Tags:Hewlett-packard Pavilion dv5-1235dx note...
April 19, 2010 at 09:57:55
Specs: Windows Vista, intel pGB
I've been having problem with my search engines on Yahoo. Whenever I click on a search result, it redirects me to "www.", then refreshed to a non-relevant advertising
webpage in which I did not intend to click on. I have tried Windows Live Onecare, AVG anti-virus, and ad-aware and none of which was able to identify the malware and remove it. It seems as if this problem only occurs when I use Yahoo search engine. Please help!!See More:
April 19, 2010 at 19:28:59
Download DDS and save it to your desktop. Disable any script blocker if your Anti-Virus/Anti-Malware has it.Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.Then double click dds.scr to run the tool.When done, the DDS.txt will open.Click Yes at the next prompt for Optional Scan.When done, DDS will open two (2) logs:1. DDS.txt2. Attach.txt (do not zip just copy/paste) Save both reports to your desktop then post them please.You may need to post in segments to get all the info to us as the logs may be to large to fit in one post.Download TDSSKiller to your Desktop from the following link. 1. Extract the contents of TDSSKiller.zip to your Desktop.2. Double click on TDSSKiller.exe to run it.3. If it finds something and asks you what to do, follow the instructions to type in "delete".4. When done, a log file should be created on your C: drive called TDSSKiller.txt(with time+date appended) please post this log in your next reply. Please download Malwarebytes' Anti-Malware from one of these sites: Rename the setup file, mbam-setup.exe,
before you download it. To do that once the "enter name of file to save to" box appears as the download begins in the filename box rename mbam-setup.exe to tool.exe> click save.1. Double Click tool.exe to install the application.2. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.3. If an update is found, it will download and install the latest version.4. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient.5. When the scan is complete, click OK, then Show Results to view the results.6. Make sure that everything found is checked, and click Remove Selected.7. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.8. The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.9. Copy&Paste the entire report in your next reply.
April 19, 2010 at 21:24:23
DDS (Ver_10-03-17.01) - NTFSX64
Run by Garris at 21:14:59.86 on Mon 04/19/2010Internet Explorer: 7.0. BrowserJavaVersion: 1.6.0_18Microsoft(R) Windows Vista(TM) Home Premium
6.0.2.1.6.1520 [GMT -7:00]AV: Windows Live OneCare *On-access scanning enabled* (Updated)
{427ADFC3-B354-4A51-BE34-A9D}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: Windows Live OneCare *enabled* (Updated) {CC7E50BA-BA8C-4DDE-B5AC-EA53BC38D01B}FW: Windows Live OneCare Firewall *enabled*
{A3899D22-27E6-4A7E-AE4E-2C106646DAAB}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Program Files (x86)\AVG\AVG9\avgchsva.exeC:\Program Files (x86)\AVG\AVG9\avgrsa.exeC:\Program Files (x86)\AVG\AVG9\avgcsrva.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exeC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\Hpservice.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\AESTSr64.exeC:\Windows\system32\agr64svc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files (x86)\AVG\AVG9\avgwdsvc.exeC:\Program Files (x86)\AVG\AVG9\avgfws9.exeC:\Program Files (x86)\AVG\AVG9\avgam.exeC:\Program Files (x86)\AVG\AVG9\avgnsa.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Windows\SysWOW64\svchost.exe -k hpdevmgmtC:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exeC:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Windows\system32\lxdncoms.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Program Files (x86)\Microsoft Windows OneCare Live\OcHealthMon.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exeC:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exeC:\Windows\SMINST\BLService.exeC:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Viewpoint\Common\ViewpointService.exeC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\WUDFHost.exeC:\Program Files (x86)\Microsoft Windows OneCare Live\Firewall\msfwsvc.exeC:\Program Files (x86)\Microsoft Windows OneCare Live\winss.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\AVG\AVG9\avgcsrva.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exeC:\Windows\WindowsMobile\wmdc.exeC:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exeC:\Windows\ehome\ehtray.exeC:\Users\Garris\AppData\Local\Google\Update\GoogleUpdate.exeC:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeC:\Program Files (x86)\AIM\aim.exeC:\Program Files (x86)\ooVoo\ooVoo.exeC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exeC:\Windows\System32\vds.exeC:\Windows\system32\igfxsrvc.exeC:\Windows\ehome\ehmsas.exeC:\Program Files (x86)\Lexmark 2600 Series\lxdnMsdMon.exeC:\Windows\system32\svchost.exe -k WindowsMobileC:\Program Files (x86)\HP\QuickPlay\QPService.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exeC:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exeC:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Microsoft Windows OneCare Live\winssnotify.exeC:\Program Files (x86)\AVG\AVG9\avgtray.exeC:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exeC:\Windows\System32\mobsync.