04f25b5343}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{e5c66dd8-308b-4a4f-af0a-3d04f25b5343}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{e5c66dd8-308b-4a4f-af0a-3d04f25b5343}
Successfully deleted: [KEY] "hkey_current_user\software\microsoft\babylon"
Successfully deleted: [KEY] "hkey_local_machine\software\google\chrome\extensions\kincjchfokkeneeofpeefomkikfkiedl"



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired

Successfully deleted: [user.js] from C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\xcku28mm.default


*** Event Viewer Logs - Cleared


Here is the log for HitmanPro:



HitmanPro 3.6.2.171
www.hitmanpro.com

Computer name . . . . : MIKE-PC
Windows . . . . . . . : 6.0.2.6002.X86/2
User name . . . . . . : Mike-PC\Mike
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free

Scan date . . . . . . : 2012-10-10 19:05:55
Scan mode . . . . . . : Normal
Scan duration . . . . : 24m 52s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No

Threats . . . . . . . : 19
Traces . . . . . . . : 28

Objects scanned . . . : 3,289,879
Files scanned . . . . : 291,524
Remnants scanned . . : 1,604,695 files / 1,393,660 keys

Malware _____________________________________________________________________

C:\Program Files\OApps\bho.dll
Size . . . . . . . : 92,160 bytes
Age . . . . . . . : 0.1 days (2012-10-10 16:29:49)
Entropy . . . . . : 6.2
SHA-256 . . . . . : 438B343818B20DBF60DE965C0DD8F4B4A857F9097A60561FED40D9B244606713
Product . . . . . : SelectionLinks
Publisher . . . . : SelectionLinks
Version . . . . . : 1.0.0.1
Copyright . . . . : All rights reserved.
Gossip . . . . . . : OApps
> G Data . . . . . . : Trojan.Generic.KD.731175 (Engine A)
> Ikarus . . . . . . : Win32.AdWare!IK
Fuzzy . . . . . . : 103.0
Startup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F90A5A0D-CD98-49CC-9AA7-9CD11C7478BF}\
References
HKLM\SOFTWARE\Classes\CLSID\{F90A5A0D-CD98-49CC-9AA7-9CD11C7478BF}\

C:\Program Files\PricePeep\pricepeep.dll
Size . . . . . . . : 497,008 bytes
Age . . . . . . . : 0.1 days (2012-10-10 16:30:03)
Entropy . . . . . : 6.2
SHA-256 . . . . . : D43F8FE4CA2BA7E220A68DD9D09463AC79DD69E66ED0D384CB21AAD62069E27A
Product . . . . . : PricePeep
Publisher . . . . : PricePeep
Description . . . : PricePeep
Version . . . . . : 2.1.322.0
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> DrWeb . . . . . . : Infected
Fuzzy . . . . . . : 91.0
Startup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}\
References
HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}\
HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1\
HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho\
HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}\
HKU\S-1-5-21-3854944685-3614636560-2105152113-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}\

C:\Program Files\Zoom Downloader\uninstall.exe
Size . . . . . . . : 2,500,096 bytes
Age . . . . . . . : 0.1 days (2012-10-10 16:30:19)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 9CA011E741AB62DC7154537B9F446E612030C807750D047732EB665A82FC3C08
Product . . . . . : UACInstaller
Publisher . . . . : Microsoft
Description . . . : UACInstaller
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © Microsoft 2010
> DrWeb . . . . . . : Infected
Fuzzy . . . . . . : 102.0
References
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom Downloader\Uninstall Zoom Downloader.lnk

C:\Users\Mike\AppData\Local\Temp\DownloadManager_Installer.exe
Size . . . . . . . : 2,500,096 bytes
Age . . . . . . . : 0.1 days (2012-10-10 16:30:04)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 9CA011E741AB62DC7154537B9F446E612030C807750D047732EB665A82FC3C08
Product . . . . . : UACInstaller
Publisher . . . . : Microsoft
Description . . . : UACInstaller
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © Microsoft 2010
> DrWeb . . . . . . : Infected
Fuzzy . . . . . . : 110.0

C:\Users\Mike\Downloads\Setup.exe
Size . . . . . . . : 695,392 bytes
Age . . . . . . . : 0.1 days (2012-10-10 16:28:29)
Entropy . . . . . : 6.5
SHA-256 . . . . . : B3A7669D8241E79CC334631AC85FED6993D9FD2D7D6243FB3D9FA8AB48EA317C
Product . . . . . : OptimumInstaller
Publisher . . . . : OptimumInstaller
Description . . . : DownloadManager
Version . . . . . : 2.0.16
RSA Key Size . . . : 1024
Authenticode . . . : Valid
> DrWeb . . . . . . : Infected
Fuzzy . . . . . . : 95.0


Malware remnants ____________________________________________________________

C:\Program Files\PricePeep\ (Adware.ClickPotato)
C:\Program Files\PricePeep\installer.ico (Adware.ClickPotato)
C:\Program Files\PricePeep\pricepeep.crx (Adware.ClickPotato)
C:\Program Files\PricePeep\uninstall.exe (Adware.ClickPotato)
Size . . . . . . . : 86,395 bytes
Age . . . . . . . : 0.1 days (2012-10-10 16:30:03)
Entropy . . . . . : 7.1
SHA-256 . . . . . : C0F1A426E5AC972EF5DDC61D5ED2858F3D98960776D84E0937EBD9E6A57C71A0
Fuzzy . . . . . . : 6.0

HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}\ (Adware.ClickPotato)
HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}\ (Adware.ClickPotato)
HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}\ (Adware.ClickPotato)
HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}\ (Adware.ClickPotato)
HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1\ (Adware.ClickPotato)
HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho\ (Adware.ClickPotato)
HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}\ (Adware.ClickPotato)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}\ (Adware.ClickPotato)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep\ (Adware.ClickPotato)
HKU\S-1-5-21-3854944685-3614636560-2105152113-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}\ (Adware.ClickPotato)


There you go!

#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:10 PM

Posted 10 October 2012 - 09:47 PM

You removed the threats from hitman pro correct.
Can you now open add remove programs?

#15 Aceshigh24

Aceshigh24
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:10 PM

Posted 10 October 2012 - 10:05 PM

No i still can't open it! Dang it!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users