Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ibsvc, cannot remove, popups!, slow flash player, and more!!


  • Please log in to reply
9 replies to this topic

#1 nfaulky1

nfaulky1

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 19 February 2013 - 10:35 PM

 Constant popup asking permission for installbrain installer. Searched advice said to remove from temp files and access was denied on administrative account, Found it in c,programdata, ibupdaterservice.

 Dismally slow puter, please help.



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 AM

Posted 19 February 2013 - 10:43 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 nfaulky1

nfaulky1
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 20 February 2013 - 07:21 AM

 
 
Thank you for the quick response, much appreciated.
 
 There were no threats found by TDSSKILLER.
 
 
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-19 23:14:01
-----------------------------
23:14:01.027    OS Version: Windows x64 6.1.7601 Service Pack 1
23:14:01.027    Number of processors: 1 586 0x170A
23:14:01.028    ComputerName: COMPUTER  UserName: Owner
23:14:02.144    Initialize success
23:18:23.885    AVAST engine defs: 13021902
23:18:53.084    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:18:53.087    Disk 0 Vendor: TOSHIBA_ GJ00 Size: 238475MB BusType: 3
23:18:53.105    Disk 0 MBR read successfully
23:18:53.108    Disk 0 MBR scan
23:18:53.116    Disk 0 unknown MBR code
23:18:53.130    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          199 MB offset 2048
23:18:53.142    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       218854 MB offset 409600
23:18:53.173    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        19317 MB offset 448622592
23:18:53.202    Disk 0 Partition 4 00     0C    FAT32 LBA MSDOS5.0      103 MB offset 488183808
23:18:53.254    Disk 0 scanning C:\Windows\system32\drivers
23:19:06.709    Service scanning
23:19:59.899    Modules scanning
23:19:59.912    Disk 0 trace - called modules:
23:19:59.955    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys 
23:20:00.186    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002743060]
23:20:00.195    3 CLASSPNP.SYS[fffff880015d043f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80022ff050]
23:20:01.193    AVAST engine scan C:\Windows
23:20:03.417    AVAST engine scan C:\Windows\system32
23:24:17.413    AVAST engine scan C:\Windows\system32\drivers
23:24:38.924    AVAST engine scan C:\Users\Owner
23:32:36.242    AVAST engine scan C:\ProgramData
23:33:53.656    Scan finished successfully
23:35:06.926    Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
23:35:06.938    The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"
 
ESET results;
 
C:\Program Files (x86)\FrostWire 5\frostwire-installer.exe    multiple threats    cleaned by deleting - quarantined
C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll    a variant of Win32/Adware.Yontoo.A application    cleaned by deleting - quarantined
C:\ProgramData\IBUpdaterService\ibsvc.exe    a variant of Win32/InstallBrain.A application    cleaned by deleting (after the next restart) - quarantined
C:\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    cleaned by deleting - quarantined
C:\Users\GRAMMA\Downloads\MyTopFreeGames_UnlockGames (1).exe    a variant of Win32/OpenInstall application    cleaned by deleting - quarantined
C:\Users\GRAMMA\Downloads\MyTopFreeGames_UnlockGames (2).exe    a variant of Win32/OpenInstall application    cleaned by deleting - quarantined
C:\Users\GRAMMA\Downloads\MyTopFreeGames_UnlockGames.exe    a variant of Win32/OpenInstall application    cleaned by deleting - quarantined
C:\Users\GRAMMA\Downloads\slot-machine.exe    a variant of Win32/InstallCore.AL application    cleaned by deleting - quarantined
C:\Users\Jackson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2ZEJ2ORE\funny-zombie-run-for-your-life[1].htm    HTML/ScrInject.B.Gen virus    deleted - quarantined
C:\Users\Owner\AppData\Local\TempDIR\BetterInstaller.exe    a variant of Win32/Somoto.A application    cleaned by deleting - quarantined
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\wus0k8ht.default\extensions\plugin@yontoo.com\content\overlay.js    Win32/Adware.Yontoo application    cleaned by deleting - quarantined
C:\Users\Owner\Documents\audacity_app_1220.exe    a variant of Win32/InstallIQ application    cleaned by deleting - quarantined
C:\Users\Owner\Downloads\3GP-Player.exe    Win32/InstallMonetizer.AF application    cleaned by deleting - quarantined
C:\Users\Owner\Downloads\BestVideoDownloaderSetup.exe    multiple threats    cleaned by deleting - quarantined
C:\Users\Owner\Downloads\etype_setup (1).exe    a variant of Win32/InstallBrain application    cleaned by deleting - quarantined
C:\Users\Owner\Downloads\etype_setup.exe    a variant of Win32/InstallBrain application    cleaned by deleting - quarantined
C:\Users\Owner\Downloads\frostwire-5.3.4.windows.exe    multiple threats    cleaned by deleting - quarantined
C:\Users\Owner\Downloads\InstallFreeRARExtractFrog.exe    multiple threats    cleaned by deleting - quarantined
C:\Users\Owner\Downloads\lebrons-basketball-dunk (1).exe    a variant of Win32/InstallCore.J application    deleted - quarantined
C:\Users\Owner\Downloads\lebrons-basketball-dunk (2).exe    a variant of Win32/InstallCore.J application    deleted - quarantined
C:\Users\Owner\Downloads\lebrons-basketball-dunk (3).exe    a variant of Win32/InstallCore.J application    deleted - quarantined
C:\Users\Owner\Downloads\lebrons-basketball-dunk.exe    a variant of Win32/InstallCore.J application    deleted - quarantined
C:\Users\Owner\Downloads\playpickle-setup (1).exe    multiple threats    cleaned by deleting - quarantined
C:\Users\Owner\Downloads\playpickle-setup.exe    multiple threats    cleaned by deleting - quarantined
C:\Users\Owner\Downloads\setup_643734.exe    multiple threats    deleted - quarantined
 
 Thanks again for your help narenxp.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 AM

Posted 20 February 2013 - 07:24 AM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log


 



#5 nfaulky1

nfaulky1
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 20 February 2013 - 07:32 AM

 Did AVG miss all these infections or do I need another program besides Zonealarm and Avg?



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 AM

Posted 20 February 2013 - 07:33 AM

We will take about it after finishing our scans.No AV can remove all type of infections.Every security software has its own advantages and disadvantages.



#7 nfaulky1

nfaulky1
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 20 February 2013 - 09:30 AM

 
 
 
 
 
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.02.20.01
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Owner :: COMPUTER [administrator]
 
2/20/2013 7:46:55 AM
mbam-log-2013-02-20 (07-46-55).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 306697
Time elapsed: 6 minute(s), 36 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\Users\Owner\AppData\Local\Temp\NODCABC.tmp (PUP.BundleInstaller.IB) -> Quarantined and deleted successfully.
 
(end)
 
.
 
 
 
 
.MiniToolBox by Farbar  Version:10-01-2013
Ran by Owner (administrator) on 20-02-2013 at 08:10:30
Running from "C:\Users\Owner\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Ralink RT5390 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Computer
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : netgear.com
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : EC-55-F9-18-8F-99
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : netgear.com
   Description . . . . . . . . . . . : Ralink RT5390 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : EC-55-F9-18-8F-98
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::2d17:e3:c07:32ca%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.254.33(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, February 20, 2013 7:59:37 AM
   Lease Expires . . . . . . . . . . : Thursday, February 21, 2013 7:59:36 AM
   Default Gateway . . . . . . . . . : 192.168.254.254
   DHCP Server . . . . . . . . . . . : 192.168.254.254
   DHCPv6 IAID . . . . . . . . . . . : 334255609
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-E7-FD-35-98-4B-E1-C5-99-95
   DNS Servers . . . . . . . . . . . : 192.168.254.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : netgear.com
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 98-4B-E1-C5-99-95
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{11911663-0DEA-4370-A039-D307D2E266D9}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.netgear.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : netgear.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:408:894:52ab:2ace(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::408:894:52ab:2ace%13(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dslrouter.netgear.com
Address:  192.168.254.254
 
