schuylardavis

Members
  • Content Count

    10
  • Joined

  • Last visited

About schuylardavis

  • Rank
    Member
  1. All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{48A033D5-903E-499C-807F-A547AB362F60}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48A033D5-903E-499C-807F-A547AB362F60}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A98906A2-0813-4BAF-B8DD-8FA8F6179FF7}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A98906A2-0813-4BAF-B8DD-8FA8F6179FF7}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B9D086B0-40FA-4739-809D-62D49BFDFFDC}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9D086B0-40FA-4739-809D-62D49BFDFFDC}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DB31EAD7-A659-40C8-ADAF-20A574BAE7FA}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB31EAD7-A659-40C8-ADAF-20A574BAE7FA}\ not found. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{48A033D5-903E-499C-807F-A547AB362F60}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48A033D5-903E-499C-807F-A547AB362F60}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A98906A2-0813-4BAF-B8DD-8FA8F6179FF7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A98906A2-0813-4BAF-B8DD-8FA8F6179FF7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DB31EAD7-A659-40C8-ADAF-20A574BAE7FA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB31EAD7-A659-40C8-ADAF-20A574BAE7FA}\ not found. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found. HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found. HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-4074173974-1843628595-4201501626-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found. HKEY_USERS\S-1-5-21-4074173974-1843628595-4201501626-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-4074173974-1843628595-4201501626-1000\Software\Microsoft\Internet Explorer\SearchScopes\{48A033D5-903E-499C-807F-A547AB362F60}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48A033D5-903E-499C-807F-A547AB362F60}\ not found. Registry key HKEY_USERS\S-1-5-21-4074173974-1843628595-4201501626-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A98906A2-0813-4BAF-B8DD-8FA8F6179FF7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A98906A2-0813-4BAF-B8DD-8FA8F6179FF7}\ not found. Registry key HKEY_USERS\S-1-5-21-4074173974-1843628595-4201501626-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DB31EAD7-A659-40C8-ADAF-20A574BAE7FA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB31EAD7-A659-40C8-ADAF-20A574BAE7FA}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{a0154e07-2b48-475c-a82a-80efd84ea33e} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a0154e07-2b48-475c-a82a-80efd84ea33e}\ not found. Registry value HKEY_USERS\S-1-5-21-4074173974-1843628595-4201501626-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found. Registry value HKEY_USERS\S-1-5-21-4074173974-1843628595-4201501626-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A0154E07-2B48-475C-A82A-80EFD84EA33E} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0154E07-2B48-475C-A82A-80EFD84EA33E}\ not found. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview not found. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully. File Protocol\Handler\livecall - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully. File Protocol\Handler\ms-help - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully. File Protocol\Handler\msnim - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully. File Protocol\Handler\skype4com - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully. File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully. File Protocol\Handler\wlmailhtml - No CLSID value found not found. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Default User: Default User User: Public User: Schuylar ->Java cache emptied: 4259355 bytes Total Java Files Cleaned = 4.00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Public User: Schuylar ->Flash cache emptied: 108137 bytes Total Flash Files Cleaned = 0.00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: Schuylar ->Temp folder emptied: 263829619 bytes ->Temporary Internet Files folder emptied: 568278367 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 97424388 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 935611472 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78301395 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 757 bytes RecycleBin emptied: 337228 bytes Total Files Cleaned = 1,854.00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 11082013_214609 Files\Folders moved on Reboot... C:\Users\Schuylar\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Schuylar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YYMB435I\34433-help[4].htm moved successfully. C:\Users\Schuylar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0LJK69G\ads[6].htm moved successfully. C:\Users\Schuylar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UEEAN892\2q6dNtNfG1YHziVjQ1hUSA[1].woff moved successfully. C:\Users\Schuylar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UEEAN892\sNpRL69iYnSa-pHm90cZTA[1].woff moved successfully. C:\Users\Schuylar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LU49083P\postmessageRelay[1].htm moved successfully. C:\Users\Schuylar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LU49083P\zrt_lookup[1].htm moved successfully. C:\Users\Schuylar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F3TJQTB0\xd_arbiter[1].htm moved successfully. C:\Users\Schuylar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DR5ANVBJ\ads[8].htm moved successfully. C:\Users\Schuylar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3BMGLVUK\xd_arbiter[1].htm moved successfully. C:\Users\Schuylar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\18OVE1TP\fastbutton[1].htm moved successfully. C:\Users\Schuylar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\18OVE1TP\like[1].htm moved successfully. C:\Users\Schuylar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully. C:\Users\Schuylar\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...
