Hello,

My system is infected with Malwear zbinmoea.exe. I can see it listed multiple times in the Task Manager and I was unable to remove it with my Anti-Virus program or by re-installing & un-installing Google Chrome.




Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 6051 Mb
Graphics Card: Intel(R) HD Graphics Family, -1262 Mb
Hard Drives: C: Total - 698475 MB, Free - 487953 MB; E: Total - 1907626 MB, Free - 324230 MB;
Motherboard: TOSHIBA, POQAA
Antivirus: Norton 360, Updated and Enabled

uninstall Heimdal
then

Delete any existing version of ComboFix you might already have sitting on your desktop or in downloads folder
Do not edit or remove any information or user names etc, otherwise we cannot fix the problem. If you insist on editing out anything then I will close the topic & refuse to offer any help.

Download ComboFix from Hereto your Desktop or your downloads folder.

**Note: It is important that it is saved directly to your desktop or downloads folder and run from either the desktop or the downloads folder and not any other folder on your computer**
--------------------------------------------------------------------
1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

• Very Important! Temporarily disable your anti-virus and anti-malware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results" or stop combofix running at all
• Click on THIS LINK to see instructions on how to temporarily disable many security programs while running combofix. The list does not cover every program. If yours is not listed and you don't know how to disable it, please ask.
• Remember to re enable the protection again after combofix has finished

--------------------------------------------------------------------
2. Close any open browsers and any other programs you might have running
If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?"
Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" for further review


****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.Read HERE why we disable autoruns

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

Please tell us if it has cured the problems or if there are any outstanding issues

*EXTRA NOTES*

• If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
• If Combofix reboot is due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
• If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

Post the log in next reply please...

You're welcome!

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: AMD FX(tm)-9370 Eight-Core Processor, AMD64 Family 21 Model 2 Stepping 0
Processor Count: 8
RAM: 16344 Mb
Graphics Card: AMD Radeon HD 7900 Series, -1024 Mb
Hard Drives: C: Total - 228933 MB, Free - 153242 MB; G: Total - 953866 MB, Free - 398886 MB;
Motherboard: Gigabyte Technology Co., Ltd., 990FXA-UD5
Antivirus: Ad-Aware Antivirus, Disabled

Don't normally have a problem removing these sorts of things myself but this has really got me stumped.

I use Chrome as my default browser, it is infested with inbedded adverts, popups and redirecting.

I have used Hijackthis and removed everything that looked suspicious (can supply a log)

I have removed all extensions within chrome that I didnt chose to install. I have removed all of the search engines except for google. I tried disabling every extension but it had no impact on the adds.

I have used spybot search and destroy 2.4 which finds no problems.

I have Ad-aware antivirus which finds no problems.

Avast-browser-cleanup says there is nothing wrong with my browser

I used adwcleaner_4.105 which doesnt find anything.

I did find some program files called gifter, cheapdeals and similar which have been deleted.

I have gone through the add/remove programs and cannot find anything on there that I cant identify.

Nothing seems to have an impact on it, im struggling because none of the software I have used shows me anything is wrong.

I have somehow gotten an annoying "Topdeal" virus/malware on my computer. I've run SuperAntivirus twice and MalWarebytes once. I quarantined or cleaned the items found. Although the info shows no antivirus on this computer, I do have Windows Defender for what it's worth.
Thanks so much for any help! Hijack This report below...

Peachy

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 2, 32 bit
Processor: Intel(R) Core(TM)2 Duo CPU T5450 @ 1.66GHz, x64 Family 6 Model 15 Stepping 13
Processor Count: 2
RAM: 2037 Mb
Graphics Card: Mobile Intel(R) 965 Express Chipset Family, 448 Mb
Hard Drives: C: Total - 101608 MB, Free - 41570 MB; D: Total - 10239 MB, Free - 5448 MB;
Motherboard: Dell Inc., 0WP007
Antivirus: None
-----------------
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 6:49:02 PM, on 12/14/2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16599)

FIREFOX: 33.1 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\eFax Messenger 4.4\J2GTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Tricia\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [eFax 4.4] "C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe" /R
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - Startup: eFax 4.4.lnk = C:\Program Files\eFax Messenger 4.4\J2GTray.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\Windows\system32\hasplms.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6139 bytes

I did not find any potentially harmful software detected under action center and the previously archived message with the Win32/small.ca notification is gone.

I ran the requested logs while in safe mode:

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 11.0.9600.17496 BrowserJavaVersion: 10.71.2
Run by Andrew Dippel at 19:49:28 on 2014-12-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6058.4423 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Sophos Anti-Virus *Disabled/Updated* {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Sophos Anti-Virus *Disabled/Updated* {D0CA1913-188C-B293-ABD7-B72CB1814094}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
C:\windows\Explorer.EXE
C:\windows\system32\ctfmon.exe
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://camel2.usc.edu/OASIS/Login.aspx
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} -
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Samsung BHO Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Norton Safe Web Lite BHO: {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll
TB: Norton Safe Web Lite: {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll
uRun: [KakaoTalk] "C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe" -bystartup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
StartupFolder: C:\Users\ANDREW~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startu p\Dropbox.lnk - C:\Users\Andrew Dippel\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{EAF1B165-B211-40B2-BB68-593526ED9C4D} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EAF1B165-B211-40B2-BB68-593526ED9C4D}\84B45502F40756E60275966496 : DHCPNameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{EAF1B165-B211-40B2-BB68-593526ED9C4D}\F62716E67656024796765627 : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll, C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [IntelliType Pro] "C:\Program Files\Microsoft Device Center\itype.exe"
x64-Run: [IntelliPoint] "C:\Program Files\Microsoft Device Center\ipoint.exe"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Andrew Dippel\AppData\Roaming\Mozilla\Firefox\Profiles\y0jjdhv5.default\
FF - prefs.js: browser.search.selectedEngine - DuckDuckGo
FF - prefs.js: browser.startup.homepage - hxxps://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=http://mail.google.com/mail/&scc=1&ltmpl=default&ltmplcache=2
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2011-8-11 25960]
R2 SAVService;Sophos Anti-Virus;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [2014-10-14 208168]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2012-1-2 186152]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-2 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-2 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-8-10 425064]
S0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2014-12-13 65776]
S0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2014-12-13 267632]
S0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
S1 aswSnx;aswSnx;C:\windows\System32\drivers\aswsnx.sys [2014-12-13 1050432]
S1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2014-12-13 436624]
S1 ccSet_NST;Norton Safe Web Lite Settings Manager;C:\windows\System32\drivers\NSTx64\0200000.010\ccSetx64.sys [2012-1-15 167048]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2011-8-10 13824]
S1 SAVOnAccess;SAVOnAccess;C:\windows\System32\drivers\savonaccess.sys [2014-5-20 158976]
S2 aswHwid;avast! HardwareID;C:\windows\System32\drivers\aswHwid.sys [2014-12-13 29208]
S2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2014-12-13 83280]
S2 aswStm;aswStm;C:\windows\System32\drivers\aswStm.sys [2014-12-13 116728]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-13 50344]
S2 BackupService;BackupService;C:\Users\Andrew Dippel\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2012-1-2 83512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-6-13 498688]
S2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2014-12-13 127752]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-12-13 1871160]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-12-13 969016]
S2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2013-1-20 125584]
S2 NSL;Norton Safe Web Lite;C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [2012-1-15 138760]
S2 SAVAdminService;Sophos Anti-Virus status reporter;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2014-5-20 288552]
S2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2014-11-28 1363160]
S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2014-11-28 765144]
S2 Sophos AutoUpdate Service;Sophos AutoUpdate Service;C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [2014-10-14 341800]
S2 Sophos Web Control Service;Sophos Web Control Service;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [2014-10-14 341800]
S2 swi_service;Sophos Web Intelligence Service;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2014-10-14 3262248]
S2 swi_update_64;Sophos Web Intelligence Update;C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2012-9-14 2065704]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-8-10 2655768]
S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-6-13 986112]
S3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator;C:\windows\System32\drivers\bpenum.sys [2011-5-18 84480]
S3 bpmp;Intel(R) Centrino(R) WiMAX 6050 Series;C:\windows\System32\drivers\bpmp.sys [2011-5-18 182272]
S3 bpusb;Intel(R) Centrino(R) WiMAX 6050 Series Function Driver;C:\windows\System32\drivers\bpusb.sys [2011-5-18 83968]
S3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2010-11-10 31088]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-12-9 114688]
S3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-8-11 317440]
S3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2012-1-5 25816]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2014-12-13 129752]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\drivers\mwac. sys [2014-12-13 63704]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-4 340240]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
S3 PSI;PSI;C:\windows\System32\drivers\psi_mf_amd64.sys [2014-11-28 18456]
S3 Samsung UPD Service;Samsung UPD Service;C:\windows\System32\SUPDSvc.exe [2011-8-11 166704]
S3 sdcfilter;sdcfilter;C:\windows\System32\drivers\sdcfilter.sys [2014-5-20 38144]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-1-7 1255736]
S3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2010-11-30 42392]
S4 SophosBootDriver;SophosBootDriver;C:\windows\System32\drivers\SophosBootDri ver.sys [2014-5-20 27904]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-12-14 22:21:38 11632448 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{651280D4-6FFF-4BA6-B8FC-8B5B2909ED16}\mpengine.dll
2014-12-14 02:09:40 11632448 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-14 01:48:26 -------- d-----w- C:\Users\Andrew Dippel\AppData\Local\ElevatedDiagnostics
2014-12-14 01:44:57 -------- d-----w- C:\Users\Andrew Dippel\AppData\Roaming\AVAST Software
2014-12-14 00:38:41 -------- d-----w- C:\Users\Andrew Dippel\AppData\Local\Secunia PSI
2014-12-14 00:38:35 -------- d-----w- C:\Program Files (x86)\Secunia
2014-12-14 00:31:26 -------- d-----w- C:\Users\Andrew Dippel\AppData\Local\Google
2014-12-14 00:31:18 83280 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2014-12-14 00:31:18 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2014-12-14 00:31:18 267632 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2014-12-14 00:31:18 116728 ----a-w- C:\windows\System32\drivers\aswStm.sys
2014-12-14 00:31:17 93568 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2014-12-14 00:31:17 29208 ----a-w- C:\windows\System32\drivers\aswHwid.sys
2014-12-14 00:31:17 1050432 ----a-w- C:\windows\System32\drivers\aswsnx.sys
2014-12-14 00:31:00 43152 ----a-w- C:\windows\avastSS.scr
2014-12-14 00:30:05 -------- d-----w- C:\Program Files\AVAST Software
2014-12-14 00:29:45 -------- d-----w- C:\ProgramData\AVAST Software
2014-12-13 23:52:08 -------- d-----w- C:\Program Files\HitmanPro
2014-12-13 23:51:24 -------- d-----w- C:\ProgramData\HitmanPro
2014-12-13 23:28:55 -------- d-sh--w- C:\Users\Andrew Dippel\AppData\Local\EmieBrowserModeList
2014-12-13 09:47:35 129752 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-12-13 09:45:16 93400 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2014-12-13 09:45:16 63704 ----a-w- C:\windows\System32\drivers\mwac.sys
2014-12-13 09:45:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-13 09:44:51 -------- d-----w- C:\Users\Andrew Dippel\AppData\Local\Programs
2014-12-11 00:49:02 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5C6655B8-0081-4F1D-B43A-70E0704DF6B7}\gapaengine.dll
2014-12-10 21:27:48 -------- d-----w- C:\windows\System32\appraiser
2014-12-10 07:52:19 55808 ----a-w- C:\windows\System32\rrinstaller.exe
2014-12-10 07:52:19 24576 ----a-w- C:\windows\System32\mfpmp.exe
2014-12-10 07:52:19 2048 ----a-w- C:\windows\SysWow64\mferror.dll
2014-12-10 07:52:19 2048 ----a-w- C:\windows\System32\mferror.dll
2014-12-10 07:52:18 50176 ----a-w- C:\windows\SysWow64\rrinstaller.exe
2014-12-10 07:52:18 23040 ----a-w- C:\windows\SysWow64\mfpmp.exe
2014-12-10 07:52:18 206848 ----a-w- C:\windows\System32\mfps.dll
2014-12-10 07:52:18 103424 ----a-w- C:\windows\SysWow64\mfps.dll
2014-12-10 07:52:17 3209728 ----a-w- C:\windows\SysWow64\mf.dll
2014-12-10 07:52:15 4121600 ----a-w- C:\windows\System32\mf.dll
2014-12-09 22:56:57 830976 ----a-w- C:\windows\System32\appraiser.dll
2014-12-09 22:54:57 165888 ----a-w- C:\windows\System32\charmap.exe
2014-12-03 06:31:20 227048 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-11-28 12:02:18 18456 ----a-w- C:\windows\System32\drivers\psi_mf_amd64.sys
2014-11-18 23:09:31 728064 ----a-w- C:\windows\System32\kerberos.dll
2014-11-18 23:09:31 241152 ----a-w- C:\windows\System32\pku2u.dll
2014-11-18 23:09:31 186880 ----a-w- C:\windows\SysWow64\pku2u.dll
2014-11-18 23:09:30 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