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXEC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exeC:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exeC:\Program Files (x86)\Windows Live\Contacts\wlcomm.exeC:\Program Files (x86)\Skype\Plugin Manager\skypePM.exeC:\Program Files (x86)\Microsoft Windows OneCare Live\WinSSNotifyE.exeC:\Windows\splwow64.exeC:\Users\Garris\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Garris\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Garris\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Users\Garris\Desktop\dds.scrC:\Windows\system32\wbem\wmiprvse.exe============== Pseudo HJT Report ===============uStart Page = hxxp://ie./svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnbuDefault_Page_URL = hxxp://ie./svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnbmStart Page = hxxp://ie./svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnbmDefault_Page_URL = hxxp://ie./svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnbuURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-c} - c:\program files (x86)\avg\avg9\toolbar\IEToolbar.dlluURLSearchHooks: H - No FileuURLSearchHooks: H - No FilemURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files (x86)\aim toolbar\aimtb.dllmWinlogon: Userinit=userinit.exeBHO: {F9-4efb-9B51-7695ECA05670} - No FileBHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelper.dllBHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files (x86)\avg\avg9\avgssie.dllBHO: {5C255C8A-E604-49b4-9D64-CECB} - No FileBHO: Windows Live Sign-in Helper: {c02-4abf-8ecc-c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-c} - c:\program files (x86)\avg\avg9\toolbar\IEToolbar.dllBHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files (x86)\aim toolbar\aimtb.dllBHO: Java(tm) Plug-In 2 SSV Helper: {dbc85b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dllBHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_BHO.dllTB: AVG Security Toolbar: {ccc7a320-b3ca--9f516dd69829} - c:\program files (x86)\avg\avg9\toolbar\IEToolbar.dllTB: AIM Toolbar: {61539ecd-cc67-aaccbd14326} - c:\program files (x86)\aim toolbar\aimtb.dlluRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRunuRun: [LightScribe Control Panel] c:\program files (x86)\common files\lightscribe\LightScribeControlPanel.exe -hiddenuRun: [ehTray.exe] c:\windows\ehome\ehTray.exeuRun: [Google Update] "c:\users\garris\appdata\local\google\update\GoogleUpdate.exe" /cuRun: [MsnMsgr] "c:\program files (x86)\windows live\messenger\MsnMsgr.Exe" /backgrounduRun: [Aim] "c:\program files (x86)\aim\aim.exe" /d locale=en-USuRun: [ooVoo.exe] c:\program files (x86)\oovoo\ooVoo.exe /minimizeduRun: [Pando Media Booster] c:\program files (x86)\pando networks\media booster\PMB.exeuRun: [Skype] "c:\program files (x86)\skype\phone\Skype.exe" /nosplash /minimizedmRun: [QPService] "c:\program files (x86)\hp\quickplay\QPService.exe"mRun: [QlbCtrl.exe] "c:\program files (x86)\hewlett-packard\hp quick launch buttons\QlbCtrl.exe" /StartmRun: [hpqSRMon] c:\program files (x86)\hp\digital imaging\bin\hpqSRMon.exemRun: [HP Software Update] c:\program files (x86)\hp\hp software update\HPWuSchd2.exemRun: [hpWirelessAssistant] c:\program files (x86)\hewlett-packard\hp wireless assistant\HPWAMain.exemRun: [HP Health Check Scheduler] c:\program files (x86)\hewlett-packard\hp health check\HPHC_Scheduler.exemRun: [UCam_Menu] "c:\program files (x86)\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"mRun: [OneCareUI] "c:\program files (x86)\microsoft windows onecare live\winssnotify.exe"mRun: [AVG9_TRAY] c:\progra~2\avg\avg9\avgtray.exemRun: [SunJavaUpdateSched] "c:\program files (x86)\java\jre1.6.0_07\bin\jusched.exe"mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 8.0\reader\Reader_sl.exe"StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files (x86)\common files\adobe\calibration\Adobe Gamma Loader.exeStartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exeStartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exemPolicies-explorer: NoActiveDesktop = 1 (0x1)mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: E&xport to Microsoft Excel - c:\progra~2\micros~2\office11\EXCEL.EXE/3000IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htmIE: {CCA281CA-C863-46ef-D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htmIE: {50-4f3c-EE0C6C49} - {48E73304-E1D6-C-F5F514E3486C} - c:\progra~2\micros~2\office12\ONBttnIE.dllIE: {2EAF5BB1-070F-11D3-FAE2D4F} - {2EAF5BB0-070F-11D3-FAE2D4F} - c:\windows\windowsmobile\INetRepl.dllIE: {2EAF5BB2-070F-11D3-FAE2D4F} - {2EAF5BB0-070F-11D3-FAE2D4F} - c:\windows\windowsmobile\INetRepl.dllIE: {CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~2\office12\REFIEBAR.DLLIE: {DDE-48c4-B1AA84522} - {DDE-48c4-B1AA84522} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_BHO.dllDPF: {8AD9C840-044E-11D1-B3E9-} - hxxp:///update/1.6.0/jinstall-1_6_0_18-windows-i586.cabDPF: {CAFEEFAC-05-ABCDEFFEDCBA} - hxxp:///update/1.6.0/jinstall-1_6_0_05-windows-i586.cabDPF: {CAFEEFAC-07-ABCDEFFEDCBA} - hxxp:///update/1.6.0/jinstall-1_6_0_07-windows-i586.cabDPF: {CAFEEFAC-18-ABCDEFFEDCBA} - hxxp:///update/1.6.0/jinstall-1_6_0_18-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp:///update/1.6.0/jinstall-1_6_0_18-windows-i586.cabDPF: {E2F-4FB0-9522-AC9BF37916A7} - hxxp:///NOS/getPlusPlus/1.6/gp.cabHandler: linkscanner - {FF8-47D5-A4D1-FBDDE494F8D1} - c:\program files (x86)\avg\avg9\avgpp.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLLmASetup: {10880D85-AAD9-4558-ABDC-2ABF} - "c:\program files (x86)\common files\lightscribe\LSRunOnce.exe"BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files (x86)\avg\avg9\avgssiea.dllBHO-X64:
IESiteBlocker.NavFilter - No FileTB-X64: {CCC7A320-B3CA--9F516DD69829} - No FileTB-X64: AIM Toolbar: {61539ECD-CC67-4437-A03C-9AACCBD14326} - mRun-x64: [IgfxTray] c:\windows\system32\igfxtray.exemRun-x64: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun-x64: [Persistence] c:\windows\system32\igfxpers.exemRun-x64: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exemRun-x64: [IAAnotif] "c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe"mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hidemRun-x64: [OnScreenDisplay] c:\program files\hewlett-packard\hp quicktouch\HPKBDAPP.exemRun-x64: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exemRun-x64: [lxdnmon.exe] "c:\program files (x86)\lexmark 2600 series\lxdnmon.exe"mRun-x64: [lxdnamon] "c:\program files (x86)\lexmark 2600 series\lxdnamon.exe"mRun-x64: [SysTrayApp] c:\program files\idt\wdm\sttray64.exeIE-X64: {CCA281CA-C863-46ef-D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htmAppInit_DLLs-X64: avgrssta.dll================= FIREFOX ===================FF - ProfilePath - c:\users\garris\appdata\roaming\mozilla\firefox\profiles\xkcp15ex.default\FF - prefs.js: browser.search.defaulturl - hxxp://aim./aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-usFF - prefs.js: keyword.URL - hxxp://us.yhs./avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=FF - prefs.js: network.proxy.http - 208.74.174.142FF - prefs.js: network.proxy.http_port - 3128FF - prefs.js: network.proxy.type - 1FF - component: c:\program files (x86)\avg\avg9\firefox\components\avgssff.dllFF - component: c:\program files (x86)\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dllFF - component: c:\program files (x86)\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dllFF - component: c:\program files (x86)\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dllFF - component: c:\program files (x86)\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dllFF - component: c:\program files (x86)\mozilla firefox\extensions\{ab2ce124--94a9-bd1}\components\SkypeFfComponent.dllFF - plugin: c:\program files (x86)\mozilla firefox\plugins\npbittorrent.dllFF - plugin: c:\program files (x86)\mozilla firefox\plugins\npdnu.dllFF - plugin: c:\program files (x86)\mozilla firefox\plugins\npdnupdater2.dllFF - plugin: c:\program files (x86)\mozilla firefox\plugins\npPandoWebInst.dllFF - plugin: c:\program files (x86)\mozilla firefox\plugins\NPTURNMED.dllFF - plugin: c:\program files (x86)\viewpoint\viewpoint media player\npViewpoint.dllFF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dllFF - plugin: c:\program files\real\realplayer\netscape6\nppl3260.dllFF - plugin: c:\program files\real\realplayer\netscape6\nprjplug.dllFF - plugin: c:\program files\real\realplayer\netscape6\nprpjplug.dllFF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dllFF - plugin: c:\users\garris\appdata\local\google\update\1.2.183.23\npGoogleOneClick8.dllFF - plugin: c:\users\garris\appdata\roaming\move networks\plugins\npqmp.dllFF - plugin: c:\users\garris\appdata\roaming\mozilla\plugins\npgoogletalk.dllFF - plugin: c:\users\garris\program files (x86)\dna\plugins\npbtdna.dllFF - HiddenExtension: Microsoft .NET Framework Assistant: {20a8ed-80e3-b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-07-ABCDEFFEDCBA}FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-18-ABCDEFFEDCBA}---- FIREFOX POLICIES ----FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, falsec:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",
1600);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug",
false);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight",
2);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize",
1);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",
25);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",
5);c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",
false);c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "");c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08--fd}.name", "chrome://browser/locale/browser.properties");c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08--fd}.description", "chrome://browser/locale/browser.properties");c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "");c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);============= SERVICES / DRIVERS ===============R0 AVGIDSErHAVG9IDSErHr;c:\windows\system32\drivers\AVGIDSva.sys [ 27144]R0 AvgRkx64;avgrkx64.c:\windows\system32\drivers\avgrkx64.sys [ 56008]R0 PxHlpa64;PxHlpa64;c:\windows\system32\drivers\PxHlpa64.sys [ 52856]R1 AAVG network filter c:\windows\system32\drivers\avgfwd6a.sys [ 29976]R1 AvgLdx64;AVG AVI Loader Driver x64;c:\windows\system32\drivers\avgldx64.sys [ 269320]R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64;c:\windows\system32\drivers\avgmfx64.sys [ 35464]R1 AvgTdiA;AVG Network Redirector x64;c:\windows\system32\drivers\avgtdia.sys [ 316936]R2 AESTFAndrea ST Filters Sc:\windows\system32\driverstore\filerepository\stwrt64.inf_58be29c0\AESTSr64.exe [ 89600]R2 avg9AVG WatchDc:\program files (x86)\avg\avg9\avgwdsvc.exe [ 308064]R2 avgfws9;AVG Fc:\program files (x86)\avg\avg9\avgfws9.exe [ 2325816]R2Circuit City Firedog Advisor ProcessTriggerDc:\windows\system32\drivers\faproc64.sys [ 6656]R2UniDriver for Firedog Ac:\windows\system32\drivers\faunid64.sys [ 7680]R2HP Sc:\windows\system32\hpservice.exe [ 23040]R2 lxdn_lxdn_c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]R2 OcHealthMWindows Live OneCare Health Mc:\program files (x86)\microsoft windows onecare live\OcHealthMon.exe [ 26120]R2 Recovery Service for WRecovery Service for Wc:\windows\sminst\BLService.exe [ 341328]R2 Viewpoint Manager SViewpoint Manager Sc:\program files (x86)\viewpoint\common\ViewpointService.exe [ 24652]R3 AVGIDSDAVG9IDSDc:\program files (x86)\avg\avg9\identity protection\agent\driver\platform_vista64\AVGIDSDriver.sys [ 132616]R3 AVGIDSFAVG9IDSFc:\program files (x86)\avg\avg9\identity protection\agent\driver\platform_vista64\AVGIDSFilter.sys [ 35848]R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [ 193840]R3ENE CIR Rc:\windows\system32\drivers\enecir.sys [ 60928]R3 IntcHdmiAddSIntel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [ 129536]R3 MpFMicrosoft Malware Protection Dc:\windows\system32\drivers\MpFilter.sys [ 67120]R3 NETw5v64;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit ;c:\windows\system32\drivers\NETw5v64.sys [ 4730368]S2 AVGIDSAAVG9IDSAc:\program files (x86)\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [ 5888008]S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [ 89920]S3 FontCWindows Font Cache Sc:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [ 27648]S3 PerfHPerformance Counter DLL Hc:\windows\syswow64\perfhost.exe [ 19968]S3 USBAAPL64;Apple Mobile USB Dc:\windows\system32\drivers\usbaapl64.sys [ 48640]=============== Created Last 30 ================ 01:09:00 0 d-----w- c:\users\garris\StarCraft II Beta enUS 13891 Installer 00:50:48 65536 --sha-w- c:\users\garris\ntuser.dat{d4d91a5d-4c12-11df-add4-c3}.TM.blf 00:50:48 524288 --sha-w- c:\users\garris\ntuser.dat{d4d91a5d-4c12-11df-add4-c3}.TMContainer.regtrans-ms 00:50:48 524288 --sha-w- c:\users\garris\ntuser.dat{d4d91a5d-4c12-11df-add4-c3}.TMContainer.regtrans-ms 16:17:16 0 dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} 16:16:43 0 d-----w- c:\program files (x86)\Lavasoft 15:26:12 0 d-----w- c:\program files (x86)\UnHackMe 12:26:56 0 d-----w- c:\programdata\DivX 07:42:15 0 d-----w- c:\programdata\Blizzard Entertainment 07:42:15 0 d-----w- c:\program files (x86)\StarCraft II Beta 07:42:15 0 d-----w- c:\program files (x86)\common files\Blizzard Entertainment 07:39:51 0 d-----w- c:\programdata\Blizzard 08:05:59 0 d-----w- c:\programdata\AIM Toolbar 08:05:59 0 d-----w- c:\program files (x86)\AIM Toolbar 08:05:54 0 d-----w- c:\program files (x86)\common files\Software Update Utility 08:37:24 0 d-----w- c:\programdata\Nexon==================== Find3M
==================== 08:11:47 7460 ----a-w- c:\windows\bthservsdp.dat 22:19:09 51200 ----a-w- c:\windows\inf\infpub.dat 22:19:09 143360 ----a-w- c:\windows\inf\infstrng.dat 22:19:04 86016 ----a-w- c:\windows\inf\infstor.dat 16:50:32 86528 ----a-w- c:\windows\system32\ieencode.dll 16:25:21 78336 ----a-w- c:\windows\syswow64\ieencode.dll 16:07:05 1032192 ----a-w- c:\windows\system32\wininet.dll 15:42:17 834048 ----a-w- c:\windows\syswow64\wininet.dll 15:42:08 1176064 ----a-w- c:\windows\syswow64\urlmon.dll 15:40:29 477184 ----a-w- c:\windows\syswow64\mshtmled.dll 15:40:29 3601920 ----a-w- c:\windows\syswow64\mshtml.dll 15:39:49 6080000 ----a-w- c:\windows\syswow64\ieframe.dll 15:39:49 193024 ----a-w- c:\windows\syswow64\iepeers.dll 15:39:49 180736 ----a-w- c:\windows\syswow64\ieui.dll 15:39:47 380928 ----a-w- c:\windows\syswow64\ieapfltr.dll 16:13:22 316936 ----a-w- c:\windows\system32\drivers\avgtdia.sys 16:13:12 12976 ----a-w- c:\windows\system32\avgrssta.dll 16:13:11 35464 ----a-w- c:\windows\system32\drivers\avgmfx64.sys 16:12:41 27144 ----a-w- c:\windows\system32\drivers\AVGIDSva.sys 16:12:26 269320 ----a-w- c:\windows\system32\drivers\avgldx64.sys 16:12:10 56008 ----a-w- c:\windows\system32\drivers\avgrkx64.sys 23:15:56 32768 ----a-w- c:\windows\system32\nshhttp.dll 23:14:20 33792 ----a-w- c:\windows\system32\httpapi.dll 23:06:41 24064 ----a-w- c:\windows\syswow64\nshhttp.dll 23:05:14 30720 ----a-w- c:\windows\syswow64\httpapi.dll 21:30:08 620032 ----a-w- c:\windows\system32\drivers\http.sys 06:53:19 411368 ----a-w- c:\windows\syswow64\deploytk.dll 06:53:19 153376 ----a-w- c:\windows\syswow64\javaws.exe 06:53:19 145184 ----a-w- c:\windows\syswow64\javaw.exe 06:53:19 145184 ----a-w- c:\windows\syswow64\java.exe 12:10:22 538624 ----a-w- c:\windows\system32\secproc_isv.dll 12:10:22 160768 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 12:10:22 160768 ----a-w- c:\windows\system32\secproc_ssp.dll 12:10:03 539136 ----a-w- c:\windows\system32\secproc.dll 12:08:59 460288 ----a-w- c:\windows\system32\msdrm.dll 12:00:35 471552 ----a-w- c:\windows\syswow64\secproc_isv.dll 12:00:35 152576 ----a-w- c:\windows\syswow64\secproc_ssp_isv.dll 12:00:35 152064 ----a-w- c:\windows\syswow64\secproc_ssp.dll 12:00:22 471552 ----a-w- c:\windows\syswow64\secproc.dll 11:58:52 332288 ----a-w- c:\windows\syswow64\msdrm.dll 08:29:35 413696 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 08:29:31 600576 ----a-w- c:\windows\system32\RMActivate_isv.exe 08:29:31 409600 ----a-w- c:\windows\system32\RMActivate_ssp.exe 08:29:28 599552 ----a-w- c:\windows\system32\RMActivate.exe 08:21:20 526336 ----a-w- c:\windows\syswow64\RMActivate_isv.exe 08:21:20 346624 ----a-w- c:\windows\syswow64\RMActivate_ssp_isv.exe 08:21:18 518144 ----a-w- c:\windows\syswow64\RMActivate.exe 08:21:18 347136 ----a-w- c:\windows\syswow64\RMActivate_ssp.exe 09:44:17 2048 ----a-w- c:\windows\system32\tzres.dll 09:26:13 2048 ----a-w- c:\windows\syswow64\tzres.dll 11:19:44 665600 ----a-w- c:\windows\inf\drvindex.dat 03:21:59 174 --sha-w- c:\program files\desktop.ini 03:21:59 174 --sha-w- c:\program files (x86)\desktop.ini 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 05:53:05 8192 --sha-w- c:\windows\users\default\NTUSER.DAT============= FINISH: 21:16:23.60 ===============
April 19, 2010 at 21:24:45
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH ITDDS (Ver_10-03-17.01)Microsoft(R) Windows Vista(TM) Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 7/18/:39 PMSystem Uptime: 4/19/:28 PM (4 hours ago)Motherboard: Quanta |
| 3602Processor: Intel(R) Core(TM)2 Duo CPU