  2. OTL Extras logfile created on: 11/3/2013 12:03:32 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Schuylar\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16686) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.80 Gb Total Physical Memory | 2.03 Gb Available Physical Memory | 53.51% Memory free 7.60 Gb Paging File | 5.38 Gb Available in Paging File | 70.81% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 449.41 Gb Total Space | 380.89 Gb Free Space | 84.75% Space Free | Partition Type: NTFS Drive D: | 16.05 Gb Total Space | 2.32 Gb Free Space | 14.43% Space Free | Partition Type: NTFS Computer Name: SCHUYLAR-HP | User Name: Schuylar | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-4074173974-1843628595-4201501626-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{13C05E94-C3B3-47ED-94EF-6FC13C69DE1A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1C4D8957-574D-4FCB-A8B0-78208A8326BE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1F934C7F-0C59-450F-8BBA-67E88AEFE8EE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1FBD9DE1-01B7-4F52-99A7-F376062A8F42}" = lport=445 | protocol=6 | dir=in | app=system | "{2B301B23-29A9-467A-A2AA-61C1303D1C69}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2DDCFD7A-1F3B-4533-98E9-5992EC2371C3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | "{330769CE-8CCD-4336-A1D2-9F0F85936343}" = lport=137 | protocol=17 | dir=in | app=system | "{3A9C2319-652D-4EF2-953B-8EC2FCFDBDE9}" = lport=139 | protocol=6 | dir=in | app=system | "{3B8EDE94-9A83-4A07-B67F-FA2AF874ED7C}" = lport=10243 | protocol=6 | dir=in | app=system | "{48EDA57D-3733-4A26-96AD-277493928545}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4B133A80-D54C-4CA0-B76C-D1FD70C56597}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4D6DDEDC-A090-4DDE-884C-626D245A39DE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5D346881-0010-477E-8974-3C369AC37A05}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{67DDE84E-4B69-49A8-B59F-CC2209B647C9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{692BA3DB-D741-4A08-934B-3553619A0FC2}" = rport=445 | protocol=6 | dir=out | app=system | "{6FFBA473-458D-47F0-B6D4-F93FD8BC0A7B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7178C822-5E6A-4879-82ED-6F0D20C8B0C1}" = rport=138 | protocol=17 | dir=out | app=system | "{823EB4CD-7FCC-4968-9271-4D25E7301CF7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8637B547-3FB1-4091-8638-93832CBB9506}" = lport=2869 | protocol=6 | dir=in | app=system | "{8F655F84-E9D7-4BF5-90FE-C5A01F53BAE2}" = lport=138 | protocol=17 | dir=in | app=system | "{933F6D97-FF11-4916-92B0-04B2C902ABF2}" = rport=139 | protocol=6 | dir=out | app=system | "{94034794-6651-4544-BCB7-66C055ECF250}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{967E4C84-0936-405A-9CE5-1A0F57F5D99A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9A51A9A3-B9BF-4356-B621-BA85FA8989C1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{9B01FBBF-FE8A-4A2C-A9B0-6994AF051172}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{AAD0EBDF-E149-4D75-8ACD-68FB10974AD8}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{B8C3EA2E-9D11-4C21-822C-608E0EB63902}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{BA5E7C10-3D6E-46BF-96D5-8D6648D337B5}" = rport=10243 | protocol=6 | dir=out | app=system | "{C0FA52B5-6BDB-4392-960A-5416F28A6C97}" = lport=2869 | protocol=6 | dir=in | app=system | "{CB9D7580-67E5-4795-850A-494E65BBE8CB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CC2BE57C-5ABC-4BCB-8F62-FA9201301466}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E5F62CB0-DEBB-4B69-82F1-A6349939D488}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{E8F15884-2A60-44D1-B29A-4B249542C895}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{EEF1C8AE-0C52-427B-8DAE-EB69005494DC}" = rport=137 | protocol=17 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00F8ABCB-33EC-4CF3-ACE6-237C6F327C49}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe | "{0B7B8E0B-4D69-426E-9BFC-B0B5F489922D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe | "{0D073570-F88C-45EE-B128-22D779374C88}" = protocol=1 | dir=in | [email protected],-28543 | "{19CE3788-3869-4B53-A758-934C64A2CD34}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1EC6F93F-96F0-494F-B6BB-17B316CE6C13}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe | "{1FDBA561-EA69-49E7-B099-EFA4FF1A82E7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe | "{2441A804-3AE5-408B-9BBF-433617AF185E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{27C77B2D-BE97-4B3A-A139-E8795E5983F4}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe | "{291B0ED0-1ECA-499B-BB58-CD9035F0CF92}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgam.exe | "{31A81955-C070-45B0-8B7E-636953A349F4}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe | "{3533E213-BF1F-4DB9-BF56-9A85F61C5363}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{3A523B63-04FD-45EB-AE1E-6D18EEB27B0B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe | "{3D358C33-8F03-466F-8E6B-5AF37CD4312A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{437C5330-F48F-46EA-AE10-7E6863EEAD63}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{4864A0AC-28D3-4582-859B-CC363B0AFBA2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe | "{4A15755E-F895-4627-B628-81B83D7862E7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4B88F95A-E457-4F93-B173-BDC43A50EE25}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe | "{4C83045F-7442-47C9-AAEE-43FBE5721740}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe | "{4F187A82-6824-41A8-B1C9-7C69B14FD910}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgam.exe | "{4F8C8074-A764-4273-90AA-421FF9D299CA}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{516FDC22-804D-42CC-8FFC-24D96ADC8B67}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{55DB6F0B-C02A-4FF7-9810-0D58EDED4E94}" = dir=in | app=c:\users\schuylar\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{563C0F1D-1D42-49C0-A43F-9531786FC761}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{59A241E4-67E5-47A7-8603-EBDA6209B164}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{5DB5B91A-3CA6-4368-A2CC-E7F3F35BCD76}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{62B897FE-41C8-4B10-BF25-0CB1003999D6}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe | "{650DCD98-612F-4480-9FBE-F30AF27EB7ED}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{66CB2FDF-6708-46C6-AFC7-0B848035E735}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe | "{69FCB217-919C-44C3-972C-0AEBC1DDD6CA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{6BEE2492-7B12-411B-B7B2-0B59CC8E72AF}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe | "{6D330B20-77EA-4404-BBA9-5225AEB25D70}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{748FBB53-00DC-4781-811A-6706C23926A0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe | "{74C17320-EE27-4714-AF4D-C6FC98E1C9C6}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe | "{7CDC011C-9CC4-4E2A-88B9-C5E833905875}" = protocol=6 | dir=out | app=system | "{7D2F2228-B191-4D82-9C04-ED8765DE2DA6}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{8091681B-BFE7-4DDA-A96B-AF803343CBA6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe | "{84CA3B30-0B34-45F2-8FCD-1C214EE66FE3}" = protocol=58 | dir=in | [email protected],-28545 | "{887140C5-B97A-421C-97F0-7A9E85937E9B}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe | "{8BA3E5AB-F261-481A-AA55-011234D7362F}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe | "{8EFC17FA-88AC-4EBF-BC71-1E829AA14B12}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{99FAA3E7-E0E0-4EB6-82A3-AA9AA6B794AA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe | "{A6438561-DB97-4BA0-86BE-6343E0F3C7EC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A77ED56A-2C42-4EC6-BB45-4D7D845CE129}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe | "{B068E95B-1565-454D-975F-FB64F9F6A604}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe | "{B29F812B-43F0-467A-8F85-7F300826E383}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{B5930863-18C0-40FF-8D62-06E57AD73544}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{B8C06688-8CE8-4820-BF62-B32E3BCFACE3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{BED46E8F-40DB-4DF4-A50A-2FD47AA79213}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{C901538C-1C37-4A85-88F0-F69FCC8C9122}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D086CACB-7329-4FB6-8301-F98F93423161}" = protocol=58 | dir=out | [email protected],-28546 | "{D24534DE-816D-458D-94ED-9C06CF694FBD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{D7873D6F-CB74-49E2-903B-FD599BB5C2F2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{D9AF730C-F149-404D-9385-96199E59A2E7}" = protocol=1 | dir=out | [email protected],-28544 | "{E36646C6-63E3-4D38-B960-A08181574134}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{E65BDA04-1811-46B5-B4AE-428BE64C602F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{EEFEC31E-BBC0-477C-81E1-1D79644A1F35}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe | "{EF806B27-DD71-45AF-B1C6-B38428824EAE}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe | "{F9063AB5-9601-4CB4-961E-774A94BB9E17}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{FDD2E412-8875-4DDD-8ADD-C9FDBE278196}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{FE221DAA-DCD8-48D8-8877-F62C299DD4FF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{FFA5B56C-56DC-47AA-ADE8-788C3E30B900}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe | "TCP Query User{EADC60F4-E0B7-4805-B84E-3C60A09F4DC5}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "TCP Query User{F06A354D-90D0-4BD2-8CC9-044894775256}C:\program files (x86)\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe | "UDP Query User{292536C3-6D32-4568-9FA9-5196DFD33BBD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "UDP Query User{565D8C72-77BC-4E49-95DC-3F4E57EAD697}C:\program files (x86)\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java 6 Update 20 (64-bit) "{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{68554FC7-CB3A-4B8B-ABDF-5125794FE98E}" = AVG 2011 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}" = HP Wireless Assistant "{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}" = RtVOsd "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F73A118B-8271-47E2-8790-0C636B2539C5}" = iTunes "{FA7CA780-6612-43AF-A40F-72ABA4035BF8}" = AVG 2011 "AVG" = AVG 2011 "Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0 "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012 "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7 "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager "{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software "{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skypeâ„¢ 6.6 "{4F74D585-BCDB-4316-80FC-264E5B8E883E}" = HP Software Framework "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{69ABD67D-5C2E-4724-B519-695DEF3EC23B}" = HP Documentation "{69B02159-7620-4DBB-B9EE-F933039830AD}" = QuickBooks Simple Start Edition "{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games) "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7 "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0 "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5 "{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US) "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.1 MUI "{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{D322A9E3-758B-4D60-A7C4-65C88FD378D0}" = Bing Bar "{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! "{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}" = HP Quick Launch "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call "{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center "{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}" = HP Support Assistant "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "FrostWire" = FrostWire 4.21.3 "FrostWire 5" = FrostWire 5.3.8 "Google Chrome" = Google Chrome "HP Photo Creations" = HP Photo Creations "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Office14.Click2Run" = Microsoft Office Click-to-Run 2010 "Office14.SingleImage" = Microsoft Office Home and Student 2010 "TotalRecipeSearch_14bar Uninstall" = TotalRecipeSearch "TuneUp Utilities 2012" = TuneUp Utilities 2012 "WildTangent hp Master Uninstall" = HP Games "WinLiveSuite_Wave3" = Windows Live Essentials "WT087328" = Blackhawk Striker 2 "WT087335" = Build-a-lot 2 "WT087342" = Dora's Carnival Adventure "WT087360" = Escape Rosecliff Island "WT087361" = FATE "WT087362" = Final Drive Nitro "WT087372" = Heroes of Hellas 2 - Olympia "WT087373" = Jewel Quest 3 "WT087379" = Jewel Quest Solitaire 2 "WT087394" = Penguins! "WT087395" = Poker Superstars III "WT087396" = Polar Bowler "WT087397" = Polar Golfer "WT087414" = Virtual Families "WT087415" = Wheel of Fortune 2 "WT087428" = Bejeweled 2 Deluxe "WT087453" = Chuzzle Deluxe "WT087501" = Plants vs. Zombies "WT087513" = Virtual Villagers - The Secret City "WT087533" = Zuma Deluxe "WT087536" = Diner Dash 2 Restaurant Rescue ========== Last 20 Event Log Errors ========== [ Hewlett-Packard Events ] Error - 3/7/2013 11:10:19 PM | Computer Name = Schuylar-HP | Source = Hewlett-Packard | ID = 0 Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201303072010.xml'. mscorlib at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession() Error - 3/10/2013 3:19:26 PM | Computer Name = Schuylar-HP | Source = Hewlett-Packard | ID = 0 Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201303101319.xml'. mscorlib at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession() Error - 4/26/2013 3:27:51 AM | Computer Name = Schuylar-HP | Source = Hewlett-Packard | ID = 0 Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201304260127.xml'. mscorlib at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession() Error - 4/29/2013 12:54:06 AM | Computer Name = Schuylar-HP | Source = Hewlett-Packard | ID = 0 Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201304282254.xml'. mscorlib at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession() Error - 5/5/2013 7:07:14 PM | Computer Name = Schuylar-HP | Source = Hewlett-Packard | ID = 0 Description = Error - 5/5/2013 7:10:01 PM | Computer Name = Schuylar-HP | Source = Hewlett-Packard | ID = 0 Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201305051710.xml'. mscorlib at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession() Error - 6/24/2013 2:12:07 AM | Computer Name = Schuylar-HP | Source = Hewlett-Packard | ID = 0 Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201306240012.xml'. mscorlib at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession() Error - 7/31/2013 11:53:34 PM | Computer Name = Schuylar-HP | Source = Hewlett-Packard | ID = 0 Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201307312153.xml'. mscorlib at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession() Error - 8/13/2013 12:38:22 AM | Computer Name = Schuylar-HP | Source = Hewlett-Packard | ID = 0 Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201308122238.xml'. mscorlib at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession() Error - 9/15/2013 10:05:44 PM | Computer Name = Schuylar-HP | Source = Hewlett-Packard | ID = 0 Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201309152005.xml'. mscorlib at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession() [ HP Wireless Assistant Events ] Error - 1/3/2011 12:32:07 AM | Computer Name = Schuylar-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 1/3/2011 12:33:15 AM | Computer Name = Schuylar-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 1/3/2011 12:34:22 AM | Computer Name = Schuylar-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 1/3/2011 12:35:30 AM | Computer Name = Schuylar-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 1/3/2011 12:36:38 AM | Computer Name = Schuylar-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 1/3/2011 12:37:45 AM | Computer Name = Schuylar-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 1/3/2011 12:38:53 AM | Computer Name = Schuylar-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 1/3/2011 12:40:01 AM | Computer Name = Schuylar-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 4/29/2013 2:51:06 PM | Computer Name = Schuylar-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException Call was canceled by the message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize() at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String hostPath, String portName) at HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware radio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at HPPA_Service.CurrentConfiguration.ApplyFriendlyNames() at HPPA_Service.CurrentConfiguration.ReloadRadioList() Error - 7/18/2013 7:51:39 PM | Computer Name = Schuylar-HP | Source = HP WA Application | ID = 0 Description = System.Exception HardwareAccess hasn't been instantiated properly. at PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme powerScheme) [ System Events ] Error - 10/31/2013 12:54:01 AM | Computer Name = Schuylar-HP | Source = Service Control Manager | ID = 7000 Description = The vToolbarUpdater15.5.0 service failed to start due to the following error: %%2 Error - 10/31/2013 1:57:19 AM | Computer Name = Schuylar-HP | Source = DCOM | ID = 10016 Description = [ TuneUp Events ] Error - 7/24/2013 7:26:04 PM | Computer Name = Schuylar-HP | Source = TuneUp.UtilitiesSvc | ID = 300 Description = < End of report >
  3. OTL logfile created on: 11/3/2013 12:03:32 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Schuylar\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16686) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.80 Gb Total Physical Memory | 2.03 Gb Available Physical Memory | 53.51% Memory free 7.60 Gb Paging File | 5.38 Gb Available in Paging File | 70.81% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 449.41 Gb Total Space | 380.89 Gb Free Space | 84.75% Space Free | Partition Type: NTFS Drive D: | 16.05 Gb Total Space | 2.32 Gb Free Space | 14.43% Space Free | Partition Type: NTFS Computer Name: SCHUYLAR-HP | User Name: Schuylar | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/11/03 00:02:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Schuylar\Downloads\OTL.scr PRC - [2013/07/23 02:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2012/08/01 04:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe PRC - [2012/05/29 20:44:54 | 000,118,112 | ---- | M] (TuneUp Software) -- C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoUpdateCheck.exe PRC - [2012/01/31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe PRC - [2010/07/02 12:51:16 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe PRC - [2010/07/02 12:48:24 | 000,602,680 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe PRC - [2010/05/21 02:28:36 | 000,140,272 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe PRC - [2010/04/13 10:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010/04/13 10:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe PRC - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2010/03/18 13:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe PRC - [2010/03/18 13:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe ========== Modules (No Company Name) ========== MOD - [2013/09/20 19:05:43 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll MOD - [2013/09/20 19:05:40 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\a65a89dc687715adf46de23e717b842b\IAStorUtil.ni.dll MOD - [2013/09/20 18:02:40 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll MOD - [2013/09/20 18:02:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll MOD - [2013/09/20 18:02:13 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll MOD - [2013/09/20 18:01:42 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\930e99b2f62cea8c4aa070527d15f748\PresentationFramework.ni.dll MOD - [2013/09/20 18:00:33 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll MOD - [2013/09/20 17:59:55 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll MOD - [2013/09/20 17:59:45 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\585b8f6cc7ba86886462d0dc9753c98f\PresentationCore.ni.dll MOD - [2013/09/20 17:58:42 