2014-11-18 19:56:48 1202848 ----a-w- C:\windows\SysWow64\FM20.DLL
.
==================== Find3M ====================
.
2014-12-14 02:53:34 71344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-14 02:53:34 701616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-12-04 02:50:55 413184 ----a-w- C:\windows\System32\generaltel.dll
2014-12-04 02:50:45 741376 ----a-w- C:\windows\System32\invagent.dll
2014-12-04 02:50:40 396800 ----a-w- C:\windows\System32\devinv.dll
2014-12-04 02:50:37 227328 ----a-w- C:\windows\System32\aepdu.dll
2014-12-04 02:50:37 192000 ----a-w- C:\windows\System32\aepic.dll
2014-12-04 02:44:48 1083392 ----a-w- C:\windows\System32\aeinv.dll
2014-12-01 23:28:44 1232040 ----a-w- C:\windows\System32\aitstatic.exe
2014-11-22 03:06:23 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39 66560 ----a-w- C:\windows\System32\iesetup.dll
2014-11-22 02:50:10 580096 ----a-w- C:\windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2014-11-22 02:35:43 144384 ----a-w- C:\windows\System32\ieUnatt.exe
2014-11-22 02:35:29 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43 501248 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2014-11-22 01:55:16 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-11-22 01:54:30 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\windows\SysWow64\wininet.dll
2014-11-21 11:14:08 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2014-11-11 03:09:06 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 01:46:26 119296 ----a-w- C:\windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2014-10-30 11:25:26 275080 ------w- C:\windows\System32\MpSigStub.exe
2014-10-30 01:45:43 155136 ----a-w- C:\windows\SysWow64\charmap.exe
2014-10-25 01:57:59 77824 ----a-w- C:\windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\windows\SysWow64\packager.dll
2014-10-19 02:09:45 98216 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-18 02:05:23 861696 ----a-w- C:\windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\windows\System32\win32k.sys
2014-10-03 02:12:23 310272 ----a-w- C:\windows\System32\WsmWmiPl.dll
2014-10-03 02:12:23 2020352 ----a-w- C:\windows\System32\WsmSvc.dll
2014-10-03 02:12:22 346624 ----a-w- C:\windows\System32\WSManMigrationPlugin.dll
2014-10-03 02:12:22 181248 ----a-w- C:\windows\System32\WsmAuto.dll
2014-10-03 02:12:00 500224 ----a-w- C:\windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\windows\System32\AudioSes.dll
2014-10-03 02:11:49 266240 ----a-w- C:\windows\System32\WSManHTTPConfig.exe
2014-10-03 01:45:03 248832 ----a-w- C:\windows\SysWow64\WSManMigrationPlugin.dll
2014-10-03 01:45:03 214016 ----a-w- C:\windows\SysWow64\WsmWmiPl.dll
2014-10-03 01:45:03 145920 ----a-w- C:\windows\SysWow64\WsmAuto.dll
2014-10-03 01:45:03 1177088 ----a-w- C:\windows\SysWow64\WsmSvc.dll
2014-10-03 01:44:42 442880 ----a-w- C:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\windows\SysWow64\AudioSes.dll
2014-10-03 01:44:25 198656 ----a-w- C:\windows\SysWow64\WSManHTTPConfig.exe
2014-10-02 18:23:20 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx
2014-10-02 18:23:20 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts
2014-09-25 02:08:38 371712 ----a-w- C:\windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\windows\SysWow64\qdvd.dll
2014-09-19 09:42:52 210944 ----a-w- C:\windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\windows\System32\ncrypt.dll
2014-09-19 09:42:41 22016 ----a-w- C:\windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\windows\SysWow64\msv1_0.dll
2014-09-19 09:23:36 17408 ----a-w- C:\windows\SysWow64\credssp.dll
.
============= FINISH: 19:51:35.28 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 1/2/2012 2:55:16 PM
System Uptime: 12/14/2014 7:45:31 PM (0 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | QX311/QX411/QX412/QX511
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz | CPU | 2394/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 231 GiB total, 151.457 GiB free.
D: is FIXED (NTFS) - 345 GiB total, 344.535 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: avast! Revert
Device ID: ROOT\LEGACY_ASWRVRT\0000
Manufacturer:
Name: avast! Revert
PNP Device ID: ROOT\LEGACY_ASWRVRT\0000
Service: aswRvrt
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: avast! VM Monitor
Device ID: ROOT\LEGACY_ASWVMM\0000
Manufacturer:
Name: avast! VM Monitor
PNP Device ID: ROOT\LEGACY_ASWVMM\0000
Service: aswVmm
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP304: 11/22/2014 3:11:26 PM - Windows Update
RP305: 11/26/2014 8:18:14 AM - Windows Update
RP306: 11/29/2014 3:15:59 PM - Windows Update
RP307: 12/2/2014 6:45:04 PM - Windows Update
RP308: 12/5/2014 10:45:19 PM - Windows Update
RP309: 12/9/2014 5:56:18 PM - Windows Update
RP310: 12/10/2014 2:47:55 AM - Windows Update
RP311: 12/13/2014 3:00:17 AM - Windows Update
RP312: 12/14/2014 4:10:37 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
???? ??? Windows Live
???? Windows Live
????? Windows Live
?????? ??????? ?? Windows Live
???????? ?????????? Windows Live
?????????? Windows Live
??????????? ?? Windows Live
Adobe AIR
Adobe Flash Player 16 ActiveX
Adobe Flash Player 16 NPAPI
Adobe Reader XI (11.0.10)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Asmedia ASM104x USB 3.0 Host Controller Driver
Avast Free Antivirus
„Windows Live Essentials“
„Windows Live Mail“
„Windows Live Messenger“
„Windows Live“ fotogalerija
BatteryLifeExtender
Best Buy pc app
Bonjour
Chinese Traditional Fonts Support For Adobe Reader X
CyberLink Media Suite
CyberLink Media+ Player10
CyberLink MediaShow
CyberLink Power2Go
CyberLink PowerDirector
CyberLink YouCam
D3DX10
Dropbox
EAP-GTC-x64
Easy Content Share
Easy Display Manager
Easy Migration
Easy Network Manager
Easy SpeedUp Manager
EasyBatteryManager
EasyFileShare
eSupport UndeletePlus 3.0.3.1025
ETDWare PS/2-X64 10.0.7.2_WHQL
Fast Start
Fotogalerija Windows Live
FrontDoorSoftware 10.04
Galeria de Fotografias do Windows Live
Galeria fotografii uslugi Windows Live
Galerie de photos Windows Live
Galerie foto Windows Live
Galería fotográfica de Windows Live
Google Chrome
Google Update Helper
HitmanPro 3.7
Intel PROSet Wireless
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless WiFi Software
Intel(R) Rapid Storage Technology
Intel(R) Wireless Display
Intel® PROSet/Wireless WiMAX Software
iTunes
Japanese Fonts Support For Adobe Reader X
Java 7 Update 71
Java Auto Updater
Junk Mail filter update
KakaoTalk
Korean Fonts Support For Adobe Reader X
LINE
Malwarebytes Anti-Malware version 2.0.4.1028
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Movie Color Enhancer
Mozilla Firefox 34.0.5 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Norton Safe Web Lite
NVIDIA Display Control Panel
NVIDIA Graphics Driver 266.72
NVIDIA Install Application
NVIDIA Optimus 1.0.15
NVIDIA Update Components
Poczta uslugi Windows Live
Podstawowe programy Windows Live
Pošta Windows Live
QuickTime 7
Raccolta foto di Windows Live
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
S?????? f?t???af??? t?? Windows Live
Samsung AnyWeb Print
Samsung Printer Live Update
Samsung Recovery Solution 5
Samsung Universal Print Driver
Samsung Universal Scan Driver
Samsung Update Plus
Secunia PSI (3.0.0.10004)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition
Skype™ 6.18
Sophos Anti-Virus
Sophos AutoUpdate
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
User Guide
Windows Live
Windows Live ??
Windows Live ?? ???
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotótár
Windows Live Foto-galerija
Windows Live fotoattelu galerija
Windows Live Fotogalerie
Windows Live Fotogalleri
Windows Live Fotogaléria
Windows Live Fotograf Galerisi
Windows Live Galeria de Fotos
Windows Live Galerija fotografija
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Pošta
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennustyökalu
Windows Liven sähköposti
Windows Liven valokuvavalikoima
.
==== Event Viewer Messages From Past Week ========
.
12/14/2014 7:49:09 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
12/14/2014 7:46:38 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
12/14/2014 7:46:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/14/2014 7:46:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/14/2014 7:46:29 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\windows\System32\IWMSSvc.dll Error Code: 21
12/14/2014 7:46:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/14/2014 7:46:12 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswVmm ccSet_NST discache MpFilter SABI SAVOnAccess spldr Wanarpv6
12/14/2014 7:46:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/14/2014 7:46:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service SAVAdminService with arguments "" in order to run the server: {E0577DBF-0123-41F6-BBC7-9E1C94630FD9}