@ 2.00GHz | CPU | mhz==== Disk Partitions =========================C: is FIXED (NTFS) - 222 GiB total, 52.093 GiB free.D: is FIXED (NTFS) - 11 GiB total, 1.858 GiB free.E: is CDROM ()F: is Removable==== Disabled Device Manager Items =============Class GUID: {4d36e972-e325-11ce-bfc1-0}Description: Microsoft 6to4 AdapterDevice ID: ROOT\*6TO4MP\0003Manufacturer: MicrosoftName: Microsoft 6to4 Adapter #2PNP Device ID: ROOT\*6TO4MP\0003Service: tunnelClass GUID: {4d36e972-e325-11ce-bfc1-0}Description: Microsoft 6to4 AdapterDevice ID: ROOT\*6TO4MP\0004Manufacturer: MicrosoftName: Microsoft 6to4 Adapter #3PNP Device ID: ROOT\*6TO4MP\0004Service: tunnelClass GUID: {4d36e972-e325-11ce-bfc1-0}Description: Microsoft ISATAP AdapterDevice ID: ROOT\*ISATAP\0008Manufacturer: MicrosoftName: Microsoft ISATAP Adapter #4PNP Device ID: ROOT\*ISATAP\0008Service: tunnelClass GUID: Description: Bluetooth Peripheral DeviceDevice ID: BTHENUM\{426C--}_LOCALMFG&000F\7&2E015ABA&0&002557A4AD99_CManufacturer: Name: Bluetooth Peripheral DevicePNP Device ID: BTHENUM\{426C--}_LOCALMFG&000F\7&2E015ABA&0&002557A4AD99_CService: Class GUID: Description: Bluetooth Peripheral DeviceDevice ID: BTHENUM\{426C--}_LOCALMFG&000F\7&2E015ABA&0&002557A4AD99_CManufacturer: Name: Bluetooth Peripheral DevicePNP Device ID: BTHENUM\{426C--}_LOCALMFG&000F\7&2E015ABA&0&002557A4AD99_CService: ==== System Restore Points ===================RP686: 4/13/:31 AM - Scheduled CheckpointRP687: 4/14/:33 AM - Scheduled CheckpointRP688: 4/15/:15 AM - Scheduled CheckpointRP689: 4/16/:55 AM - Scheduled CheckpointRP690: 4/17/:28 AM - Windows UpdateRP691: 4/18/:48 AM - Scheduled CheckpointRP692: 4/19/:32 AM - Scheduled CheckpointRP693: 4/19/:29 AM - RegRun Virus ScanRP694: 4/19/:18 AM - RegRun Virus ScanRP695: 4/19/:05 AM - RegRun Virus ScanRP696: 4/19/:08 PM - Restore Operation==== Installed Programs ======================ABBYY FineReader 6.0 SprintAC3Filter (remove only)Activation Assistant for the 2007 Microsoft Office suitesAdobe Flash Player 10 ActiveXAdobe Flash Player 10 PluginAdobe Photoshop 7.0Adobe Reader 8.1.4Adobe Shockwave Player 11.5AIM 7AIM ToolbarAIO_ScanApple Software UpdateAudacity 1.2.6AutoUpdateAVG 9.0BitTorrentBlackBerry Desktop Software 4.7BufferChmC4200c4200_HelpCards_Calendar_OrderGift_DoMorePlugoutCombat ArmsCompatibility Pack for the 2007 Office systemCopyCustomerResearchQFolderCyberLink DVD SuiteCyberLink YouCamDestinationsDeviceManagementQFolderDivX CodecDivX ConverterDivX PlayerDNADocProcDocProcQFolderDownload Updater (AOL LLC)Easy MP3 Cutter 2.9eSupportQFolderfiredog advisorFull Tilt PokerGarenaGoogle ChromeGoogle Talk PluginGTOneCareHewlett-Packard Active Check for Health CheckHewlett-Packard Asset Agent for Health CheckHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)HP Active Support LibraryHP Customer Experience EnhancementsHP Doc ViewerHP Help and SupportHP MULTIPLE MODEM INSTALLER for VISTAHP Photosmart EssentialHP Photosmart Essential 2.5HP Quick Launch Buttons 6.40 D1HP QuickPlay 3.7HP Smart Web PrintingHP Total Care AdvisorHP UpdateHP User Guides 0102HP Wireless AssistantHPPhotoSmartDiscLabel_PaperLabelHPPhotoSmartDiscLabel_PrintOnDiscHPPhotoSmartDiscLabel_TattooHPPhotoSmartDiscLabelContent1hpphotosmartdisclabelpluginHPPhotoSmartPhotobookHolidayPack1HPPhotoSmartPhotobookModernPack1HPPhotoSmartPhotobookPlayfulPack1HPPhotoSmartPhotobookScrapbookPack1HPPhotoSmartPhotobookWebPack1HPProductAssistantHPSSupplyHPTCSSetupIDT AudioImgBurnJava Auto UpdaterJava(TM) 6 Update 18Java(TM) 6 Update 5Java(TM) 6 Update 7Junk Mail filter updateLabelPrintLightScribe System Software
1.12.33.2LimeWire 5.4.6MapleStoryMarketResearchMicrosoft Choice GuardMicrosoft Office 2007 Service Pack 2 (SP2)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Excel MUI (English) 2007Microsoft Office Home and Student 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook ConnectorMicrosoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office PowerPoint Viewer 2007 (English)Microsoft Office Professional 2007Microsoft Office Professional 2007 TrialMicrosoft Office Professional Edition 2003Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft SQL Server 2005 Compact Edition [ENU]Microsoft VC9 runtime librariesMicrosoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.Microsoft Visual C++ 2005 RedistributableMicrosoft Windows OneCare Live v2.5.2900.24 Idcrl InstallMicrosoft WorksMove Media PlayerMozilla Firefox (3.6.2)MSVCRTMSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB941833)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)muvee autoProducer 6.1My HP GamesooVooOpenOffice.org Installer 1.0Pando Media BoosterPower2GoPowerDirectorPS_AIO_ProductContextPS_AIO_SoftwarePS_AIO_Software_minPSSWCOREPX EngineQuickPlay SlingPlayer 0.4.6QuickTimeRealPlayerRealtek 01E 8102E Ethernet DriverRealtek USB 2.0 Card ReaderScanSecurity Update for 2007 Microsoft Office System (KB969559)Security Update for 2007 Microsoft Office System (KB978380)Security Update for Microsoft Office Excel 2007 (KB978382)Security Update for Microsoft Office Outlook 2007 (KB972363)Security Update for Microsoft Office PowerPoint 2007 (KB957789)Security Update for Microsoft Office Publisher 2007 (KB969693)Security Update for Microsoft Office system )Security Update for Microsoft Office system 2007 (KB974234)Security Update for Microsoft Office Visio Viewer 2007 (KB973709)Serif WebPlus 10Serif WebPlus 10 ResourcesSkype ToolbarsSkype(TM) 4.2SlingPlayerSolutionCenterSpelling Dictionaries Support For Adobe Reader 8StatusTBS WMP Plug-inToolboxTrayAppUnloadSupportUpdate for 2007 Microsoft Office System (KB967642)Update for 2007 Microsoft Office System (KB977724)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office InfoPath 2007 (KB976416)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 (KB974631)Update for Microsoft Office Word 2007 Help (KB963665)Update for Outlook 2007 Junk Email Filter (kb979895)Ventrilo ClientVerizon High Speed InternetVideoToolkit01Viewpoint Media PlayerVisual C++ 8.0 Runtime Setup Package (x64)VobSub v2.23 (Remove Only)Warcraft IIIWarcraft III: All ProductsWebRegWindows Live CallWindows Live Communications PlatformWindows Live EssentialsWindows Live MailWindows Live MessengerWindows Live Movie MakerWindows Live OneCareWindows Live Photo GalleryWindows Live Sign-in AssistantWindows Live SyncWindows Live Upload ToolWindows Media Player Firefox PluginWinRAR archiver==== End Of File ===========================
Related Solutions&
April 19, 2010 at 21:26:13
I am not able to run tdsskiller. It says that the program does not support 64-bit OS. I currently run a vista 64-bit.