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1f6f220f9efe936d1158c79b9d4b451f\WindowsBase.ni.dll MOD - [2013/09/20 17:58:07 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll MOD - [2013/09/20 17:57:52 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll MOD - [2013/09/20 17:57:40 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll MOD - [2013/09/13 19:51:44 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2013/09/13 19:51:20 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2013/07/31 22:24:56 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll MOD - [2013/07/31 22:20:18 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll MOD - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe MOD - [2010/11/04 19:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2010/07/15 15:59:11 | 000,122,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll MOD - [2010/05/19 11:05:58 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll MOD - [2010/05/19 11:05:58 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll MOD - [2010/05/19 11:05:58 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2010/02/09 19:58:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll MOD - [2010/02/09 19:58:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll MOD - [2010/02/09 19:58:24 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll MOD - [2010/02/09 19:58:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll MOD - [2010/02/09 19:58:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll MOD - [2010/02/09 19:58:22 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll MOD - [2010/02/09 19:58:18 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll MOD - [2010/02/09 19:58:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll ========== Services (SafeList) ========== SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2010/06/18 17:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service) SRV:64bit: - [2010/06/17 16:54:20 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService) SRV:64bit: - [2009/11/17 20:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV - [2013/10/30 12:43:39 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/07/23 02:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE -- (BBUpdate) SRV - [2013/07/23 02:46:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE -- (BBSvc) SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2013/06/21 10:13:12 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/05/29 20:46:48 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2012/01/31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011/11/10 07:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service) SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd) SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010/07/02 12:51:16 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC) SRV - [2010/06/01 16:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2010/05/21 02:28:36 | 000,140,272 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service) SRV - [2010/04/13 10:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/18 13:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010/03/18 13:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/09/06 19:54:23 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp) DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/11/12 05:47:46 | 000,312,160 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/05/27 19:05:26 | 000,118,864 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV:64bit: - [2011/04/05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:64bit: - [2011/03/16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/03/01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2011/02/22 08:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH) DRV:64bit: - [2011/02/10 07:53:34 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 05:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 03:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010/10/09 04:12:18 | 003,063,360 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010/05/31 13:46:50 | 000,333,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010/04/15 21:26:28 | 000,319,536 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010/04/13 10:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/02/03 08:38:30 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2009/09/22 19:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009/09/17 14:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/19 20:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009/06/10 15:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2009/06/10 14:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009/06/10 14:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2012/05/08 15:21:42 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2010/02/10 14:31:32 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/10/09 03:31:17] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD}) DRV - [2009/09/22 19:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {A98906A2-0813-4BAF-B8DD-8FA8F6179FF7} IE:64bit: - HKLM\..\SearchScopes\{48A033D5-903E-499C-807F-A547AB362F60}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl IE:64bit: - HKLM\..\SearchScopes\{A98906A2-0813-4BAF-B8DD-8FA8F6179FF7}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{B9D086B0-40FA-4739-809D-62D49BFDFFDC}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{DB31EAD7-A659-40C8-ADAF-20A574BAE7FA}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{48A033D5-903E-499C-807F-A547AB362F60}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl IE - HKLM\..\SearchScopes\{A98906A2-0813-4BAF-B8DD-8FA8F6179FF7}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKLM\..\SearchScopes\{DB31EAD7-A659-40C8-ADAF-20A574BAE7FA}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-4074173974-1843628595-4201501626-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1 IE - HKU\S-1-5-21-4074173974-1843628595-4201501626-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://free.avg.com/ww.homepage-tlbrf IE - HKU\S-1-5-21-4074173974-1843628595-4201501626-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-21-4074173974-1843628595-4201501626-1000\..\SearchScopes,DefaultScope = {A98906A2-0813-4BAF-B8DD-8FA8F6179FF7} IE - HKU\S-1-5-21-4074173974-1843628595-4201501626-1000\..\SearchScopes\{48A033D5-903E-499C-807F-A547AB362F60}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl IE - HKU\S-1-5-21-4074173974-1843628595-4201501626-1000\..\SearchScopes\{A98906A2-0813-4BAF-B8DD-8FA8F6179FF7}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKU\S-1-5-21-4074173974-1843628595-4201501626-1000\..