12/14/2014 7:46:09 PM, Error: Service Control Manager [7001] - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/14/2014 7:45:47 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Sophos Web Control Service service to connect.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7001] - The Server SMB 2.xxx Driver service depends on the srvnet service which failed to start because of the following error: The media is write protected.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7001] - The Server SMB 1.xxx Driver service depends on the Server SMB 2.xxx Driver service which failed to start because of the following error: The dependency service or group failed to start.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7001] - The Server service depends on the Server SMB 1.xxx Driver service which failed to start because of the following error: The dependency service or group failed to start.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7001] - The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error: The system cannot find the path specified.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Windows Management Instrumentation service which failed to start because of the following error: The system cannot find the path specified.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7001] - The Intel® PROSet/Wireless WiMAX Red Bend Device Management Service service depends on the Intel® PROSet/Wireless WiMAX Service service which failed to start because of the following error: The system cannot find the path specified.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The system cannot find the path specified.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7000] - The TCP/IP Registry Compatibility service failed to start due to the following error: The media is write protected.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7000] - The srvnet service failed to start due to the following error: The media is write protected.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7000] - The Sophos Web Intelligence Service service failed to start due to the following error: The system cannot find the path specified.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7000] - The Sophos Web Control Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7000] - The Network List Service service failed to start due to the following error: The system cannot find the path specified.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7000] - The Network Connections service failed to start due to the following error: The system cannot find the path specified.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7000] - The Microsoft Network Inspection service failed to start due to the following error: The system cannot find the path specified.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7000] - The MBAMWebAccessControl service failed to start due to the following error: The media is write protected.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7000] - The Intel® PROSet/Wireless WiMAX Service service failed to start due to the following error: The system cannot find the path specified.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7000] - The Distributed Link Tracking Client service failed to start due to the following error: The system cannot find the path specified.
12/14/2014 7:45:07 PM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The system cannot find the path specified.
12/14/2014 7:44:46 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
12/14/2014 4:25:25 PM, Error: SAVOnAccess [85] - File [...ume2\ProgramData\AVAST Software\Avast\journal\journal0999D8F3]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process AvastSvc.exe, (start check timestamp [ 1d017e479b3a793]).
12/14/2014 4:25:25 PM, Error: SAVOnAccess [85] - File [...story\Results\Resource\{8CA8C7F9-F2D9-44C3-A6D0-A36FD16BFEBA}]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process MsMpEng.exe, (start check timestamp [ 1d017e316b64c67]).
12/14/2014 4:25:25 PM, Error: SAVOnAccess [85] - File [...ft\CryptnetUrlCache\MetaData\E48DDEA3BF68DF580551FA0F27950B54]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process System, (start check timestamp [ 1d017e479b52e33]).
12/14/2014 4:25:25 PM, Error: SAVOnAccess [85] - File [...ft\CryptnetUrlCache\MetaData\E48DDEA3BF68DF580551FA0F27950B54]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process System, (start check timestamp [ 1d017e3183b8cfb]).
12/14/2014 4:25:25 PM, Error: SAVOnAccess [85] - File [...a\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\retailer.dll]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process MsMpEng.exe, (start check timestamp [ 1d017e317568415]).
12/14/2014 4:25:25 PM, Error: SAVOnAccess [85] - File [...\Device\HarddiskVolume2\windows\system32\upnp.dll]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1d017e479becb31]).
12/14/2014 4:25:25 PM, Error: SAVOnAccess [85] - File [...\Device\HarddiskVolume2\windows\system32\upnp.dll]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1d017e31d791af7]).
12/14/2014 4:25:25 PM, Error: SAVOnAccess [85] - File [...\Device\HarddiskVolume2\windows\system32\igfxsrvc.exe]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1d017e479b6b4d3]).
12/14/2014 4:25:25 PM, Error: SAVOnAccess [85] - File [...\Device\HarddiskVolume2\windows\system32\igfxsrvc.exe]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1d017e31911539f]).
12/14/2014 4:25:25 PM, Error: SAVOnAccess [85] - File [...\Device\HarddiskVolume2\Windows\Installer\MSIF8B7.tmp]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1d017e479b9c213]).
12/14/2014 4:25:25 PM, Error: SAVOnAccess [84] - "Savservice threads busy" condition cleared - "busy" messages may be logged to system event log again from this point.
12/14/2014 4:25:24 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1d017e3131c8381]) filename continues: "...tup\setup.ini"
12/14/2014 4:25:23 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1d017e312c6c23d]) filename continues: "...e"
12/14/2014 4:25:22 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1d017e3122b1e6e]) filename continues: "...t5.ini"
12/14/2014 4:25:22 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1d017e31212b46c]) filename continues: "...fs\14121401\exts.dll"
12/14/2014 4:25:22 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1d017e3120064ea]) filename continues: "...fs\aswdefs.ini"
12/14/2014 4:25:21 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1d017e311f122a9]) filename continues: "...t5.ini"
12/14/2014 4:25:21 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1d017e311c7efc5]) filename continues: "...i-Virus\Web Control\swc_service.exe"
12/14/2014 4:25:21 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1d017e311c04ea4]) filename continues: "...tup\setup.ini"
12/14/2014 4:16:46 PM, Error: SAVOnAccess [83] - To avoid filling up the system event log, "Savservice threads busy" and similar messages will not be logged until after the service has recovered again
12/14/2014 4:16:46 PM, Error: SAVOnAccess [564] - Communication error between on-access driver and service for access of registry value [plorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count HRZR_PGYFRFFVBA] by process explorer.exe.
12/14/2014 4:16:46 PM, Error: SAVOnAccess [564] - Communication error between on-access driver and service for access of registry value [lorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count R7PS176R110P211O] by process explorer.exe.
12/14/2014 4:16:46 PM, Error: SAVOnAccess [564] - Communication error between on-access driver and service for access of registry value [\REGISTRY\USER\S-1-5-21-3713403787-902763941-3706826174-1001\Software\Microsoft\Windows\Curre ] by process .
12/13/2014 9:50:18 PM, Error: Service Control Manager [7034] - The Secunia PSI Agent service terminated unexpectedly. It has done this 1 time(s).
12/13/2014 9:00:52 PM, Error: Service Control Manager [7022] - The NVIDIA Update Service Daemon service hung on starting.
12/13/2014 8:57:56 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
12/13/2014 8:57:51 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
12/13/2014 8:40:47 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
12/13/2014 8:39:47 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Windows Management Instrumentation service which failed to start because of the following error: A system shutdown is in progress.
12/13/2014 8:39:47 PM, Error: Service Control Manager [7001] - The Intel® PROSet/Wireless WiMAX Red Bend Device Management Service service depends on the Intel® PROSet/Wireless WiMAX Service service which failed to start because of the following error: The pipe has been ended.
12/13/2014 8:39:47 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The pipe has been ended.
12/13/2014 8:39:47 PM, Error: Service Control Manager [7000] - The Server service failed to start due to the following error: A system shutdown is in progress.
12/13/2014 8:39:45 PM, Error: Service Control Manager [7000] - The Intel® PROSet/Wireless WiMAX Service service failed to start due to the following error: The pipe has been ended.
12/13/2014 7:31:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
12/13/2014 7:31:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
12/13/2014 6:38:57 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.189.1965.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.11202.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
12/13/2014 6:38:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
12/13/2014 6:28:28 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ccSet_NST discache MpFilter SABI SAVOnAccess spldr Wanarpv6
12/13/2014 6:28:06 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
12/13/2014 6:16:08 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.189.1965.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.11202.0 Error code: 0x80080005 Error description: Server execution failed
12/13/2014 6:15:38 PM, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147014874
12/13/2014 6:05:17 PM, Error: Service Control Manager [7022] - The Sophos Web Intelligence Update service hung on starting.
12/13/2014 4:32:38 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Sophos Anti-Virus service to connect.
12/13/2014 4:32:38 AM, Error: Service Control Manager [7000] - The Sophos Anti-Virus service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/13/2014 10:47:54 PM, Error: Service Control Manager [7034] - The Secunia PSI Agent service terminated unexpectedly. It has done this 2 time(s).
12/12/2014 7:35:41 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
12/10/2014 8:32:57 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer DONNA-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{EAF1B165-B211-40B2-BB68-593526ED9C4D}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================