Name:    google.com
Addresses:  2607:f8b0:4004:800::100e
      74.125.228.3
      74.125.228.4
      74.125.228.5
      74.125.228.6
      74.125.228.7
      74.125.228.8
      74.125.228.9
      74.125.228.14
      74.125.228.0
      74.125.228.1
      74.125.228.2
 
 
Pinging google.com [74.125.228.2] with 32 bytes of data:
Reply from 74.125.228.2: bytes=32 time=121ms TTL=55
Reply from 74.125.228.2: bytes=32 time=44ms TTL=55
 
Ping statistics for 74.125.228.2:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 44ms, Maximum = 121ms, Average = 82ms
Server:  dslrouter.netgear.com
Address:  192.168.254.254
 
Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=209ms TTL=52
Reply from 98.138.253.109: bytes=32 time=248ms TTL=52
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 209ms, Maximum = 248ms, Average = 228ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 4ms, Average = 2ms
===========================================================================
Interface List
 19...ec 55 f9 18 8f 99 ......Microsoft Virtual WiFi Miniport Adapter
 12...ec 55 f9 18 8f 98 ......Ralink RT5390 802.11b/g/n WiFi Adapter
 10...98 4b e1 c5 99 95 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.254.254   192.168.254.33     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
    192.168.254.0    255.255.255.0         On-link    192.168.254.33    281
   192.168.254.33  255.255.255.255         On-link    192.168.254.33    281
  192.168.254.255  255.255.255.255         On-link    192.168.254.33    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    192.168.254.33    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    192.168.254.33    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:4137:9e76:408:894:52ab:2ace/128
                                    On-link
 12    281 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::408:894:52ab:2ace/128
                                    On-link
 12    281 fe80::2d17:e3:c07:32ca/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/20/2013 07:59:39 AM) (Source: HP Client Services) (User: )
Description: HP Client Services could not start due to configuration is not available.
 
Error: (02/20/2013 07:40:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/20/2013 02:43:20 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/19/2013 11:48:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/19/2013 11:48:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/19/2013 11:48:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/19/2013 11:47:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/19/2013 10:56:47 PM) (Source: HP Client Services) (User: )
Description: HP Client Services could not start due to configuration is not available.
 
Error: (02/18/2013 06:49:35 PM) (Source: HP Client Services) (User: )
Description: HP Client Services could not start due to configuration is not available.
 
Error: (02/15/2013 04:27:50 PM) (Source: HP Client Services) (User: )
Description: HP Client Services could not start due to configuration is not available.
 
 
System errors:
=============
Error: (02/20/2013 08:00:04 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
StarOpen
 
Error: (02/20/2013 07:59:41 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (02/20/2013 07:59:39 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (02/20/2013 07:59:03 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\StarOpen.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (02/19/2013 10:57:11 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
StarOpen
 
Error: (02/19/2013 10:56:47 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (02/19/2013 10:56:44 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (02/19/2013 10:56:02 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\StarOpen.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (02/19/2013 06:02:55 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
 
Error: (02/19/2013 05:14:50 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
 
Microsoft Office Sessions:
=========================
Error: (02/20/2013 07:59:39 AM) (Source: HP Client Services)(User: )
Description: HP Client Services could not start due to configuration is not available.
 
Error: (02/20/2013 07:40:37 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\esetsmartinstaller_enu.exe
 
Error: (02/20/2013 02:43:20 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (02/19/2013 11:48:20 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
 
Error: (02/19/2013 11:48:09 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
 
Error: (02/19/2013 11:48:09 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
 
Error: (02/19/2013 11:47:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
 
Error: (02/19/2013 10:56:47 PM) (Source: HP Client Services)(User: )
Description: HP Client Services could not start due to configuration is not available.
 
Error: (02/18/2013 06:49:35 PM) (Source: HP Client Services)(User: )
Description: HP Client Services could not start due to configuration is not available.
 
Error: (02/15/2013 04:27:50 PM) (Source: HP Client Services)(User: )
Description: HP Client Services could not start due to configuration is not available.
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-19 21:13:01.309
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-19 19:01:01.002
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-19 18:28:57.595
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-19 18:21:10.353
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-19 16:56:48.924
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-19 16:24:54.336
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-19 16:16:21.061
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-19 11:00:34.362
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-19 07:30:59.153
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-19 07:23:11.718
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
3GP Player 2011 (Version: 1.3)
Adobe AIR (Version: 2.0.2.12610)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Adobe Flash Player 11 Plugin (Version: 11.6.602.168)
Adobe Reader XI (11.0.01) (Version: 11.0.01)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
aioprnt (Version: 5.3.1.0)
aioscnnr (Version: 7.6.11.10)
Andrea Electronics AudioCommander
Andrea Electronics USB Audio
Andrea Electronics VoiceCenter
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.2639)
AVG 2013 (Version: 13.0.2805)
AVG 2013 (Version: 13.0.2890)
AVG 2013 (Version: 13.0.2897)
AVG 2013 (Version: 13.0.2899)
AVG 2013 (Version: 2013.0.2899)
AVG Security Toolbar (Version: 14.2.0.1)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 7.1.361.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Blio (Version: 2.2.7689)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
C4USelfUpdater (Version: 1.00.0000)
Cake Mania (Version: 2.2.0.95)
center (Version: 6.2.5.0)
Chuzzle Deluxe (Version: 2.2.0.95)
Compaq Setup Manager (Version: 1.0.12844.3519)
Coupon Printer for Windows (Version: 5.0.0.0)
CyberLink DVD Suite (Version: 7.0.3320)
CyberLink MediaShow (Version: 5.0.1920)
CyberLink PowerDVD 9 (Version: 9.0.1.4604)
D3DX10 (Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
Energy Star Digital Logo (Version: 1.0.1)
Escape Rosecliff Island (Version: 2.2.0.95)
ESET Online Scanner v3
essentials (Version: 6.0.14.0)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Evernote v. 4.6 (Version: 4.6.0.7670)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
Free RAR Extract Frog (Version: 4.70)
FrostWire 5.3.4 (Version: 5.3.4.0)
Google Chrome (Version: 24.0.1312.57)
Google Drive (Version: 1.7.4018.3496)
Google Earth (Version: 6.1.0.5001)
Google Talk (remove only)
Google Talk Plugin (Version: 3.13.2.11592)
Google Update Helper (Version: 1.3.21.135)
GyroTools GO Edition (Version: 1.0)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HP Auto (Version: 1.0.12494.3472)
HP Client Services (Version: 1.0.12656.3472)
HP CloudDrive
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Deskjet 1000 J110 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 1000 J110 series Help (Version: 140.0.65.65)
HP Documentation (Version: 1.1.2.1)
HP Game Console
HP Games (Version: 1.0.1.5)
HP MovieStore (Version: 1.0.023)
HP Photo Creations (Version: 1.0.0.4042)
HP Power Manager (Version: 1.1.2)
HP Quick Launch (Version: 2.3.6)
HP Setup (Version: 8.4.4400.3525)
HP Software Framework (Version: 4.0.108.1)
HP Support Assistant (Version: 7.0.39.15)
HP Update (Version: 5.002.006.003)
HP Wireless Assistant (Version: 4.0.10.0)
iLivid (Version: 1.92.0.117387)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2086)
Intel® Rapid Storage Technology (Version: 9.6.2.1001)
Internet TV for Windows Media Center (Version: 4.2.2.0)
Java 7 Update 13 (Version: 7.0.130)
Java Auto Updater (Version: 2.1.9.0)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Kodak AIO Printer (Version: 7.0.3.0)
KODAK AiO Software (Version: 7.6.12.20)
LabelPrint (Version: 2.5.3220)
LastPass (uninstall only)
LightScribe System Software (Version: 1.18.18.1)
magicJack (Version: 2.0.6073.4252)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
MP3 To Ringtone Gold 8.7
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Manager
Mystery P.I. - The London Caper (Version: 2.2.0.95)
Netflix in Windows Media Center (Version: 3.3.101.0)
Norton Online Backup (Version: 2.1.17869)
NVIDIA PhysX (Version: 9.09.0203)
ocr (Version: 6.2.3.50)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.7717)
Picasa 3 (Version: 3.8)
Plants vs. Zombies (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4419)
PowerDirector (Version: 8.0.3320)
PreReq (Version: 6.2.4.0)
PrintProjects (Version: 1.0.0.10712)
PunkBuster Services (Version: 0.989)
QuickTime (Version: 7.73.80.64)
Ralink RT2860 Wireless LAN Card (Version: 3.1.13.0)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.18.322.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6206)
Recovery Manager (Version: 5.5.3223)
RoxioNow Player (Version: 1.9.5.101)
RtVOsd (Version: 1.0.6)
Samsung Mobile phone USB driver Drive Software
Samsung PC Studio 3 (Version: 3.0.0.80206)
Samsung PC Studio 3 (Version: 3.2.3.90502)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.850.0)
Stamps.com
Stamps.com (Version: 9.6.1.2323)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.3.29.0)
Times Reader (Version: 2.055)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Updater Service (Version: 11,6,20,2)
VC 9.0 Runtime (Version: 1.0.0)
Virtual Families (Version: 2.2.0.95)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Wheel of Fortune 2 (Version: 2.2.0.95)
Windows iLivid Toolbar (Version: 3.0.0.117286)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0)
World of Warcraft (Version: 4.3.4.15595)
Xmarks for IE (Version: 127.0.160)
Xmarks Thumbnails for IE (Version: 1.0.12)
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)
ZoneAlarm Firewall (Version: 11.0.000.018)
ZoneAlarm Free Firewall (Version: 11.0.000.018)
ZoneAlarm LTD Toolbar
ZoneAlarm Security (Version: 11.0.000.018)
ZoneAlarm Security Toolbar 
Zuma Deluxe (Version: 2.2.0.95)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 74%
Total physical RAM: 1978.92 MB
Available physical RAM: 512.64 MB
Total Pagefile: 3957.84 MB
Available Pagefile: 1930.21 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.21 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:213.72 GB) (Free:156.62 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:18.86 GB) (Free:18.76 GB) NTFS
3 Drive e: (HP DJ1000_J110) (CDROM) (Total:0.14 GB) (Free:0 GB) CDFS
 