April 19, 2010 at 21:29:48
Malwarebytes' Anti-Malware 1.45www.malwarebytes.orgDatabase version: 4011Windows 6.0.6002 Service Pack 2Internet Explorer 7.0.4/19/:27 PMmbam-log- (21-29-27).txtScan type: Quick scanObjects scanned: 141747Time elapsed: 6 minute(s), 19 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)
April 20, 2010 at 16:11:47
Go to the following link, download and run Hitman Pro 30 day free trial for 64 bit systems.
April 20, 2010 at 18:58:40
hitman pro shows that i have no infected programs.
April 20, 2010 at 19:42:23
Download Gmer for windows 7 from the following site and see if it will run on your 64 bit system. Copy/paste this link into your browser./win7-gmer/cuavzuut.html
April 20, 2010 at 20:12:40
We need to see the results of the scan.
April 20, 2010 at 20:13:40
We need to see the results of the Gmer scan.Thanks
April 20, 2010 at 21:16:29
GMER 1.0.15.15281 - Rootkit scan
21:15:06Windows 6.0.6002 Service Pack 2Running: gmer.exe---- Registry - GMER 1.0.15 ----Reg
HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\c3
HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\c3@001edc4d055b
0x4E 0x0E 0xF4 0xC5 ...Reg
HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\c3@001fe485a2e6
0x15 0x31 0x77 0xEC ...Reg
HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\c3@001edc4d656f
0x4C 0x21 0x69 0xC5 ...Reg
HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\c3@001cb36f60cf
0xA6 0x54 0xB5 0xA6 ...Reg
HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\c3@001ee15b9dce
0x0B 0xE6 0x13 0xBB ...Reg
HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\c3@001f6b60b789
0xFB 0x3D 0x78 0x13 ...Reg
HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\c3@ad99
0x6A 0x6B 0xB8 0x73 ...Reg
HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\c3 (not active ControlSet)
HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\c3@001edc4d055b
0x4E 0x0E 0xF4 0xC5 ...Reg
HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\c3@001fe485a2e6
0x15 0x31 0x77 0xEC ...Reg
HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\c3@001edc4d656f
0x4C 0x21 0x69 0xC5 ...Reg
HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\c3@001cb36f60cf
0xA6 0x54 0xB5 0xA6 ...Reg
HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\c3@001ee15b9dce
0x0B 0xE6 0x13 0xBB ...Reg
HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\c3@001f6b60b789
0xFB 0x3D 0x78 0x13 ...Reg
HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\c3@ad99
0x6A 0x6B 0xB8 0x73 ...Reg
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F40B95E9-F9F2-F-437DEC95312F}
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F40B95E9-F9F2-F-437DEC95312F}@haejknjngmdhaoao
0x6B 0x61 0x70 0x6E ...---- Files - GMER 1.0.15 ----File
C:\Windows\Temp\6121fcc9-3a8b-4b95-957e-bbb.tmp
0 bytesFile
C:\Windows\Temp\80c6e2fb-da6e-4c4f-9f16-6a77a2dcecb0.tmp
11995 bytesFile
C:\Windows\Temp\5f943aa9-a879-4bf6-8077-f32.tmp
0 bytesFile
C:\Windows\Temp\a827f8cb-f154-4c9e-b8fb-eaf.tmp
0 bytesFile
C:\Windows\Temp\fb014c03-0ba1-40e9-8e32-bb.tmp
0 bytes---- EOF - GMER 1.0.15 ----
April 21, 2010 at 03:40:37
Navigate to and delete the contents of this folder:C:\Windows\TempPlease download OTL from following site:
1. Save it to your desktop2. Double click the OTL icon on your desktop.3. Click the “scan all users” checkbox.4. Push the “run scan” button.5. Two reports will open, copy and paste them in a reply here: OTL.txt &-- Will be opened Extra.txt &-- Will be minimized The following will be a hugh file so you may have to post it in segment to get all the info to us.
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXPlease download OTL from following site:
1. Save it to your desktop2. Double click the OTL icon on your desktop3. Close any open browsers. 4. Double-click on OTL.exe to start the program. Leave all settings as they appear as default, except for the following:Under the Custom Scan box paste this innetsvcs%SYSTEMDRIVE%\*.exe/md5starteventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dlliaStor.sysnvstor.sysatapi.sysIdeChnDr.sysviasraid.sysAGP440.sysvaxscsi.sysnvatabus.sysviamraid.sysnvata.sysnvgts.sysiastorv.sysViPrt.syseNetHook.dllahcix86.sysKR10N.sysnvstor32.sysahcix86s.sys/md5stop%systemroot%\*. /mp /sCREATERESTOREPOINTNow click the Run Scan button on the toolbar. The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes. When the scan is complete Notepad will open with the report file loaded in it. Save that notepad file Post the contents of that Notepad document in your next reply.