My CPU usage is running near 100% most of the time.
I can end each Vrxqznhkb.exe process but either they don't end or others open in their place.
I uninstalled Chrome and this is still running.
I went into safe mode and deleted Vrxqznhkb, but it came back when I got out of safe mode.
I ran Ad Aware, Norton, CCleaner and Malwarebytes and nothing seems to find or solve this.
I googled and can't find a reference to this process.
Not sure if this is a virus, etc or a problem with Chrome. HELP!


The process is located in: C:\Users\JoAnn\AppData\LocalLow\Microsoft\Ktjdordr\dibpbmv\Vrxqznhkb.exe


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 6109 Mb
Graphics Card: Intel(R) G45/G43 Express Chipset, -1265 Mb
Hard Drives: C: Total - 938919 MB, Free - 678865 MB;
Motherboard: Gateway, SX2803
Antivirus: Norton 360, Updated and Enabled






Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 7:24:51 PM, on 12/14/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
FIREFOX: 20.0.1 (en-US)
Boot mode: Normal
Running processes:
C:\Users\JoAnn\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
C:\Windows\SysWOW64\regsvr32.exe
C:\Users\JoAnn\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\JoAnn\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\APPINTEGRATOR.EXE
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.exe
C:\Users\JoAnn\AppData\LocalLow\Microsoft\Ktjdordr\dibpbmv\Vrxqznhkb.exe
C:\Users\JoAnn\AppData\LocalLow\Microsoft\Ktjdordr\dibpbmv\Vrxqznhkb.exe
C:\Users\JoAnn\AppData\LocalLow\Microsoft\Ktjdordr\dibpbmv\Vrxqznhkb.exe
C:\Users\JoAnn\AppData\LocalLow\Microsoft\Ktjdordr\dibpbmv\Vrxqznhkb.exe
C:\Users\JoAnn\AppData\LocalLow\Microsoft\Ktjdordr\dibpbmv\Vrxqznhkb.exe
C:\Users\JoAnn\AppData\LocalLow\Microsoft\Ktjdordr\dibpbmv\Vrxqznhkb.exe
C:\Users\JoAnn\AppData\LocalLow\Microsoft\Ktjdordr\dibpbmv\Vrxqznhkb.exe
C:\Users\JoAnn\AppData\LocalLow\Microsoft\Ktjdordr\dibpbmv\Vrxqznhkb.exe
C:\Users\JoAnn\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {9b138bf3-1d40-4e7e-84bb-2975198ad938} - C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zSrcAs.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Toolbar BHO - {0297a026-3011-46d3-ad62-bb9a7612aea7} - C:\PROGRA~2\COUPON~2\bar\1.bin\5zbar.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Search Assistant BHO - {7d69ed06-0171-4379-9528-08df51092727} - C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zSrcAs.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll
O3 - Toolbar: CouponXplorer - {65c72339-fb1d-4155-84e1-9afacee02d6f} - C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zbar.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CouponXplorer EPM Support] "C:\PROGRA~2\COUPON~2\bar\1.bin\5zmedint.exe" T8EPMSUP.DLL,S
O4 - HKLM\..\Run: [CouponXplorer AppIntegrator 32-bit] C:\PROGRA~2\COUPON~2\bar\1.bin\AppIntegrator.exe
O4 - HKLM\..\Run: [CouponXplorer AppIntegrator 64-bit] C:\PROGRA~2\COUPON~2\bar\1.bin\AppIntegrator64.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [SansaDispatch] C:\Users\JoAnn\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - HKCU\..\Run: [dgifblmwktkn] regsvr32.exe /s "C:\Users\JoAnn\AppData\Local\{7C472CA5-F5F7-4F27-993B-CFE3E5CF392E}\dgifblmwktkn.dll"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1418603497
O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = JoAnn\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Launch Utility Application.lnk = JoAnn\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Belkin USB Wireless Adaptor Utility.lnk = C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Coupon Printer Service (CouponPrinterService) - Coupons.com Inc. - C:\Program Files (x86)\Coupons\CouponPrinterService.exe
O23 - Service: CouponXplorerService (CouponXplorer_5zService) - Mindspark - C:\PROGRA~2\COUPON~2\bar\1.bin\5zbarsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Belkin WLAN service (WLANBelkinService) - Unknown owner - C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12478 bytes

every time i turn on my laptop.... ' %hs is missing'
what should i do....can anybody help me to fix this

I uninstalled some "junk" and disabled my IE add-ons and accelarators but it still freezes. Clt-Alt-Delete does nothing - I have to hit the power button to reset it.

Hello, I am currently running Windows 7 on an HP Compaq. Something happened about two weeks ago and I would really appreciate some assistance please. Windows Media Center took over my PC, I cant do anything without it popping up, ie: downloads,updates, installations, etc. Can anyone please help me?

My HP EliteBook 8440p running WIN7 ULTIMATE got an ADWARE:[SIZE="4"] C:\Program Files\MophSsjaeroscorrhodu\ MophSsjaeroscorrhoduHelper.exe[/SIZE] which is causing a lot of problems and after trying to get rid of it, seems impossible!!! PLEASE help me to get rid of this HEADACHE!!!!
Thanks in advance!!!!! HAPPY HOLIDAYS EVERYONE AT TECHGUYS!!!:)

H all,

I have a HP Pavilion G-series with Windows 7 Home-Premium.

Currently during the week extreme slowness with opening/closing programs and with browser and programs 'not responding'.

Plus the last few days I have been getting a blue screen then this message after windows has recovered and restarted. "Windows has recovered from an unexpected shut down'. Blue screen OS version 6.1.7601.2.1.0.768.3".

I have noticed that Norton has been giving the message that it is trying to be attacked by a trojen virus. This occurs ever so ofen daily.

Any help would be greatly appreciated.

Regards, dano

My kids used my computer for a few weeks and when I got back to using it there were problems. I used Microsoft Security Essentials and Malware Bytes for full scans and found a number of objects which were deleted or quarantined. I am still having residual issues, though the scans come up clean. Slow downs, sudden jerikness in the screen, freezing up. I cannot put my finger on exactly everything wrong, but it is not acting at all like it used to. Thank you.

Current sysinfo..........

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i7 CPU 870 @ 2.93GHz, Intel64 Family 6 Model 30 Stepping 5
Processor Count: 8
RAM: 8183 Mb
Graphics Card: ATI Radeon HD 5700 Series, 1024 Mb
Hard Drives: C: Total - 934310 MB, Free - 764074 MB; D: Total - 117232 MB, Free - 86166 MB; L: Total - 304573 MB, Free - 290898 MB;
Motherboard: Gateway, FX6840
Antivirus: Microsoft Security Essentials, Updated and Enabled