========================= Users: ========================================
 
User accounts for \\COMPUTER
 
Administrator            CAMP LEJEUNE             GRAMMA                   
Guest                    Jackson                  Owner                    
 
 
**** End of log ****
 
 
 
 
Farbar Service Scanner Version: 20-02-2013
Ran by Owner (administrator) on 20-02-2013 at 08:13:33
Running from "C:\Users\Owner\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Destination is offline
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
 
 
 
# AdwCleaner v2.112 - Logfile created 02/20/2013 at 08:17:26
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Owner - COMPUTER
# Boot Mode : Normal
# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\user.js
File Found : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Found : C:\Program Files (x86)\AVG Secure Search
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Program Files (x86)\Ilivid
Folder Found : C:\Program Files (x86)\Windows iLivid Toolbar
Folder Found : C:\Program Files (x86)\Yontoo Layers Runtime
Folder Found : C:\ProgramData\{08E30618-5D06-461B-BBD3-4ADFB0810824}
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\IBUpdaterService
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\CAMP LEJEUNE\AppData\Local\AVG Secure Search
Folder Found : C:\Users\CAMP LEJEUNE\AppData\LocalLow\searchquband
Folder Found : C:\Users\CAMP LEJEUNE\AppData\LocalLow\Searchqutoolbar
Folder Found : C:\Users\GRAMMA\AppData\Local\AVG Secure Search
Folder Found : C:\Users\GRAMMA\AppData\LocalLow\searchquband
Folder Found : C:\Users\GRAMMA\AppData\LocalLow\Searchqutoolbar
Folder Found : C:\Users\Jackson\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Jackson\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Jackson\AppData\LocalLow\searchquband
Folder Found : C:\Users\Jackson\AppData\LocalLow\Searchqutoolbar
Folder Found : C:\Users\Owner\AppData\Local\APN
Folder Found : C:\Users\Owner\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Owner\AppData\Local\Conduit
Folder Found : C:\Users\Owner\AppData\Local\Ilivid Player
Folder Found : C:\Users\Owner\AppData\Local\TempDir
Folder Found : C:\Users\Owner\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Owner\AppData\LocalLow\Conduit
Folder Found : C:\Users\Owner\AppData\LocalLow\searchquband
Folder Found : C:\Users\Owner\AppData\LocalLow\Searchqutoolbar
Folder Found : C:\Users\Owner\AppData\Roaming\eType
Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\wus0k8ht.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\wus0k8ht.default\extensions\plugin@yontoo.com
Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\wus0k8ht.default\extensions\specialsavings@superfish.com
Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\wus0k8ht.default\Searchqutoolbar
Folder Found : C:\Users\Owner\AppData\Roaming\PerformerSoft
 
***** [Registry] *****
 
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\DSNR Labs
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\ilivid
Key Found : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
Key Found : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2645238
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\ilivid
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\SearchquMediabarTb
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Tarma Installer
Key Found : HKU\S-1-5-21-1349691286-2269279888-4115724794-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKU\S-1-5-21-1349691286-2269279888-4115724794-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [specialsavings@superfish.com]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16464
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v18.0.2 (en-US)
 
File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\wus0k8ht.default\prefs.js
 
Found : user_pref("de.soerenrinne.googlebuttons.userlist", "Mail,Web Search,Maps,Calendar,Wave,Dashboard,Goo[...]
Found : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Found : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jht[...]
Found : user_pref("extensions.toolbar.mindspark._64Members_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Found : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=9F50E98D[...]
 
File : C:\Users\Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\igsnt4e5.default\prefs.js
 
[OK] File is clean.
 
File : C:\Users\GRAMMA\AppData\Roaming\Mozilla\Firefox\Profiles\kgy6e43u.default\prefs.js
 
[OK] File is clean.
 
File : C:\Users\CAMP LEJEUNE\AppData\Roaming\Mozilla\Firefox\Profiles\qz3vvfd6.default\prefs.js
 
[OK] File is clean.
 
-\\ Google Chrome v24.0.1312.57
 
File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
File : C:\Users\Jackson\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
File : C:\Users\GRAMMA\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
File : C:\Users\CAMP LEJEUNE\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [18017 octets] - [20/02/2013 08:17:26]
 
########## EOF - C:\AdwCleaner[R1].txt - [18078 octets] ##########
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.5 (02.18.2013:1)
OS: Windows 7 Home Premium x64
Ran by Owner on Wed 02/20/2013 at  8:22:07.38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{30f9b915-b755-4826-820b-08fba6bd249d} 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{95b7759c-8c7f-4bf1-b163-73684a933233} 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} 
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-1349691286-2269279888-4115724794-1001\software\microsoft\internet explorer\searchscopes\\DefaultScope
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] hkey_classes_root\escort.escortiepane
Successfully deleted: [Registry Key] hkey_classes_root\escort.escortiepane.1
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\cr_installer
Successfully deleted: [Registry Key] hkey_local_machine\software\datamngr
Successfully deleted: [Registry Key] hkey_current_user\software\dsnr labs
Successfully deleted: [Registry Key] hkey_current_user\software\ilivid
Successfully deleted: [Registry Key] hkey_local_machine\software\ilivid
Successfully deleted: [Registry Key] hkey_local_machine\software\searchqumediabartb
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\crossrider
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\searchqutoolbar
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\escort.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\escortapp.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\escorteng.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\escortlbr.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\esrv.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\scripthelper.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\viprotocol.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\yontooieclient.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\conduit.engine
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\s
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\yontooieclient.api
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\yontooieclient.api.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\yontooieclient.layers
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\searchqumediabar_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\searchqumediabar_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\wow6432node\microsoft\tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\wow6432node\microsoft\tracing\ilividsetupv1_rasmancs
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT2645238
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{fd72061e-9fde-484d-a58a-0bab4151cad8}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{fd72061e-9fde-484d-a58a-0bab4151cad8}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{2fa28606-de77-4029-af96-b231e3b8f827} 
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} 
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"
Successfully deleted: [File] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebay.lnk"
Successfully deleted: [File] "C:\Windows\syswow64\conduitengine.tmp"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Owner\AppData\Roaming\etype"
Successfully deleted: [Folder] "C:\Users\Owner\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Owner\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Owner\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\Owner\appdata\local\tempdir"
Failed to delete: [Folder] "C:\Users\Owner\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\searchquband"
Failed to delete: [Folder] "C:\Users\Owner\appdata\locallow\searchqutoolbar"
Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\televisionfanatic"
Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\televisionfanaticei"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\ilivid"
Successfully deleted: [Folder] "C:\Program Files (x86)\televisionfanaticei"
Successfully deleted: [Folder] "C:\Program Files (x86)\wi3c8a~1"
Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo layers runtime"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ilivid"
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\user.js
Successfully deleted: [File] C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\wus0k8ht.default\user.js
Successfully deleted: [Folder] C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\wus0k8ht.default\searchqutoolbar
Successfully deleted: [Folder] C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\wus0k8ht.default\extensions\plugin@yontoo.com
Successfully deleted: [Folder] C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\wus0k8ht.default\extensions\specialsavings@superfish.com
Successfully deleted: [Folder] C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\wus0k8ht.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully deleted: [Registry Value] hkey_current_user\software\mozilla\firefox\extensions\\specialsavings@superfish.com
Successfully deleted the following from C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\wus0k8ht.default\prefs.js
 