\SearchScopes\{DB31EAD7-A659-40C8-ADAF-20A574BAE7FA}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE - HKU\S-1-5-21-4074173974-1843628595-4201501626-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4074173974-1843628595-4201501626-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@TotalRecipeSearch_14.com/Plugin: C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll File not found FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Schuylar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]_14.com: C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2013/04/12 22:28:18 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - homepage: http://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll CHR - plugin: TotalRecipeSearch Plugin Stub (Enabled) = C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Schuylar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll File not found O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" File not found O3 - HKLM\..\Toolbar: (no name) - {a0154e07-2b48-475c-a82a-80efd84ea33e} - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.) O3 - HKU\S-1-5-21-4074173974-1843628595-4201501626-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKU\S-1-5-21-4074173974-1843628595-4201501626-1000\..\Toolbar\WebBrowser: (no name) - {A0154E07-2B48-475C-A82A-80EFD84EA33E} - No CLSID value found. O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe () O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4074173974-1843628595-4201501626-1000..\Run: [Facebook Update] C:\Users\Schuylar\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-4074173974-1843628595-4201501626-1000..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe () O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\.DEFAULT..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - HKU\S-1-5-18..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Schuylar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk = C:\Program Files (x86)\FrostWire 5\FrostWire.exe (FrostWire) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DDD659A7-35E2-48EE-A982-A239D42653BA}: DhcpNameServer = 192.168.1.254 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013/02/24 22:41:39 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O33 - MountPoints2\{02c2490f-5a73-11e0-b2f6-c995743c1ea0}\Shell - "" = AutoRun O33 - MountPoints2\{02c2490f-5a73-11e0-b2f6-c995743c1ea0}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{84e4779a-16c2-11e1-95e2-f222eb834bbf}\Shell - "" = AutoRun O33 - MountPoints2\{84e4779a-16c2-11e1-95e2-f222eb834bbf}\Shell\AutoRun\command - "" = F:\MotoCastSetup.exe -a O33 - MountPoints2\{e2c5766c-f920-11e0-99a0-cc78f2d56bab}\Shell - "" = AutoRun O33 - MountPoints2\{e2c5766c-f920-11e0-99a0-cc78f2d56bab}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/10/30 23:02:20 | 000,000,000 | ---D | C] -- C:\Users\Schuylar\AppData\Roaming\Malwarebytes [2013/10/30 23:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/10/30 23:01:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/10/30 23:01:50 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013/10/30 23:01:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/10/30 23:01:17 | 000,000,000 | ---D | C] -- C:\Users\Schuylar\AppData\Local\Programs [2013/10/30 22:32:20 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013/10/30 22:12:11 | 000,000,000 | ---D | C] -- C:\AdwCleaner ========== Files - Modified Within 30 Days ========== [2013/11/03 00:08:05 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/11/02 23:51:19 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/11/02 23:49:46 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4074173974-1843628595-4201501626-1000Core.job [2013/11/02 23:42:08 | 142,121,016 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2013/11/02 23:41:11 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/11/02 23:40:31 | 000,122,541 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2013/11/02 23:37:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/11/02 23:34:57 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4074173974-1843628595-4201501626-1000UA.job [2013/10/30 23:02:50 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/10/30 23:02:50 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/10/30 23:01:53 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/10/30 22:54:19 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job [2013/10/30 22:53:07 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys [2013/10/30 22:24:53 | 000,741,116 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/10/30 22:24:53 | 000,633,778 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/10/30 22:24:53 | 000,111,122 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/10/30 12:43:36 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/10/30 12:43:36 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/10/30 12:14:51 | 000,002,143 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk ========== Files Created - No Company Name ========== [2013/10/30 23:01:53 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/01/16 16:12:22 | 000,213,337 | ---- | C] () -- C:\Users\Schuylar\ENG_1010_SP13Syllabus.pdf [2011/02/11 00:33:17 | 000,497,853 | ---- | C] () -- C:\Users\Schuylar\prom dresses.png ========== ZeroAccess Check ========== [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report >
  4. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16686 Run by Schuylar at 23:55:46 on 2013-11-02 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2032 [GMT -6:00] . AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG10\avgchsva.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Program Files (x86)\AVG\AVG10\avgnsa.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\taskhost.exe C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe C:\Program Files\Realtek\RtVOsd\RtVOsd.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe C:\PROGRA~2\AVG\AVG10\avgrsa.exe C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\svchost.exe -k defragsvc C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoUpdateCheck.exe C:\Windows\SysWOW64\notepad.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned> dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned> mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden uRun: [Facebook Update] "C:\Users\Schuylar\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent dRunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 StartupFolder: C:\Users\Schuylar\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FROSTW~1.LNK - C:\Program Files (x86)\FrostWire 5\FrostWire.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 192.168.1.254 TCP: Interfaces\{DDD659A7-35E2-48EE-A982-A239D42653BA} : DHCPNameServer = 192.168.1.