# AdwCleaner v4.105 - Report created 16/12/2014 at 08:54:09
# Updated 08/12/2014 by Xplode
# Database : 2014-12-13.4 [Live]
# Operating System : Windows 7 Home Basic Service Pack 1 (64 bits)
# Username : RAJKUMAR - RAJ
# Running from : C:\Users\RAJKUMAR\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : f7dc94c1
[#] Service Deleted : NethxxpService
[#] Service Deleted : servervo
[#] Service Deleted : ServiceUpdater
[#] Service Deleted : Update HulaToo
Service Deleted : c2cautoupdatesvc
Service Deleted : c2cpnrsvc
[#] Service Deleted : Update PortalMore
[#] Service Deleted : Util PortalMore
Service Deleted : {31a2f244-4a67-4367-b593-df9513aea360}w64
Service Deleted : {3f538614-b636-4023-9ec2-564ada4b07b3}w64
Service Deleted : {42489cbb-2902-475b-96ba-2ac9e47fc378}w64
[#] Service Deleted : {59981518-8b2b-431e-90db-17dacc8cfa86}Gt
Service Deleted : {59981518-8b2b-431e-90db-17dacc8cfa86}Gw64
Service Deleted : {59981518-8b2b-431e-90db-17dacc8cfa86}w64
Service Deleted : {6a184198-5e72-4903-80bb-e80e3a740585}w64
Service Deleted : {c0a0d23a-662e-4f8c-9e81-e5f906e062fe}w64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\374311380
Folder Deleted : C:\ProgramData\apn
[#] Folder Deleted : C:\ProgramData\BitGuard
Folder Deleted : C:\ProgramData\FreshApp installer
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\SkypEmoticons
Folder Deleted : C:\ProgramData\Smooth Browsing
Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\systemk
Folder Deleted : C:\ProgramData\WindowsProtectManger
Folder Deleted : C:\ProgramData\ZombieNews
Folder Deleted : C:\ProgramData\ytd video downloader
Folder Deleted : C:\ProgramData\BrooWseu2savee
Folder Deleted : C:\ProgramData\DIscounntExtensi
Folder Deleted : C:\ProgramData\MinimUmmPrrice
Folder Deleted : C:\ProgramData\RandomPrice
Folder Deleted : C:\ProgramData\YouutUbeeADBLocke
Folder Deleted : C:\ProgramData\279e3e75764f0dcb
Folder Deleted : C:\ProgramData\2854787888016461259
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Deleted : C:\Program Files (x86)\AmiExt
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\BearShare Applications
Folder Deleted : C:\Program Files (x86)\BrowseToSave
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\GoPhoto.it V9.0
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\HulaToo
Folder Deleted : C:\Program Files (x86)\ParetoLogic
Folder Deleted : C:\Program Files (x86)\PennyBee
Folder Deleted : C:\Program Files (x86)\Plus-HD-4.9
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\SkypEmoticons
Folder Deleted : C:\Program Files (x86)\ss supporter
Folder Deleted : C:\Program Files (x86)\wse_astromenda
Folder Deleted : C:\Program Files (x86)\LuckyTab
Folder Deleted : C:\Program Files (x86)\PortalMore
Folder Deleted : C:\Program Files (x86)\BuyNsave
Folder Deleted : C:\Program Files (x86)\Vidplaya
Folder Deleted : C:\Program Files (x86)\DIscounntExtensi
Folder Deleted : C:\Program Files (x86)\RandomPrice
Folder Deleted : C:\Program Files (x86)\YouutUbeeADBLocke
Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\RAJKUMAR\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\RAJKUMAR\AppData\Local\iLivid
Folder Deleted : C:\Users\RAJKUMAR\AppData\Local\Mobogenie
Folder Deleted : C:\Users\RAJKUMAR\AppData\Local\pay-by-ads
Folder Deleted : C:\Users\RAJKUMAR\AppData\Local\torch
Folder Deleted : C:\Users\RAJKUMAR\AppData\Local\ZombieNews
[!] Folder Deleted : C:\Users\RAJKUMAR\AppData\Local\buenosearch
Folder Deleted : C:\Users\RAJKUMAR\AppData\Local\CrashRpt
Folder Deleted : C:\Users\RAJKUMAR\AppData\Local\MaxiGet Download Manager
Folder Deleted : C:\Users\RAJKUMAR\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\RAJKUMAR\AppData\LocalLow\Plus-HD-4.9
Folder Deleted : C:\Users\RAJKUMAR\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\GroovorioUpdater
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\PennyBee
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\SkypEmoticons
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Systweak
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\wse_astromenda
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \Extensions\{73843edf-1075-4a55-947c-e13e0dc9349e}
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \Extensions\faststartff@gmail.com
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \Extensions\sitefinder@sitefinder.com
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \Extensions\sonnypenn@aol.com
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \Extensions\iiy.iyi@gtp-auia.edu
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \Extensions\mrv@fovtY0AX.edu
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \Extensions\pljd@aioe-.edu
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \Extensions\Q@6NB5cemvS.com
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \Extensions\uaia3o@yeaioy-.com
Folder Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \Extensions\zeir-ea@eiooudnpo-.net
Folder Deleted : C:\Users\RAJKUMAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Folder Deleted : C:\Users\RAJKUMAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Folder Deleted : C:\Users\RAJKUMAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Folder Deleted : C:\Users\RAJKUMAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Folder Deleted : C:\Users\RAJKUMAR\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago
Folder Deleted : C:\Users\RAJKUMAR\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\drivers\{31a2f244-4a67-4367-b593-df9513aea360}w64.sys
File Deleted : C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}w64.sys
File Deleted : C:\Windows\System32\drivers\{42489cbb-2902-475b-96ba-2ac9e47fc378}w64.sys
File Deleted : C:\Windows\System32\drivers\{59981518-8b2b-431e-90db-17dacc8cfa86}Gt.sys
File Deleted : C:\Windows\System32\drivers\{59981518-8b2b-431e-90db-17dacc8cfa86}Gw64.sys
File Deleted : C:\Windows\System32\drivers\{59981518-8b2b-431e-90db-17dacc8cfa86}w64.sys
File Deleted : C:\Windows\System32\drivers\{6a184198-5e72-4903-80bb-e80e3a740585}w64.sys
File Deleted : C:\Windows\System32\drivers\{c0a0d23a-662e-4f8c-9e81-e5f906e062fe}w64.sys
File Deleted : C:\Users\RAJKUMAR\daemonprocess.txt
File Deleted : C:\Users\RAJKUMAR\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\RAJKUMAR\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Components\AskSearch.js
File Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \invalidprefs.js
File Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \searchplugins\ask-search.xml
File Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \searchplugins\astromenda.xml
File Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \searchplugins\buenosearch.xml
File Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \searchplugins\default-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
File Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \searchplugins\dsrlte.xml
File Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \searchplugins\Groovorio.xml
File Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \searchplugins\WebSearch.xml
File Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\kuh94hza.default \user.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\omiga-plus.xml
File Deleted : C:\Users\RAJKUMAR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage
File Deleted : C:\Users\RAJKUMAR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage-journal
File Deleted : C:\Users\RAJKUMAR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\RAJKUMAR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.wajam.com_0.localstorage
File Deleted : C:\Users\RAJKUMAR\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.wajam.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : Groovorio Updater
Task Deleted : LaunchSignup
Task Deleted : Plus-HD-4.9-chromeinstaller
Task Deleted : Plus-HD-4.9-codedownloader
Task Deleted : Plus-HD-4.9-enabler
Task Deleted : Plus-HD-4.9-firefoxinstaller
Task Deleted : Plus-HD-4.9-updater
Task Deleted : PriceMeterUpdater
Task Deleted : WSE_Astromenda
Task Deleted : PennyBee
Task Deleted : LuckyTab
Task Deleted : 2e0224de-5a87-4027-be6a-6711b16ce283-1
Task Deleted : 2e0224de-5a87-4027-be6a-6711b16ce283-11
Task Deleted : 2e0224de-5a87-4027-be6a-6711b16ce283-2
Task Deleted : 2e0224de-5a87-4027-be6a-6711b16ce283-4
Task Deleted : 2e0224de-5a87-4027-be6a-6711b16ce283-5
Task Deleted : 2e0224de-5a87-4027-be6a-6711b16ce283-6
Task Deleted : 2e0224de-5a87-4027-be6a-6711b16ce283-7
Task Deleted : 51fd1b0d-fc66-43bd-b4ce-ddb5f6cd02d0-1
Task Deleted : 51fd1b0d-fc66-43bd-b4ce-ddb5f6cd02d0-11
Task Deleted : 51fd1b0d-fc66-43bd-b4ce-ddb5f6cd02d0-2
Task Deleted : 51fd1b0d-fc66-43bd-b4ce-ddb5f6cd02d0-4
Task Deleted : 51fd1b0d-fc66-43bd-b4ce-ddb5f6cd02d0-5
Task Deleted : 51fd1b0d-fc66-43bd-b4ce-ddb5f6cd02d0-6
Task Deleted : 51fd1b0d-fc66-43bd-b4ce-ddb5f6cd02d0-7
Task Deleted : GS_Booster-S-1448266893