user_pref("de.soerenrinne.googlebuttons.userlist", "Mail,Web Search,Maps,Calendar,Wave,Dashboard,Google Shortcuts Settings,Maps - Map this,Voice,Web History,Picasa Web Albums,
user_pref("extensions.crossrider.bic", "13616c654a7f9d70b751df4948854935");
user_pref("extensions.mywebsearch.prevKwdEnabled", true);
user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=9F50E98D-59EC-47CC-9B7D-81CA17244F6A&n=77df21ef&ind=201111191
user_pref("extensions.toolbar.mindspark._64Members_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=9F50E98D-59EC-47CC-9B7D-81CA17244F6A&n=77df21ef&ptnrS=XPxdm044ADus&
user_pref("extensions.toolbar.mindspark._64Members_.initialized", true);
user_pref("extensions.toolbar.mindspark._64Members_.installation.installDate", "2011111919");
user_pref("extensions.toolbar.mindspark._64Members_.installation.partnerId", "XPxdm044ADus");
user_pref("extensions.toolbar.mindspark._64Members_.installation.partnerSubId", "CJ2eosO_wawCFQYBQAodng1drQ");
user_pref("extensions.toolbar.mindspark._64Members_.installation.success", true);
user_pref("extensions.toolbar.mindspark._64Members_.installation.toolbarId", "9F50E98D-59EC-47CC-9B7D-81CA17244F6A");
user_pref("extensions.toolbar.mindspark._64Members_.lastActivePing", "1334583525405");
user_pref("extensions.toolbar.mindspark._64Members_.options.defaultSearch", true);
user_pref("extensions.toolbar.mindspark._64Members_.options.homePageEnabled", false);
user_pref("extensions.toolbar.mindspark._64Members_.options.keywordEnabled", true);
user_pref("extensions.toolbar.mindspark._64Members_.options.tabEnabled", false);
user_pref("extensions.toolbar.mindspark._64Members_.recentlyClosed", "{\"list\":[{\"url\":\"hxxp://cellphones.about.com/od/softwarereviews/a/samsung-software-and-shareware.htm
user_pref("extensions.toolbar.mindspark._64Members_.searchHistory", "angry birds");
user_pref("extensions.toolbar.mindspark._64Members_.weather.isFahrenheit", "true");
user_pref("extensions.toolbar.mindspark._64Members_.weather.location", "44708");
user_pref("extensions.toolbar.mindspark.lastInstalled", "televisionfanatic@mindspark.com");
user_pref("extentions.y2layers.defaultEnableAppsList", "BestVideoDownloader,BestVideoDownloader,");
user_pref("extentions.y2layers.installId", "e4e48270-663a-4e44-9dec-48dd4e863dd9");
user_pref("extentions.y2layers.lastDnsTest", 370862);
user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=9F50E98D-59EC-47CC-9B7D-81CA17244F6A&n=77df21ef&ind=2011111919&id=XPxdm044ADus&ptnr
Emptied folder: C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\wus0k8ht.default\minidumps [6 files]
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\niapdbllcanepiiimjjndipklodoedlc
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 02/20/2013 at  8:38:48.68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
Rkill 2.4.7 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 02/20/2013 08:54:36 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (PID: 4180) [UP-HEUR]
 * C:\Users\Owner\AppData\Roaming\Google\Google Talk\googletalk.exe (PID: 4208) [UP-HEUR]
 * C:\Users\Owner\Desktop\AdwCleaner.exe (PID: 5012) [UP-HEUR]
 * C:\Users\Owner\Desktop\JRT.exe (PID: 4712) [UP-HEUR]
 
4 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]
 
Backup Registry file created at:
 C:\Users\Owner\Desktop\rkill\rkill-02-20-2013-08-54-47.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 02/20/2013 08:54:59 AM
Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)
 
 
 
 
 