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2011-2-22 26704] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2011-3-16 37456] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-11-12 312160] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-3-1 41552] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2011-4-5 377936] R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-1-17 45856] R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/10/09 03:31:17];C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [2010-2-10 146928] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-10-9 98208] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-1-31 7391072] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520] R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504] R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-7-2 27192] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-10-9 13336] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568] R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-17 315392] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-5-29 2143072] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-9 2320920] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2011-5-27 118864] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2011-2-10 29264] R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE [2013-7-23 240288] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-3 271872] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-5-8 11856] R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE [2013-7-23 193696] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408] S2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [?] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-8-27 167264] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-10-9 225280] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-10-9 333928] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-1 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-3 1255736] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120] . =============== Created Last 30 ================ . 2013-10-31 05:02:20 -------- d-----w- C:\Users\Schuylar\AppData\Roaming\Malwarebytes 2013-10-31 05:01:52 -------- d-----w- C:\ProgramData\Malwarebytes 2013-10-31 05:01:50 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-10-31 05:01:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-31 05:01:17 -------- d-----w- C:\Users\Schuylar\AppData\Local\Programs 2013-10-31 04:32:20 -------- d-----w- C:\Windows\ERUNT 2013-10-31 04:12:11 -------- d-----w- C:\AdwCleaner . ==================== Find3M ==================== . 2013-10-30 18:43:36 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-30 18:43:36 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-09-07 01:54:23 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys 2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll 2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys . ============= FINISH: 23:57:00.95 ===============
  5. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/24/2010 7:40:06 PM System Uptime: 10/30/2013 10:52:42 PM (73 hours ago) . Motherboard: Hewlett-Packard | | 1439 Processor: Intel® Pentium® CPU P6100 @ 2.00GHz | CPU | 919/1066mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 449 GiB total, 380.884 GiB free. D: is FIXED (NTFS) - 16 GiB total, 2.316 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP138: 8/12/2013 10:28:04 PM - Windows Modules Installer RP140: 8/13/2013 5:29:01 PM - Windows Modules Installer RP141: 9/6/2013 7:53:48 PM - Windows Update RP142: 9/17/2013 7:50:38 PM - Windows Update RP143: 9/20/2013 4:40:28 PM - Windows Update RP144: 9/20/2013 5:05:55 PM - Installed iTunes RP145: 9/20/2013 5:45:42 PM - Removed Apple Mobile Device Support RP146: 9/20/2013 5:47:26 PM - Removed iTunes RP147: 9/20/2013 5:50:43 PM - Removed Apple Mobile Device Support RP148: 9/20/2013 6:08:01 PM - Installed iTunes . ==== Installed Programs ====================== . Acrobat.com ActiveCheck component for HP Active Support Library Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader 9.4.1 MUI Adobe Shockwave Player 11.5 Apple Application Support Apple Mobile Device Support Apple Software Update AVG 2011 Bejeweled 2 Deluxe Bing Bar Bing Rewards Client Installer Blackhawk Striker 2 Bonjour Broadcom 802.11 Wireless LAN Adapter Build-a-lot 2 Chuzzle Deluxe CinemaNow Media Manager CyberLink DVD Suite CyberLink MediaShow CyberLink PowerDVD 9 CyberLink YouCam Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Diner Dash 2 Restaurant Rescue Dora's Carnival Adventure Energy Star Digital Logo Escape Rosecliff Island ESU for Microsoft Windows 7 Facebook Video Calling 1.2.0.287 FATE Final Drive Nitro FrostWire 4.21.3 FrostWire 5.3.8 Google Chrome Google Toolbar for Internet Explorer Google Update Helper Heroes of Hellas 2 - Olympia HP Advisor HP Customer Experience Enhancements HP Documentation HP Games HP MediaSmart CinemaNow 2.0 HP Photo Creations HP Power Manager HP Quick Launch HP Setup HP Software Framework HP Support Assistant HP Wireless Assistant HPAsset component for HP Active Support Library Intel® Control Center Intel® Graphics Media Accelerator Driver Intel® Management Engine Components Intel® Rapid Storage Technology iTunes Java Auto Updater Java 6 Update 20 Java 6 Update 20 (64-bit) Jewel Quest 3 Jewel Quest Solitaire 2 Junk Mail filter update LabelPrint LightScribe System Software Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 1.1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft WSE 3.0 Runtime MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Norton Online Backup Penguins! PhotoNow! Plants vs. Zombies Poker Superstars III Polar Bowler Polar Golfer Power2Go PowerDirector QuickBooks Simple Start Edition QuickTime Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Recovery Manager Roxio CinemaNow 2.0 RtVOsd Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft Excel 2010 (KB2760597) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760769) 32-Bit Edition Skype Click to Call Skypeâ„¢ 6.6 Synaptics Pointing Device Driver TotalRecipeSearch TuneUp Utilities 2012 TuneUp Utilities Language Pack (en-US) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update Installer for WildTangent Games App Virtual Families Virtual Villagers - The Secret City Visual Studio 2008 x64 Redistributables Wheel of Fortune 2 WildTangent Games App (HP Games) Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sync Windows Live Upload Tool Windows Live Writer Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 10/30/2013 11:57:19 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user Schuylar-HP\Schuylar SID (S-1-5-21-4074173974-1843628595-4201501626-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 10/30/2013 10:54:01 PM, Error: Service Control Manager [7000] - The vToolbarUpdater15.5.0 service failed to start due to the following error: The system cannot find the file specified. . ==== End Of File ===========================