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\RAJKUMAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\RAJKUMAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\RAJKUMAR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@flashenhancer.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [livesupport]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Safer-surf]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService s
Key Deleted : HKCU\Software\Classes\keepmysearch
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\.
Key Deleted : HKLM\SOFTWARE\Classes\..9
Key Deleted : HKLM\SOFTWARE\Classes\BuyNsave.BuyNsave
Key Deleted : HKLM\SOFTWARE\Classes\BuyNsave.BuyNsave.9
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update PortalMore
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util PortalMore
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{f7dc94c1}
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0034068.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0034068.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0034068.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0034068.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045918.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045918.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045918.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045918.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{36effa0c-dbf3-4b17-8ed7-7b52fb7a1e2b}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3fa2b77a-d4af-4501-9a63-a0c533eb4cf1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322402268}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422592218}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522132290}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{b4fdb093-34f6-4a49-8133-61b3072261ac}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355405568}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455595518}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366406668}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466596618}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344404468}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444594418}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544134490}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{d0609631-6d6c-4b4f-bd22-2cf74dc40526}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3fa2b77a-d4af-4501-9a63-a0c533eb4cf1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b4fdb093-34f6-4a49-8133-61b3072261ac}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b4fdb093-34f6-4a49-8133-61b3072261ac}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1B084C86-9657-42F9-A5E5-AC8DD832CDE9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{36effa0c-dbf3-4b17-8ed7-7b52fb7a1e2b}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b4fdb093-34f6-4a49-8133-61b3072261ac}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{36effa0c-dbf3-4b17-8ed7-7b52fb7a1e2b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3fa2b77a-d4af-4501-9a63-a0c533eb4cf1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{36effa0c-dbf3-4b17-8ed7-7b52fb7a1e2b}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3fa2b77a-d4af-4501-9a63-a0c533eb4cf1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322402268}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422592218}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522132290}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355405568}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455595518}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366406668}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466596618}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3fa2b77a-d4af-4501-9a63-a0c533eb4cf1}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7BAE9B99-52A9-4C84-86DF-783ED5DE5CB4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{e9ed7727-704d-4feb-a0bf-f8b45597bb49}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Conduit_Search_Protect
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\MyBestOffersToday
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\performersoft llc
Key Deleted : HKCU\Software\PerformerSoft
Key Deleted : HKCU\Software\PriceMeterLiveUpdate
Key Deleted : HKCU\Software\PriceMeterUpdater
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\SearchProtectInt2
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\WSE_Astromenda
Key Deleted : HKCU\Software\MaxiGet
Key Deleted : HKCU\Software\PortalMore
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\HulaToo
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\PortalMore
Key Deleted : HKCU\Software\AppDataLow\Software\AmiExt
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\Plus-HD-4.9
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\PortalMore
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\AmiExt
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\EZ Software Updater
Key Deleted : HKLM\SOFTWARE\Flash-Enhancer
Key Deleted : HKLM\SOFTWARE\FlvPlayer
Key Deleted : HKLM\SOFTWARE\GoforFiles
Key Deleted : HKLM\SOFTWARE\Goobzo
Key Deleted : HKLM\SOFTWARE\Lightspark Team
Key Deleted : HKLM\SOFTWARE\MyBestOffersToday
Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\PerformerSoft
Key Deleted : HKLM\SOFTWARE\Plus-HD-4.9
Key Deleted : HKLM\SOFTWARE\PriceMeterLiveUpdate
Key Deleted : HKLM\SOFTWARE\SP Global
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsProtectManger
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Wpm
Key Deleted : HKLM\SOFTWARE\GS_Booster
Key Deleted : HKLM\SOFTWARE\LuckyTab
Key Deleted : HKLM\SOFTWARE\MaxiGet
Key Deleted : HKLM\SOFTWARE\PortalMore
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Flash-Enhancer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZombieNews
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SSSUPP~1\ASSIST~2.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PriceMeterLiveUpdate.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\default-search.net
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.omiga-plus.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\omiga-plus.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\trovi.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.default-search.net
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.trovi.com