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"    ""    ""    ""
+ "rdpclip"    ""    ""    "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "HotKeysCmds"    "hkcmd Module"    "Intel Corporation"    "c:\windows\system32\hkcmd.exe"
+ "HPWirelessAssistant"    ""    ""    "c:\program files\hewlett-packard\hp wireless assistant\delayedappstarter.exe"
+ "IgfxTray"    "igfxTray Module"    "Intel Corporation"    "c:\windows\system32\igfxtray.exe"
+ "ISW"    "ZoneAlarm Browser Security"    "Check Point Software Technologies"    "c:\program files\checkpoint\zaforcefield\forcefield.exe"
+ "Persistence"    "persistence Module"    "Intel Corporation"    "c:\windows\system32\igfxpers.exe"
+ "SynTPEnh"    "Synaptics TouchPad Enhancements"    "Synaptics Incorporated"    "c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "AudioCommanderVista"    "Andrea Devices Audio Control"    "Andrea Electronics Corporation"    "c:\program files\andrea electronics\audiocommander\audiocommander.exe"
+ "AVG_UI"    "AVG User Interface"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgui.exe"
+ "Conime"    ""    ""    "File not found: C:\Windows\system32\conime.exe"
+ "HP Software Update"    "hpwuSchd Application"    "Hewlett-Packard"    "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "QuickTime Task"    "QuickTime Task"    "Apple Inc."    "c:\program files (x86)\quicktime\qttask.exe"
+ "SunJavaUpdateSched"    "Java™ Update Scheduler"    "Sun Microsystems, Inc."    "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "VoiceCenter"    "Audio recording and playback"    "Andrea Electronics Corporation"    "c:\program files (x86)\andrea electronics\voicecenter\andreavc.exe"
+ "vProt"    "VProtect Application"    ""    "c:\program files (x86)\avg secure search\vprot.exe"
+ "ZoneAlarm"    "ZoneAlarm"    "Check Point Software Technologies LTD"    "c:\program files (x86)\checkpoint\zonealarm\zatray.exe"
"C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""
+ "EvernoteClipper.lnk"    "Evernote Clipper"    "Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041"    "c:\program files (x86)\evernote\evernote\evernoteclipper.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Google Chrome"    "Google Chrome"    "Google Inc."    "c:\program files (x86)\google\chrome\application\24.0.1312.57\installer\chrmstp.exe"
+ "LightScribe Control Panel"    ""    "Hewlett-Packard Company"    "c:\program files (x86)\common files\lightscribe\lsrunonce.exe"
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "BDAB3CD44D7D45EEC58DB422F61BD03E74CADA2F._service_run"    "Google Chrome"    "Google Inc."    "c:\users\owner\appdata\local\google\chrome\application\chrome.exe"
+ "cdloader"    "magicJack (cdloader2)"    "magicJack L.P."    "c:\users\owner\appdata\roaming\mjusbsp\cdloader2.exe"
+ "Google Update"    "Google Installer"    "Google Inc."    "c:\users\owner\appdata\local\google\update\googleupdate.exe"
+ "GoogleDriveSync"    "Google Drive"    "Google"    "c:\program files (x86)\google\drive\googledrivesync.exe"
+ "googletalk"    "Google Talk"    "Google"    "c:\users\owner\appdata\roaming\google\google talk\googletalk.exe"
+ "MusicManager"    "Music Manager"    "Google Inc."    "c:\users\owner\appdata\local\programs\google\musicmanager\musicmanager.exe"
+ "Sidebar"    "Windows Desktop Gadgets"    "Microsoft Corporation"    "c:\program files\windows sidebar\sidebar.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""
+ "linkscanner"    ""    ""    "File not found: C:\Program Files (x86)\AVG\AVG2012\avgppa.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "Zecter"    "ShellExt Dynamic Link Library"    "Versionate Inc."    "c:\program files (x86)\hewlett-packard\hp clouddrive\shellext64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgse.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui"    "igfxpph Module"    "Intel Corporation"    "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "Zecter"    "ShellExt Dynamic Link Library"    "Versionate Inc."    "c:\program files (x86)\hewlett-packard\hp clouddrive\shellext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AVG Shell Extension"    "AVG Shell Extension"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgse.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
+ "00Zecter"    "ShellExt Dynamic Link Library"    "Versionate Inc."    "c:\program files (x86)\hewlett-packard\hp clouddrive\shellext64.dll"
+ "01Zecter"    "ShellExt Dynamic Link Library"    "Versionate Inc."    "c:\program files (x86)\hewlett-packard\hp clouddrive\shellext64.dll"
+ "02Zecter"    "ShellExt Dynamic Link Library"    "Versionate Inc."    "c:\program files (x86)\hewlett-packard\hp clouddrive\shellext64.dll"
+ "03Zecter"    "ShellExt Dynamic Link Library"    "Versionate Inc."    "c:\program files (x86)\hewlett-packard\hp clouddrive\shellext64.dll"
+ "04Zecter"    "ShellExt Dynamic Link Library"    "Versionate Inc."    "c:\program files (x86)\hewlett-packard\hp clouddrive\shellext64.dll"
+ "GDriveBlacklistedOverlay"    "Google Drive shell extension"    "Google"    "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSharedOverlay"    "Google Drive shell extension"    "Google"    "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSyncedOverlay"    "Google Drive shell extension"    "Google"    "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSyncingOverlay"    "Google Drive shell extension"    "Google"    "c:\program files (x86)\google\drive\googledrivesync64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "AVG Safe Search"    ""    ""    "File not found: C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll"
+ "Java™ Plug-In 2 SSV Helper"    ""    ""    "File not found: C:\Program Files\Java\jre6\bin\jp2ssv.dll"
+ "LastPass Browser Helper Object"    "LastPass Toolbar"    "LastPass"    "c:\program files (x86)\lastpass\lpbar64.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "ZoneAlarm Security Engine Registrar"    "ZoneAlarm Browser Security"    "Check Point Software Technologies"    "c:\program files\checkpoint\zaforcefield\trustchecker\bin\trustcheckerieplugin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Safe Search"    ""    ""    "File not found: C:\Program Files (x86)\AVG\AVG2012\avgssie.dll"
+ "Bing Bar Helper"    "Bing Client Extensions"    "Microsoft Corporation."    "c:\program files (x86)\microsoft\bingbar\7.1.361.0\bingext.dll"
+ "HP Network Check Helper"    "HP Network Check IE Plug-in"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpnetworkcheck\hpnetworkcheckplugin.dll"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "LastPass Browser Helper Object"    "LastPass Toolbar"    "LastPass"    "c:\program files (x86)\lastpass\lpbar.dll"
+ "Skype Browser Helper"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "ThumbnailsBHO Class"    "Thumbnails Dynamic Link Library"    ""    "c:\program files (x86)\xmarks\thumbnails for ie\xmarksthumbnails.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Zonealarm Helper Object"    ""    "Montera Technologeis LTD"    "c:\program files (x86)\check point software technologies ltd\zonealarm\1.5.20.3\bh\zonealarm.dll"
+ "ZoneAlarm Security Engine Registrar"    "ZoneAlarm Browser Security"    "Check Point Software Technologies"    "c:\program files\checkpoint\zaforcefield\wow64\trustchecker\bin\trustcheckerieplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "LastPass Toolbar"    "LastPass Toolbar"    "LastPass"    "c:\program files (x86)\lastpass\lpbar64.dll"
+ "ZoneAlarm Security Engine"    "ZoneAlarm Browser Security"    "Check Point Software Technologies"    "c:\program files\checkpoint\zaforcefield\trustchecker\bin\trustcheckerieplugin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "Bing"    "Bing Client Extensions"    "Microsoft Corporation."    "c:\program files (x86)\microsoft\bingbar\7.1.361.0\bingext.dll"
+ "LastPass Toolbar"    "LastPass Toolbar"    "LastPass"    "c:\program files (x86)\lastpass\lpbar.dll"
+ "ZoneAlarm Security Engine"    "ZoneAlarm Browser Security"    "Check Point Software Technologies"    "c:\program files\checkpoint\zaforcefield\wow64\trustchecker\bin\trustcheckerieplugin.dll"
+ "ZoneAlarm Security Toolbar"    ""    "Montera Technologeis LTD"    "c:\program files (x86)\check point software technologies ltd\zonealarm\1.5.20.3\zonealarmtlbr.dll"
"HKCU\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "Xmarks for IE..."    "Xmarks for IE"    "Xmarks.com"    "c:\program files (x86)\xmarks\ie extension\xmarkssync.exe"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "LastPass"    "LastPass Toolbar"    "LastPass"    "c:\program files (x86)\lastpass\lpbar64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "&Blog This in Windows Live Writer"    "Windows Live Writer Blog This Extension"    "Microsoft Corporation"    "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Add to Evernote 4"    ""    ""    "File not found: C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204"
+ "HP Network Check"    "NCLauncherFromIE"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpnetworkcheck\nclauncherfromie.exe"
+ "LastPass"    "LastPass Toolbar"    "LastPass"    "c:\program files (x86)\lastpass\lpbar.dll"
+ "Skype Click to Call"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler"    ""    ""    ""
+ "\Adobe Flash Player Updater"    "Adobe® Flash® Player Update Service 11.6 r602"    "Adobe Systems Incorporated"    "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-1349691286-2269279888-4115724794-1001Core"    "Facebook Installer"    "Facebook Inc."    "c:\users\owner\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-1349691286-2269279888-4115724794-1001UA"    "Facebook Installer"    "Facebook Inc."    "c:\users\owner\appdata\local\facebook\update\facebookupdate.exe"
+ "\Google Updater and Installer"    "Google Installer"    "Google Inc."    "c:\users\owner\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineCore"    "Google Installer"    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA"    "Google Installer"    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1349691286-2269279888-4115724794-1001Core"    "Google Installer"    "Google Inc."    "c:\users\owner\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1349691286-2269279888-4115724794-1001UA"    "Google Installer"    "Google Inc."    "c:\users\owner\appdata\local\google\update\googleupdate.exe"
+ "\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start"    "HP Support Assistant"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask"    "UtilTask"    "Microsoft"    "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\utiltask.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Health Analysis"    "HP Support Assistant"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Tuneup"    "HP Support Assistant"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\Update Check"    "HPSFUpdater"    "Hewlett-Packard Company"    "c:\programdata\hewlett-packard\hp support framework\resources\updater7\hpsfupdater.exe"
+ "\HPCeeScheduleForOwner"    "HP Ceement"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\Java Update Scheduler"    "Java™ Update Scheduler"    "Sun Microsystems, Inc."    "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"    "Windows Live Social Object Extractor Engine"    "Microsoft Corporation"    "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "Windows Media Player Network Sharing Service Configuration Application"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"