April 21, 2010 at 22:46:10
OTL Extras logfile created on: 4/21/:55 PM - Run 1OTL by OldTimer - Version 3.2.2.0
Folder = C:\Users\Garris\Documents\Downloads64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstationInternet Explorer (Version = 7.0.)Locale:
| Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 28.00% Memory free8.00 Gb Paging File | 5.00 Gb Available in Paging File | 60.00% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 221.75 Gb Total Space | 51.43 Gb Free Space | 23.19% Space Free | Partition Type: NTFSDrive D: | 11.13 Gb Total Space | 1.86 Gb Free Space | 16.69% Space Free | Partition Type: NTFSE: Drive not present or media not loadedDrive F: | 240.98 Mb Total Space | 39.70 Mb Free Space | 16.47% Space Free | Partition Type: FATG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: GARRISCurrent User Name: GarrisLogged in as Administrator. Current Boot Mode: NormalScan Mode: All usersInclude 64bit ScansCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\&extension>] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\&extension>].cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21---00\SOFTWARE\Classes\&extension>].html [@ = ChromeHTML] -- C:\Users\Garris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\&key>\shell\[command]\command]batfile [open] -- "%1" %* File not foundcmdfile [open] -- "%1" %* File not foundcomfile [open] -- "%1" %* File not foundexefile [open] -- "%1" %* File not foundhelpfile [open] -- Reg Error: Key error.htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)piffile [open] -- "%1" %* File not foundregfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1" File not foundscrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)scrfile [open] -- "%1" /S File not foundtxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not foundDirectory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\&key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)scrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"cval" = 1"UacDisableNotify" = 0"InternetSettingsDisableNotify" = 0"AutoUpdateDisableNotify" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]"AntiVirusOverride" = 0"AntiSpywareOverride" = 0"FirewallOverride" = 0"VistaSp1" = 9F 9E 16 8C DC 5B C8 01
[binary data]"VistaSp2" = 40 9A 0F C6 5D 4A CA 01
[binary data] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]"oobe_av" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"EnableFirewall" = 0"DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 0"DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]"EnableFirewall" = 0"DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{F44-4B0C-A6A3-BC9D20D35138}" = lport=63331 | protocol=6 | dir=in | name=windows live onecare | "{4C48ACCE-3C8A--3E00F11DC616}" = lport=63331 | protocol=6 | dir=in | name=windows live onecare | "{837D02A4--B7D7-E27E42789CAF}" = lport=2869 | protocol=6 | dir=in | app=system | "{A4043D5F-E514-4EF5-92AA-15D58F464398}" = lport=63331 | protocol=6 | dir=in | name=windows live onecare | "{D70A1CC6-FFAE-4DC2-4559A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{D8B9536E-FAB6-4F23-A03A-D}" = lport=666 | protocol=17 | dir=in | name=dshobro 0.4 |
[color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{0764BAEA-C8B3-495F-BF85-109D688014FC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{082E1DB4-A03D-40E1-893D-D3FE}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{0ED7B48D-34DE-47AD-A96F-47B9EC3A10BB}" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe | "{161509FD-18BF-4FEA-86F9-F9DC6F7991EB}" = dir=in | app=c:\program files (x86)\hp\quickplay\qpservice.exe | "{16EC40A7-9D99--13E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{EB-4F49-A62D-75D827D0B20B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{1AD3E90A-9F34-4C4B-8B9A-C515B081253F}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe | "{1ADF8C07-BFF9-4E39-B1C7-E2C536FF60D3}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe | "{1C9AE-4562-A6AF-C43D}" = dir=in | app=c:\program files (x86)\avg\avg9\avgdiagex.exe | "{233BEA0C-7DA5-B-D}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{249F5E26-A-96A1-01DC4EC46D73}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{-EFB-39FE23CC8D93}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B4A-443F-BE66-271E3C2DAEA4}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\frun.exe | "{2DD5D-4E1E-ADB9-F89D1D4E1A4B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{60-4DB1-87C9-0CF46DEE4F04}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{34B3BD6B-4CF7-FB0B07EFFE}" = protocol=6 | dir=in | app=c:\windows\system32\lxdncoms.exe | "{369AA7E9-899F-4B91-B9D6-E1B9C270C547}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe | "{37ABF643-ED76-4515-BB28-EE2F7809FB27}" = dir=in | app=c:\program files (x86)\avg\avg9\avgupd.exe | "{3EA6-4B01-BE20-FE3}" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe | "{3F00F901-F3C4-F6}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnamon.exe | "{A6-477E-AF8540}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{42FA-43B1-8C6D-803F1ABD4D22}" = dir=in | app=c:\program files (x86)\avg\avg9\avgnsa.exe | "{473CBADA-81AC-4CC9-A0F2-3283EFB0A768}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{4D02F358-26DF-41CA-BCB6-2F673E27FE12}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | "{5028FDBD-4703-40AE-993D-A17F}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe | "{533300FB-0BE1-4EAB-823A-FB4DF537D01E}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{53F51EA7-B193-461A-B519-B4B67A239D0E}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | "{56F8F21-9AAB-3C1B}" = protocol=17 | dir=in | app=c:\nexon\combat arms\nmservice.exe | "{5E58F8D1-4BBE-4A21-B025-779827CDDD7D}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{5FD2E120-38FA-44CC-BE36-EFB}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{626E6FF5-FD59-4301-84BB-38EB8871BDE3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{64A00D49-09A3-4BE7-9F08-6AEAF8690710}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{22-4D0C-83F4-}" = protocol=17 | dir=in | app=c:\windows\system32\lxdncoms.exe | "{68CE88AA-3CC7-4C74-B14C-B9F5B69EC10C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{69FCDE85-B093-4744-AE71-D359CA95E568}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | "{6D7DB448-5A64-46FE-9EA8-7BF2}" = protocol=6 | dir=in | app=c:\program files (x86)\aim6\aim6.exe | "{70C38BEE-48D0-4B9B-F9DB29F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | "{726CC08E--B2D8-DBA16C01ADDC}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdncoms.exe | "{789765BD-0BB5-46DE-AE32-05}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{78E3AE40-2E9F-41E6-906C-036E960FA3BC}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{7AFF2813-DF07-4249-BA70-339AA9126AC8}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{84EF8AE2-F8B2-47CA-A9FD-B50BA2105D01}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{87FC6A70-76A4-47E1-BF31-F27D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{95A09FA6-B23E-40E5-9C7D-795F4BFA0406}" = dir=in | app=c:\program files (x86)\avg\avg9\avgam.exe | "{AF3-454F-BDC2-9A63FCD0BF95}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{9CF8-46DA-9EC2-059A9EAA8B58}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{9E713B9E-BE77-4D3A-B7B0-7A546A500D01}" = protocol=17 | dir=in | app=c:\nexon\combat arms\nmservice.exe | "{A15C8639-BE1A-4747-AB91-DE25D5440A03}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{A2A601C3-5C96-43C9-BE33-C51AC4E84E35}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{A5013286-DB8B-420B-BA27-F8}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe | "{A7C39AD1-0E39-495F-9A5E-320FAB768EC0}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{AC0C2FFB-F824-4EFF-A98F-2C1DEA123A50}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{AC5BEEAD-12A3-4F3F-92F3-D2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{AF1C52B1-DC32-4A3F-BB1C-3D9DA6FF0F89}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{BDF8--212D65D086A1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{B282F940-1A2A-4C3E-9903-A92FCD0AF8CC}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\frun.exe | "{BF0-4DAA-8E3C-333E06C90818}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{BDC02068-DF18-A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{BF49A39F-7C2B-4DE2-AD41-25FDEB287C54}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{BFD9D146-896F-4D67-B3AE-B6E33AA4B799}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{CC8C81BD-472E-4BBD-AD63-}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe | "{CDEE851F-3FE8-4ADA-9D92-991C930E8DDB}" = protocol=17 | dir=in | app=c:\program files (x86)\aim6\aim6.exe | "{CE5DF42C-954A-433D-B89B-A12ED4608AB0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{D283CD51-F326-48B5-BAD8-CAE82B3F3D17}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{DD591DD5--AD80-BFA}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | "{DEA1C-461D-893D-1D807CE233AC}" = protocol=6 | dir=in | app=c:\nexon\combat arms\nmservice.exe | "{DFAC2BBC-29C2-4FE2-A001-81ACA3653412}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnamon.exe | "{E32B44BF-9F33-866ADBD220}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{E757CE05-F5AD-4B2C-A72E-ECF}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdncoms.exe | "{E95D211F-EFBA-4E56-B449-13C1CFBA4500}" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe | "{EAF9D1E0-34E1-4CA1-B71D-BFDFDBBBA35D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{EBF4C4AA-A62F-4B26-BB66-AB5}" = protocol=6 | dir=in | app=c:\nexon\combat arms\nmservice.exe | "{EC713003-CA8B-48C9-9963-DD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{EE1B3FFE-129C-4CD4-C6DCF8}" = dir=in | app=c:\program files (x86)\hp\quickplay\qp.exe | "{F0B472A7--B31F-E6F09AA23A6D}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{F12F84F3-D-B962-DDE}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{F7E0CFF9-268D-4A0F-AF46-EA}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{F9AD8C2D-D335-449A-A469-F6C07B86EA57}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{FD44EB8D-B-BDA5-A}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{FE238A52-BB30-41B6-99E1-34F5F45B265B}" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe | "TCP Query User{05B6D3C8-B5F2-4DC7-801E-E2D6D75C108F}C:\users\garris\desktop\[2955]dshobro04\server.exe" = protocol=6 | dir=in | app=c:\users\garris\desktop\[2955]dshobro04\server.exe | "UDP Query User{A83E81B4-9D8E-F90AC4E9FB}C:\users\garris\desktop\[2955]dshobro04\server.exe" = protocol=17 | dir=in | app=c:\users\garris\desktop\[2955]dshobro04\server.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{03DF-E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6200"{071c9b48-7c32-4621-a0ac-3ff}" = Microsoft Visual C++ 2005 Redistributable (x64)"{0E6C415F-F-88BDCA}" = Apple Mobile Device Support"{1AD2F8FE-A357-4728-BDF8-B92D794CE793}" = HP QuickTouch 1.00 D2"{2F97CE84-9C33-EA371EA254}" = ProtectSmart Hard Drive Protection"{5660022E-F3F2--EB}" = Microsoft Windows Live OneCare Resources v2.5.2900.30"{5AB0C6D3-E546-44C2-8B63-C9044FCC9AC0}" = iTunes"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center"{8641C1CB-03B3-41d4-8DEC-C0E}" = HP Photosmart All-In-One Software 8.0"{A-00000FF1CE}" = Microsoft Office Office 64-bit Components 2007"{A-00000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007"{6-00000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update"{B9-00000FF1CE}" = Microsoft Application Error Reporting"{9F560BEB-021F-43AC-825F-AA}" = 64 Bit HP CIO Components Installer"{B6E-A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0."{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1"{D07A8E7E-D324-4945-BA8C-E532AD008FF3}" = Microsoft Windows OneCare Live v2.5.2900.30"{D6F907C2--B608-42A}" = Microsoft Protection Service"{E26B83D1-C0BB-41BC-8F44-31D5354DD6AF}" = Microsoft Windows OneCare Live AntiSpyware and AntiVirus"Agere Systems Soft Modem" = Agere Systems HDA Modem"HDMI" = Intel(R) Graphics Media Accelerator Driver"HP Imaging Device Functions" = HP Imaging Device Functions 8.0"HP Photosmart Essential" = HP Photosmart Essential 2.5"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0"HPExtendedCapabilities" = HP Customer Participation Program 8.0"HPOCR" = HP OCR Software 8.0"Lexmark 2600 Series" = Lexmark 2600 Series"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1"SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer"{01FB-4431-85ED-079E3EEFE75D}" = CyberLink YouCam"{06E74B9B-631F-4378-BF3A-40D}" = HPPhotoSmartPhotobookHolidayPack1"{-5DD8-4600-BCE5-48BF}" = HP Doc Viewer"{0D2E9DCB-E-B4DD-FF}" = AIO_Scan"{0DC6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0"{12AE-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1"{BB-F-2FAE}" = TBS WMP Plug-in"{15BC8CD0-A65B-47D0-A2DD-90A}" = Microsoft Works"{172AEB5E-CBB2-4CDD-A4CF-}" = HPPhotoSmartPhotobookPlayfulPack1"{1746EA69-DCB6--E75F55439CDF}" = Scan"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg"{18DEAFAACFC}" = AutoUpdate"{1FBF6C24-C1FD-C564F9E8E79}" = CyberLink DVD Suite"{205C6BDD-7B73-42DE-F35A238}" = Windows Live Upload Tool"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT"{254C37AA-6B72--98AE}" = Hewlett-Packard Active Check for Health Check"{26A24AE4-039D-4CA4-87B4-2FFF}" = Java(TM) 6 Update 18"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)"{0-4C96-B754-AB}" = HP Help and Support"{--A77B-00B0D0160050}" = Java(TM) 6 Update 5"{--A77B-00B0D0160070}" = Java(TM) 6 Update 7"{34BFB099-07B2-4E95-A673-A2}" = PSSWCORE"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D1"{35F8-46B7-B8A8-ADA7C2AC5645}" = muvee autoProducer 6.1"{380357CA-29F4-4B3C-B401-32C057E6B59B}" = HP Smart Web Printing"{A91-4469-BA4D-13FFFCC8A920}" = Microsoft Windows OneCare Live v2.5.2900.24 Idcrl Install"{38B345-9A22-53}" = C4200"{3B4E636E-9D65-4D67-BA61-}" = Windows Live Communications Platform"{3CF5C897-579C-4CC2-9D17-14B3E70E417C}" = firedog advisor"{3DB8-45C0-B956-BB}" = Windows Live Movie Maker"{40BF1E83-20EB-11D8-97C5-}" = Power2Go"{45A136EC-88BF-4B95-99F5-C45D3930E1CC}" = HP MULTIPLE MODEM INSTALLER for VISTA"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc"{4A0A-F}" = Java Auto Updater"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout"{50CE21D8-0F44-4f3f-A392-7F9AD3194DEF}" = PS_AIO_Software"{582287DA--BF19-C15E3A466034}" = LightScribe System Software
1.12.33.2"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library"{6412CECE--935B-6CECACD2CA87}" = Windows Live Mail"{F-40FD-A55D-CFC92579B9BA}" = PX Engine"{65DA2EC9--AAE2-B}" = Activation Assistant for the 2007 Microsoft Office suites"}