  6. Results of screen317's Security Check version 0.99.76 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG Anti-Virus Free Edition 2011 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 TuneUp Utilities 2012 TuneUp Utilities Language Pack (en-US) Java 6 Update 20 Java version out of Date! Adobe Reader 9 Adobe Reader out of Date! Google Chrome 29.0.1547.76 Google Chrome 30.0.1599.101 ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe AVG avgtray.exe Symantec Norton Online Backup NOBuAgent.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 7% ````````````````````End of Log``````````````````````
  7. Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.10.30.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16686 Schuylar :: SCHUYLAR-HP [administrator] 10/30/2013 11:03:51 PM mbam-log-2013-10-30 (23-03-51).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 205664 Time elapsed: 12 minute(s), 24 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 5 HKCR\CLSID\{df22384f-cf68-4d19-969f-10423715528b} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF22384F-CF68-4D19-969F-10423715528B} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF22384F-CF68-4D19-969F-10423715528B} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AB56DFDE-0C14-45B3-9DF6-7B0EBA617870} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AB56DFDE-0C14-45B3-9DF6-7B0EBA617870} (PUP.Optional.MindSpark) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\Schuylar\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-5.3.8.windows.exe (PUP.Optional.OpenCandy) -> No action taken. (end)
  8. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.7 (10.15.2013:3) OS: Windows 7 Home Premium x64 Ran by Schuylar on Wed 10/30/2013 at 22:32:25.74 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{03F3147C-CEA6-4AAE-B0AE-8D8ABE7A8080} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2502086B-5A46-4D05-8D5B-A1E77AB8BB32} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{396A4E14-83E7-4941-B0D9-B598E1B97197} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{76F3207C-3A0A-461B-B958-5653C5718243} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{895F3DBD-2484-4A14-A0EA-C3252EBB0FF7} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{8C4B563E-52A1-4A10-B700-F8BF1CD7B726} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{96B8A0EF-0D9D-4A92-B548-376DB4BBB58B} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9E5C950C-93F2-46B4-A47E-8450FFF4D841} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A0154E07-2B48-475C-A82A-80EFD84EA33E} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A4503EC3-1111-4B62-8F46-0D88508F8A7B} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A9C524BF-4044-402A-AA00-8C3B3DA86125} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{AB56DFDE-0C14-45B3-9DF6-7B0EBA617870} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B38FBAED-DED1-4BA6-BA2E-F2515FD49442} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B5EDE79D-B004-47DD-93F9-152B0D145914} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D0690E53-168C-4632-99B2-5700228F760F} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\totalrecipesearch_14 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B9D086B0-40FA-4739-809D-62D49BFDFFDC} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B9D086B0-40FA-4739-809D-62D49BFDFFDC} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB56DFDE-0C14-45B3-9DF6-7B0EBA617870} Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}" ~~~ Files Successfully deleted: [File] C:\Windows\syswow64\shoBD05.tmp Successfully deleted: [File] C:\Windows\syswow64\shoBFB1.tmp Successfully deleted: [File] C:\Windows\syswow64\shoC235.tmp Successfully deleted: [File] C:\Windows\syswow64\shoD3E4.tmp Successfully deleted: [File] C:\Windows\syswow64\shoE639.tmp ~~~ Folders Successfully deleted: [Folder] "C:\Users\Schuylar\appdata\locallow\totalrecipesearch_14" Successfully deleted: [Folder] "C:\Program Files (x86)\totalrecipesearch_14" ~~~ Chrome Successfully deleted: [Folder] C:\Users\Schuylar\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Wed 10/30/2013 at 22:48:55.92 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  9. # AdwCleaner v3.010 - Report created 30/10/2013 at 22:15:33 # Updated 20/10/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Schuylar - SCHUYLAR-HP # Running from : C:\Users\Schuylar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CSTAOXAS\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\AVG Secure Search Folder Deleted : C:\ProgramData\AVG Security Toolbar Folder Deleted : C:\Program Files (x86)\Ask.com Folder Deleted : C:\Program Files (x86)\AVG Secure Search Folder Deleted : C:\Program Files (x86)\TotalRecipeSearch_14EI Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe} Folder Deleted : C:\Users\Schuylar\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\Schuylar\AppData\Local\Temp\AskSearch Folder Deleted : C:\Users\Schuylar\AppData\LocalLow\AskToolbar Folder Deleted : C:\Users\Schuylar\AppData\LocalLow\AVG Secure Search Folder Deleted : C:\Users\Schuylar\AppData\LocalLow\AVG Security Toolbar Folder Deleted : C:\Users\Schuylar\AppData\LocalLow\TotalRecipeSearch_14EI Folder Deleted : C:\Users\Schuylar\AppData\Roaming\iWin Folder Deleted : C:\Users\Schuylar\AppData\Roaming\OpenCandy Folder Deleted : C:\Users\Schuylar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Folder Deleted : C:\Users\Schuylar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof File Deleted : C:\Users\Public\Desktop\eBay.lnk File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1 Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [TotalRecipeSearch_14 Browser Plugin Loader] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B181CF2-878B-4758-8FBD-59D8AC5AB12D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{490A5A0F-1471-47FF-8BB5-719F1F5238AD} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Ask.com Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\AVG Security Toolbar Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\TotalRecipeSearch_14EI Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Key Deleted : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Key Deleted : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16686 -\\ Google Chrome v30.0.1599.101 [ File : C:\Users\Schuylar\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [13142 octets] - [30/10/2013 22:12:29] AdwCleaner[s0].txt - [12876 octets] - [30/10/2013 22:15:33] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [12937 octets] ##########
  10. My computer is really super slow and I would like to make it faster! There is a lot of stuff on here that I don't need also.