+ "\PrintProjects Communicator"    ""    ""    "c:\programdata\printprojects\communicator.exe"
+ "\Registration"    "ESAdvRemIntegrator"    ""    "c:\program files (x86)\hewlett-packard\hp setup\remengine.exe"
+ "\{36BCBE88-68BF-4E2C-8AED-D0D2BF36C443}"    ""    ""    "File not found: G:\JDSecure\Windows\JDSecure20.exe"
+ "\{50B09E80-E171-4F39-96C2-32B072615DEA}"    ""    ""    "File not found: G:\JDSecure\Windows\JDSecure20.exe"
+ "\{5460C956-5D36-404D-A825-CD07C80DA415}"    ""    ""    "File not found: C:\Program Files (x86)\Skype\Phone\Skype.exe"
+ "\{5FF7F9A8-A2D0-47D3-8D5C-420A34EAA369}"    ""    ""    "File not found: C:\Windows\amcap.exe"
+ "\{7433F2AA-5FE3-493E-9182-47A96DFC6726}"    ""    ""    "File not found: C:\Windows\amcap.exe"
+ "\{A50DE00E-8FC1-469B-A1FD-BD9C915ACEB2}"    ""    ""    "File not found: C:\Windows\amcap.exe"
+ "\{A9C9D432-8A03-41F8-A7F7-A0D685BC428A}"    ""    ""    "File not found: C:\Windows\amcap.exe"
+ "\{D8E40115-2EB3-46B1-86D7-AB619A951687}"    ""    ""    "File not found: C:\Windows\amcap.exe"
+ "\{D9657D23-A821-49B4-BCC7-53D57B74D93D}"    ""    ""    "File not found: C:\Windows\amcap.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AdobeARMservice"    "Adobe Acrobat Updater keeps your Adobe software up to date."    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AERTFilters"    "Andrea filters APO access service (64-bit)"    "Andrea Electronics Corporation"    "c:\program files\realtek\audio\hda\aertsr64.exe"
+ "AVGIDSAgent"    "Provides Identity Protection Against Cyber Crime."    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgidsagent.exe"
+ "avgwd"    "AVG Watchdog Service"    "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgwdsvc.exe"
+ "BBSvc"    "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar."    "Microsoft Corporation."    "c:\program files (x86)\microsoft\bingbar\7.1.361.0\bbsvc.exe"
+ "BBUpdate"    "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar."    "Microsoft Corporation."    "c:\program files (x86)\microsoft\bingbar\7.1.361.0\seaport.exe"
+ "cvhsvc"    "Client Virtualization Handler Service (unlocalized description)"    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "GameConsoleService"    "GameConsole management services"    "WildTangent, Inc."    "c:\program files (x86)\hp games\hp game console\gameconsoleservice.exe"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc"    "gusvc"    "Google"    "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "HFGService"    "Enables wireless Bluetooth headsets to run on this computer. If this service is stopped or disabled, then Bluetooth headsets will not function properly on this machine."    "CSR, plc"    "c:\windows\system32\hfgservice.dll"
+ "HP Support Assistant Service"    "HP Support Assistant Service"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HP Wireless Assistant Service"    "This service monitors the wireless devices in this computer and allows the HP Wireless Assistant application to turn devices on and off."    "Hewlett-Packard Company"    "c:\program files\hewlett-packard\hp wireless assistant\hpwa_service.exe"
+ "HPClientSvc"    "HP Client Services"    "Hewlett-Packard Company"    "c:\program files\hewlett-packard\hp client services\hpclientservices.exe"
+ "hpqwmiex"    "HP Software Framework WMI Service"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "HPWMISVC"    "HP Quick Launch WMI Service"    "Hewlett-Packard Development Company, L.P."    "c:\program files (x86)\hewlett-packard\hp quick launch\hpwmisvc.exe"
+ "IswSvc"    "ZoneAlarm Browser Security"    "Check Point Software Technologies"    "c:\program files\checkpoint\zaforcefield\iswsvc.exe"
+ "Kodak AiO Network Discovery Service"    "Kodak mDNS Network Discovery Service"    "Eastman Kodak Company"    "c:\program files (x86)\kodak\aio\center\ekaiohostservice.exe"
+ "Kodak AiO Status Monitor Service"    "Kodak Status Monitor SDK Service"    "Eastman Kodak Company"    "c:\program files (x86)\kodak\aio\statusmonitor\ekprintersdk.exe"
+ "LightScribeService"    "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work."    "Hewlett-Packard Company"    "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "McComponentHostService"    "McAfee Security Scan Component Host Service"    "McAfee, Inc."    "c:\program files (x86)\mcafee security scan\2.0.181\mcchsvc.exe"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "NOBU"    "Norton Online Backup Service"    "Symantec Corporation"    "c:\program files (x86)\symantec\norton online backup\nobuagent.exe"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc"    "Office Software Protection Platform Service (unlocalized description)"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PnkBstrA"    "PunkBuster Service Component [v1032] http://www.evenbalance.com"    ""    "c:\windows\syswow64\pnkbstra.exe"
+ "PnkBstrB"    "PunkBuster Service Component [v2.202 WOLF] http://www.evenbalance.com"    ""    "c:\windows\syswow64\pnkbstrb.exe"
+ "RoxioNow Service"    "Windows Service App"    "Roxio"    "c:\program files (x86)\roxio\roxionow player\rnowsvc.exe"
+ "RtVOsdService"    "Realtek OSD Control"    "Realtek Semiconductor Corp."    "c:\program files\realtek\rtvosd\rtvosdservice.exe"
+ "sftlist"    "Streams and manages applications."    "Microsoft Corporation"    "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa"    "Monitors global service events and launches virtual services."    "Microsoft Corporation"    "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "vsmon"    "Monitors internet traffic and generates alerts for disallowed access."    "Check Point Software Technologies LTD"    "c:\program files (x86)\checkpoint\zonealarm\vsmon.exe"
+ "vToolbarUpdater14.2.0"    "ToolbarU Application"    ""    "c:\program files (x86)\common files\avg secure search\vtoolbarupdater\14.2.0\toolbarupdater.exe"
+ "WinDefend"    "Protection against spyware and potentially unwanted software"    "Microsoft Corporation"    "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc"    "Enables Windows Live ID authentication."    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "adp94xx"    "Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"    "Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"    "Adaptec StorPort Ultra320 SCSI Driver (X64)"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"
+ "aliide"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"
+ "amdsata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"    "Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"
+ "androidusb"    "ADB Interface"    "Google Inc"    "c:\windows\system32\drivers\ssadadb.sys"
+ "arc"    "Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"
+ "AVGIDSDriver"    "AVG Technologies IDS Application Activity Monitor Driver"    "AVG Technologies CZ, s.r.o. "    "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSHA"    "AVG Technologies IDS Application Activity Monitor Helper Driver"    "AVG Technologies CZ, s.r.o. "    "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64"    "AVG AVI Loader Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgloga"    "AVG Logging Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgloga.sys"
+ "Avgmfx64"    "AVG Resident Shield Minifilter Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64"    "AVG Anti-Rootkit Driver"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia"    "AVG Network connection watcher"    "AVG Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgtdia.sys"
+ "avgtp"    ""    "AVG Technologies"    "c:\windows\system32\drivers\avgtpx64.sys"
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"    "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"    "Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"    "Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"
+ "BthAudioHF"    "Bluetooth Hands-free Audio Service"    "CSR, plc"    "c:\windows\system32\drivers\bthaudiohf.sys"
+ "clwvd"    ""    ""    "File not found: system32\DRIVERS\clwvd.sys"
+ "cmdide"    "CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbda.sys"
+ "elxstor"    "Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir"    "Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor"    "Intel Rapid Storage Technology driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV"    "Intel Matrix Storage Manager driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"
+ "igfx"    "Intel Graphics Kernel Mode Driver"    "Intel Corporation"    "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp"    "Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService"    "Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtkvhd64.sys"
+ "ISWKL"    "ZoneAlarm Browser Security"    "Check Point Software Technologies"    "c:\program files\checkpoint\zaforcefield\iswkl.sys"
+ "LSI_FC"    "LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"    "LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas"    "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"
+ "netr28x"    "Ralink 802.11 Wireless Adapter Driver"    "Ralink Technology, Corp."    "c:\windows\system32\drivers\netr28x.sys"
+ "netw5v64"    "Intel® Wireless WiFi Link Driver"    "Intel Corporation"    "c:\windows\system32\drivers\netw5v64.sys"
+ "nfrd960"    "IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300"    "QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"    "QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167"    "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                "    "Realtek                                            "    "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"
+ "SrvHsfHDA"    "HSF_HWAZL WDM driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstazl6.sys"
+ "SrvHsfV92"    "HSF_DP driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstdpv6.sys"
+ "SrvHsfWinac"    "HSF_CNXT driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstcnxt6.sys"
+ "ssadbus"    "SAMSUNG Android USB Composite Device Driver"    "MCCI Corporation"    "c:\windows\system32\drivers\ssadbus.sys"
+ "ssadmdfl"    "SAMSUNG Android USB Modem (Filter)"    "MCCI Corporation"    "c:\windows\system32\drivers\ssadmdfl.sys"
+ "ssadmdm"    "SAMSUNG Android USB Modem Drivers"    "MCCI Corporation"    "c:\windows\system32\drivers\ssadmdm.sys"
+ "sscdbus"    "SAMSUNG USB Composite Device Driver"    "MCCI Corporation"    "c:\windows\system32\drivers\sscdbus.sys"
+ "sscdmdfl"    "SAMSUNG Mobile Modem Filter"    "MCCI Corporation"    "c:\windows\system32\drivers\sscdmdfl.sys"
+ "sscdmdm"    "SAMSUNG Mobile Modem Drivers"    "MCCI Corporation"    "c:\windows\system32\drivers\sscdmdm.sys"
+ "StarOpen"    ""    ""    "File not found: C:\Windows\System32\Drivers\StarOpen.sys"
+ "stexstor"    "Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP"    "Synaptics Touchpad Driver"    "Synaptics Incorporated"    "c:\windows\system32\drivers\syntp.sys"
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"
+ "Vsdatant"    "Zone Alarm Firewall Driver"    "Check Point Software Technologies LTD"    "c:\windows\system32\drivers\vsdatant.sys"
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"
+ "yukonw7"    "Miniport Driver for Marvell Yukon Ethernet Controller."    "Marvell"    "c:\windows\system32\drivers\yk62x64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\Filter"    ""    ""    ""
+ "LAME MPEG Layer III Audio Encoder"    ""    ""    "c:\windows\syswow64\lame_dshow.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "AEWave"    ""    ""    "c:\windows\syswow64\aewave.ax"
+ "Audio Destination"    "WAVDest Filter (Sample)"    "Microsoft Corporation"    "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "Capture File Writer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder (PDVD9)"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claud.ax"
+ "CyberLink Audio Decoder(PDVD9 UPnP)"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\upnp\claud.ax"
+ "CyberLink Audio Effect (PDVD9)"    "CyberLink Audio Effect Filter"    "CyberLink Corporation"    "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudfx.ax"
+ "CyberLink Audio Noise Reduction"    "CLAuNR"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler"    "CLAuRsmpl.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio Spectrum Analyzer (PDVD9)"    "CLAudSpa.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudspa.ax"
+ "CyberLink Audio Spectrum Analyzer(PDVD9 UPnP)"    "CLAudSpa.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\upnp\claudspa.ax"
+ "CyberLink Audio VolumeBooster"    "CyberLink Audio Volume Booster Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink Audio Wizard"    "CyberLink Audio Wizard Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter"    "CyberLink AudioCD Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "CyberLink AudioCD Filter (PDVD9)"    "CyberLink AudioCD Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudiocd.ax"
+ "CyberLink Demultiplexer(PDVD9 UPnP)"    "MPEG-2 Dempltiplexer"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\upnp\cldemuxer.ax"
+ "Cyberlink Demuxer 2.0"    "CLDemuxer2"    "Cyberlink"    "c:\program files (x86)\cyberlink\powerdvd9\navfilter\cldemuxer2.ax"
+ "CyberLink Digest Filter (PDVD9)"    "DigestFilter Dynamic Link Library"    ""    "c:\program files (x86)\cyberlink\powerdvd9\digestfilter.dll"
+ "Cyberlink Dump Dispatch Filter"    "Cyberlink File Dump Dispatch Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter"    "Cyberlink File Dump Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink DVD Navigator (PDVD9)"    "CyberLink DVD Navigation Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)"    "CES Kernel"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "Cyberlink File Reader (Async.)"    "Cyberlink MPEG File Reader"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink FLV Splitter (PDVD9)"    "CyberLink FLV Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clflvsplitter.ax"
+ "CyberLink HAM Decoder"    "CyberLink 264 Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clcvd.ax"
+ "CyberLink HD/BD Mixer (PDVD9)"    "CLHBMixer"    " "    "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clhbmixer.ax"
+ "CyberLink Line21 Decoder (PDVD9)"    "CyberLink Line21 Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clline21.ax"
+ "CyberLink Load Image Filter"    "CLImage"    "CyberLink"    "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer"    "CLM2VWriter"    "CyberLink"    "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink Matroska Splitter (PDVD9)"    "CyberLink Matroska Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clmkvsplter.ax"
+ "CyberLink MP3/WAV Wrapper"    "CyberLink MP3 Wrapper"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer"    "MpgMux"    "CyberLink"    "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\upnp\clsplter.ax"
+ "CyberLink MPEG Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clsplter.ax"
+ "CyberLink MPEG Video Encoder"    "CyberLink MPEG Video Encoder                               "    "CyberLink Corp.                                            "    "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink MPEG-4 Splitter (PDVD9)"    "CyberLink MPEG-4 Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clm4splt.ax"
+ "CyberLink PCM Wrapper"    "CyberLink PCM Wrapper"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink Push-Mode CLStream(PDVD9)"    "CLStream"    "CyberLink"    "c:\program files (x86)\cyberlink\powerdvd9\upnp\clstream(pushmode).ax"
+ "CyberLink RealAudio Decoder (PDVD9)"    "CyberLink RealMedia Audio Decoder"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clrmaud.ax"
+ "CyberLink RealMedia Splitter (PDVD9)"    "CyberLink RealMedia Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clrmsplitter.ax"
+ "CyberLink RealVideo Decoder (PDVD9)"    "CyberLink RealMedia Video Decoder"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clrmvd.ax"
+ "CyberLink Streamming Filter(PDVD9)"    "Cyberlink Streaming Source Filter(Scramble)"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\upnp\clstream.ax"
+ "Cyberlink SubTitle Importor (PDVD9)"    "CLSubTitle.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clsubtitle.ax"
+ "Cyberlink SubTitle Importor 2.0"    "CLSubTitle.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (CES)"    "CLAuTS.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TimeStretch Filter (PDVD9)"    "CLAuTS.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clauts.ax"
+ "CyberLink TL MPEG Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "CyberLink Tzan Filter (PDVD9)"    "Cyberlink Tzan Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\videofilter\cltzan.ax"
+ "CyberLink Video Decoder (PDVD9)"    "CyberLink 264 Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clcvd.ax"
+ "CyberLink Video Effect"    "CLVidFx"    "CyberLink"    "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator"    "CLRGL"    "Cyberlink"    "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer"    "CLVideoDeShaking"    "CyberLink"    "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "CyberLink Video/SP Decoder (PDVD9)"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clvsd.ax"
+ "CyberLink Video/SP Decoder(PDVD9 UPnP)"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd9\upnp\clvsd.ax"
+ "CyberLink WMV/WMA Demux(PDVD9)"    "WMV/WMA Demux"    "CyberLink"    "c:\program files (x86)\cyberlink\powerdvd9\upnp\clwmfdemux.ax"
+ "FunBox Audio Codec Filter"    "FunBox Audio Codec Filter"    "Mobile Leader"    "c:\program files (x86)\samsung\samsung pc studio 3\funaudiocodecfilter.ax"
+ "FunBox Audio EQ Filter"    "FunBox Audio Equalizer Filter"    "Mobile Leader"    "c:\program files (x86)\samsung\samsung pc studio 3\funeqfilter.ax"
+ "FunBox Avi Source"    "Avi Splitter"    "Gabest"    "c:\program files (x86)\samsung\samsung pc studio 3\funavisplitter.ax"
+ "FunBox Avi Splitter"    "Avi Splitter"    "Gabest"    "c:\program files (x86)\samsung\samsung pc studio 3\funavisplitter.ax"
+ "FunBox Conversion Filter"    "FunBox Conversion Filter"    "Mobile Leader"    "c:\program files (x86)\samsung\samsung pc studio 3\funconvfilter.ax"
+ "FunBox Image Decoder Filter"    "FunImgFilter Dynamic Link Library"    "Mobile Leader"    "c:\program files (x86)\samsung\samsung pc studio 3\funimgfilter.ax"
+ "FunBox Mp3 Decoder Filter"    "FunBox MP3 Decoder Filter"    "Mobile Leader"    "c:\program files (x86)\samsung\samsung pc studio 3\funmp3decfilter.ax"
+ "FunBox MPEG Decoder Filter"    "FunBox Decoder Filter"    "Mobile Leader"    "c:\program files (x86)\samsung\samsung pc studio 3\fundecfilter.ax"
+ "FunBox MPEG Encoder Filter"    "FunBox Encoder Filter"    "Mobile Leader"    "c:\program files (x86)\samsung\samsung pc studio 3\funencfilter.ax"
+ "FunBox Mpg Decoder Filter"    "FunMpgDecFilter Dynamic Link Library"    "Mobile Leader"    "c:\program files (x86)\samsung\samsung pc studio 3\funmpgdecfilter.ax"
+ "FunBox Mpg Grab Filter"    "FunMpgGrabFilter Dynamic Link Library"    "Mobile Leader"    "c:\program files (x86)\samsung\samsung pc studio 3\funmpggrabfilter.ax"
+ "FunBox Ogg Decoder Filter"    "FunOggDecFilter Dynamic Link Library"    "Mobile Leader"    "c:\program files (x86)\samsung\samsung pc studio 3\funoggdecfilter.ax"
+ "FunBox Sample Grabber Filter"    "FunBox SampleGrabber Filter"    "MobileLeader"    "c:\program files (x86)\samsung\samsung pc studio 3\funsamplegrabberfilter.ax"
+ "FunBox Subtitle Filter"    "FunBox Subtitle Filter"    "Mobile Leader"    "c:\program files (x86)\samsung\samsung pc studio 3\funsubfilter.ax"
+ "FunBox Video Adjust Filter"    "FunBox Video Adjust Filter"    "Mobile Leader"    "c:\program files (x86)\samsung\samsung pc studio 3\funvideoadjustfilter.ax"
+ "FunBox Video Codec Filter"    "FunBox Video Codec Filter"    "Mobile Leader"    "c:\program files (x86)\samsung\samsung pc studio 3\funvideocodecfilter.ax"
+ "FunBox Video Resize Filter"    "FunBox Video Resize Filter"    "Mobile Leader"    "c:\program files (x86)\samsung\samsung pc studio 3\funvideoresizefilter.ax"
+ "LAME MPEG Layer III Audio Encoder"    ""    ""    "c:\windows\syswow64\lame_dshow.ax"
+ "MS PR Source Filter"    "PlayReady DirectShow Source Filter DLL"    "Microsoft Corporation"    "c:\program files (x86)\playready\prsource.dll"
+ "P2G Audio Decoder"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder"    "CyberLink Audio Encoder Filter"    "Cyberlink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator"    "CyberLink Video Regulator"    "CyberLink"    "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "PlayReady DMO Wrapper"    "PlayReady DirectShow DMO Wrapper Filter DLL"    "Microsoft Corporation"    "c:\program files (x86)\playready\prdmowrapper.dll"
+ "Record Queue"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SubPicture Filter"    "SubPictu ?? ?? ?????"    ""    "c:\program files (x86)\samsung\samsung pc studio 3\dexsubpicturefilter.dll"
+ "WAV Dest"    "WAVDest Filter (Sample)"    "Microsoft Corporation"    "c:\program files (x86)\samsung\samsung pc studio 3\wavdest.ax"
+ "WM VIH2 Fix"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"    ""    ""    ""
+ "WLIDCredentialProvider"    "Microsoft® Windows Live ID Credential Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""
+ "igfxcui"    "igfxdev Module"    "Intel Corporation"    "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"    ""    ""    ""
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""
+ "HP 8811 Status Monitor"    "Print Status Language Monitor"    "Hewlett-Packard Co."    "c:\windows\system32\hpinksts8811lm.dll"
+ "KODAK EASYSHARE All-in-One Printer"    "Language Monitor for KODAK AiO Printer (64-Bit AMD Athlon™/Opteron™ Build)"    "Eastman Kodak Company"    "c:\windows\system32\ekij5000mon.dll"
"C:\Users\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini"    ""    ""    ""
+ "All Search"    "All Search support multi-language, search results in flyout or in new window, auto update notification and 10 different search included Google, Yahoo, Bing, Maps, Amazon, Wikipedia, YouTube, Dictionary, Weather and News."    "CK"    "C:\Users\Owner\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_Search_V3.1.gadget\Gadget.xml"
+ "Calendar"    "Browse the days of the calendar."    "Microsoft Corporation"    "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Gadget.xml"
 
 
 
 
 Thank you again!


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 AM

Posted 20 February 2013 - 09:47 AM

Please run malwarebytes again and post the clean log

 

Launch Adware cleaner and select DELETE option,post the generated log

 

Let me know how system behaves after both these scans.



#9 nfaulky1

nfaulky1
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 20 February 2013 - 10:12 AM

'Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.02.20.01
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Owner :: COMPUTER [administrator]
 
2/20/2013 9:49:57 AM
mbam-log-2013-02-20 (09-49-57).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 307008
Time elapsed: 8 minute(s), 30 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
 
 
 Computer is MUCH faster , thank you!!
 
 
 
 
# AdwCleaner v2.112 - Logfile created 02/20/2013 at 10:01:18
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Owner - COMPUTER
# Boot Mode : Normal
# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\ProgramData\{08E30618-5D06-461B-BBD3-4ADFB0810824}
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\CAMP LEJEUNE\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\CAMP LEJEUNE\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\CAMP LEJEUNE\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\GRAMMA\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\GRAMMA\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\GRAMMA\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\Jackson\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Jackson\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Jackson\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Jackson\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\Owner\AppData\Local\APN
Folder Deleted : C:\Users\Owner\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Owner\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Owner\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Owner\AppData\LocalLow\Searchqutoolbar
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\ilivid
Key Deleted : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16464
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v18.0.2 (en-US)
 
File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\wus0k8ht.default\prefs.js
 
[OK] File is clean.
 
File : C:\Users\Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\igsnt4e5.default\prefs.js
 
[OK] File is clean.
 
File : C:\Users\GRAMMA\AppData\Roaming\Mozilla\Firefox\Profiles\kgy6e43u.default\prefs.js
 
[OK] File is clean.
 
File : C:\Users\CAMP LEJEUNE\AppData\Roaming\Mozilla\Firefox\Profiles\qz3vvfd6.default\prefs.js
 
[OK] File is clean.
 
-\\ Google Chrome v24.0.1312.57
 
File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
File : C:\Users\Jackson\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
File : C:\Users\GRAMMA\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
File : C:\Users\CAMP LEJEUNE\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [18098 octets] - [20/02/2013 08:17:26]
AdwCleaner[S1].txt - [12375 octets] - [20/02/2013 10:01:18]
 
########## EOF - C:\AdwCleaner[S1].txt - [12436 octets] ##########


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 AM

Posted 20 February 2013 - 10:13 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users