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM4MTIyODExMywidXVpZCI6NTI2MzcyODgxNjMxNzE0LCJzZXFfaWQiOj YsInNzYiI6MTM2NDUzNzkxOH0=");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.FF19Solved", "true");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.FirstTime", "true");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.FirstTimeFF3", "true");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.PG_ENABLE", "dHJ1ZQ==");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.PG_ENABLE.enc", "dHJ1ZQ==");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.PriceSparrowUuid.enc", "Q0NGOUE4OUMtQTFCMy00ODA0LUI1OUYtOTBCRkUzNUM5OERB");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.UserID", "UN23357508801139971");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.addressBarTakeOverEnabledInHidden", "true");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.autoDisableScopes", -1);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.cb_experience_000.enc", "Nw==");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.cb_firstuse0100.enc", "MQ==");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.cb_user_id_000.enc", "Q0IxNjY1MjE5ODgzMjhfMTM2NDYwNzQwODI2OF9GaXJlZm94");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.cbfirsttime.enc", "RnJpIE1hciAyOSAyMDEzIDE4OjM2OjQ4IEdNVC0wNzAwIChQYWNpZmljIERheWxpZ2h0IFRpbW Up");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.defaultSearch", "false");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.embeddedsData", "[{\"appId\":\"130064539389933152\",\"apiPermissions\":{\"crossDomainAjax\":t rue,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":t rue,\"insta[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.enableFix404ByUser", "FALSE");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.enableSearchFromAddressBar", "false");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.firstTimeDialogOpened", "true");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.fixPageNotFoundError", "true");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.fixPageNotFoundErrorByUser", "true");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.fixPageNotFoundErrorInHidden", "true");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.fixUrls", true);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.hxxp___toolbar_utorrent_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAsc2F2ZXJlc2l6ZWRzaXplPTAsdGl0bGViYXI9MCxjbG9zZW9uZXh0ZXJuYW xjbGljaz0xLHNhdmVsb2NhdGlvbj0wLG9wZW5wb3NpdGlvbj1vZmZ[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.installDate", "28/3/2013 23:17:52");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.installType", "xpe");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.installUsage", "2013-03-28T20:47:37.1666983+03:00");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.installUsageEarly", "2013-03-28T20:47:34.5144943+03:00");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.installerVersion", "1.3.6.5");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.isCheckedStartAsHidden", true);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.isFirstTimeToolbarLoading", "false");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.lastVersion", "10.15.0.562");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_appStateReportTime.enc", "MTM4MTIyODExNjgwOA==");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_appState_CouponBuddy.enc", "b24=");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_appState_PriceGong.enc", "b24=");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IkNvdXBvbkJ1ZGR5IiwidXJsIjoiaHR0cDovL3d3dy5zb2NpYWxncm 93dGh0ZWNobm9sb2dpZXMuY29tL2NvdXBvbmJ1ZGR5X3YwMDMvaW5kZXgucGhwP2N0aWQ9RUJUT 09MQkFS[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_calledSetupService.enc", "MQ==");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlU3BhcnJvdyIsImNyaXRlcmlhcyI6W3siY3 JpdGVyaWFJZCI6IjU2MGY2ZDMzLTZiY2YtNGNmMS1iODk5LTVmMjkzMzdiMjdiNiIsImRvbWFpb nM[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_currentVersion.enc", "MS4xMC40LjA=");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_eventsCache.enc", "eyJkNzE0YTZlYS00NWY1LTQ2MjctYWU0ZC00MTJlYzI5MTM1YjEiOnsidG9waWMiOiJzZW5kVX NhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlvbiI6IlZpZXcifSwidW5pc XVlS[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_first_time.enc", "MQ==");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_gadgetOpen.enc", "d2VsY29tZQ==");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_lastLoginTime.enc", "MTM4MTIyODExNzI3NQ==");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZX REZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3Z WIg[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_mamEnabled.enc", "ZmFsc2U=");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_settings1.10.4.0.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMT IwXzAiLCJpc1Rlc3QiOnRydWUsIlVzZXJDb3VudHJ5Q29kZSI6IklOIiwiaXNXZWxjb21lRXhw[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMT c5XzAiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWVuY2VFbmFibGVkQnlEZWZhdWx0I[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_settings1.5.0.3.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMT c5XzIiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWVuY2VFbmFibGVkQnlEZWZhdWx0I[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_userId.enc", "N2ZjNGEzODEtYmI3OC00MWViLWE0ODItMzMwNzM5YmVmZDc3");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_user_approval_interacted.enc", "MQ==");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_welcomeDialogMode.enc", "MQ==");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.migrateAppsAndComponents", true);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"ra\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fportal.bea mtele.com%2F%23\",\"EB_MAIN_FRAME_TITLE\":\"WELCOME%20TO%20BEAM%20FIBER\",\ "EB_T[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.openThankYouPage", "true");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.openUninstallPage", "false");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.price-gong.isManagedApp", "true");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.revertSettingsEnabled", "FALSE");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.search.searchAppId", "130064539389933152");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.search.searchCount", "2");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.searchInNewTabEnabledByUser", "false");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.searchInNewTabEnabledInHidden", "true");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3289075\"}");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_activeDownloadUrl ", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv6.OurToolbar.com//xpi\"}");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_activeToolbarName ", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v6\"}");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_appTrackingFirstTime_lastUpdate" , "1381330330192");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_appsMetadata_lastUpdate", "1381330317933");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_clientErrorLog_lastUpdate", "1364575449122");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_gottenAppsContextMenu_lastUpdate ", "1381330344988");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_installUsage_ToolbarInstallEarly _lastUpdate", "1364537897764");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_installUsage_ToolbarInstall_last Update", "1364537900895");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_location_lastUpdate", "1381330330191");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_login_10.14.370.24_lastUpdate", "1364575440408");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_login_10.15.0.562_lastUpdate", "1381330309342");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_otherAppsContextMenu_lastUpdate" , "1381330345025");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_searchAPI_lastUpdate", "1381330324385");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_serviceMap_lastUpdate", "1381330314448");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_toolbarContextMenu_lastUpdate", "1381330335954");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_toolbarSettings_lastUpdate", "1381330335887");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_translation_lastUpdate", "1381330323823");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.settingsINI", true);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.shouldFirstTimeDialog", "false");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.showToolbarPermission", "false");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.smartbar.CTID", "CT3289075");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.smartbar.Uninstall", "0");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.smartbar.toolbarName", "uTorrentControl_v6 ");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.startPage", "false");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.toolbarBornServerTime", "28-3-2013");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.toolbarCurrentServerTime", "18-4-2013");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.toolbarDisabled", "true");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.toolbarLoginClientTime", "Thu Mar 28 2013 23:18:21 GMT-0700 (Pacific Daylight Time)");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075.url_history0001.enc", "aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL3Bob3RvLnBocD9mYmlkPTM4NjY1MTE3ODA4MDIyOS ZzZXQ9by4xNTM2MTkzMzEzODAzOTkmdHlwZT0xJnRoZWF0ZXIjOjo6Y2xpY2toYW5kbGVyOjo6M TM2NjI5[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("CT3289075_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1388773213774,\"isWithState\":\"\",\"timeFromStart\":0,\ "timeFromPrev\":0}]");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.search.check", false);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.allsearches.info/?pid=1387&r=2014/10/12&hid=13593517456017940010&lg=EN&cc=IN&unqvl=64&l=1&q=");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "WebSearch");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Groovorio");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://groovorio.com/?f=1&a=grv_tuto7_14_31&cd=2XzuyEtN2Y1L1QzutDtDtByEtC0D0B0CtBzzyCtCyD0CyCyDt N0D0Tzu0StCtDyBzztN1L2XzutAtFyCtFtCtDtFtCtN1L1Czu1N1C2X1V2Z2Y2Z1F[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.C5FnzzCqj.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumoro[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.MIQnRhojKt1.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumo[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.PCAqNHGFkMRCmFLV.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be0 44786bd1d3ddcom34068.34068.internaldb.Resources_meta.value", "%7B%22zoom.js%22%3A%7B%22id%22%3A820971%2C%22ver%22%3A39%2C%22s[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be0 44786bd1d3ddcom34068.34068.internaldb.monetization_plugin_bundledUrls.value ", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.a3c8f3083413b4aa6ad29fb93d8982e80gmailcom63167.63167. internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22d eal[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec98624 5fac2592d0dfcom51390.51390.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.c[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec98624 5fac2592d0dfcom51390.51390.internaldb.monetization_plugin_bundledUrls.value ", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2 fbce5de8e9a4com45918.45918.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.c[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2 fbce5de8e9a4com45918.45918.internaldb.monetization_plugin_bundledUrls.value ", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.adeacruzemilianooutlookcom61870.61870.internaldb.mone tization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealp ly_p%22%3A%7B%[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.ae4aa8e99717643d99f3f3c3302d236b6gmailcom61794.61794. internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22d eal[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.asonnypennaolcom62180.62180.internaldb.__ICM_LITE__bl acklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%2 2%2C%22anthropologie.com%22[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.asonnypennaolcom62180.62180.internaldb.__ICM_LITE__fi fty_test_rules.value", "%7B%22BR%22%3A%7B%22ALL%22%3A%5B%22tam.com.br%22%2C%22gol.com.br%22%2C%22w almart.com.br%22%2C%22ricar[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.asonnypennaolcom62180.62180.internaldb.monetization_p lugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealp ly_p%22%3A%7B%22urls%22%[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.monetizatio n_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealp ly_p%22%3A%7B%22urls%[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.admin", false);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.aflt", "babsst");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.autoRvrt", "false");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.bbDpng", "23");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.cntry", "IN");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.dfltLng", "en");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.excTlbr", false);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.ffxUnstlRst", true);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.hdrMd5", "7B7034D46568AA3A501FD05C143A983B");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.id", "c0735c6500000000000000241dbc2861");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.instlDay", "16161");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.instlRef", "sst");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.lastB", "hxxp://www.default-search.net?sid=476&aid=128&itype=n&ver=11471&tm=304&src=hmp");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.lastVrsnTs", "1.8.28.721:25:56");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.newTab", false);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.prdct", "buenosearch");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.prtnrId", "buenosearch");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.rvrt", "false");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.sg", "tzb");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.smplGrp", "tzb");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.tb_url", "hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=TB_ss&mntrId=C07300241DBC2861&affID=128492&tt=30031 4_16&tsp=5204");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.tlbrId", "base");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.tlbrSrchUrl", "hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=TB_ss&mntrId=C07300241DBC2861&affID=128492&tt=30031 4_16&tsp=5204");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.vrsnTs", "1.8.28.721:25:56");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.vrsni", "1.8.28.7");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "146c51d0a45687ef63676fdee20915de");
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.ffxtlbr@buenosearch.com.install-event-fired", true);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.sPE5PO0LBwVQiAQZ.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\[...]
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar_ORJ-V7C@apn.ask.com.install-event-fired", true);
[kuh94hza.default\prefs.js] - Line Deleted : user_pref("extensions.veqiLEh7N.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"su[...]

-\\ Google Chrome v39.0.2171.71


-\\ Comodo Dragon v


-\\ Opera v25.0.1614.68

[C:\Users\RAJKUMAR\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : aaipilfmheplbcghignccoiiebekkdhe
[C:\Users\RAJKUMAR\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : elchiiiejkobdbblfejjkbphbddgmljf
[C:\Users\RAJKUMAR\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ffhfoagmjcnkolneahbpagjcjjaeofbg
[C:\Users\RAJKUMAR\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : hjghiofiijcepdnocbgefbdlbckjfheg
[C:\Users\RAJKUMAR\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : iklgpchfbohgmghgfagediakopecfmbm
[C:\Users\RAJKUMAR\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : kfgaibfbmkjgmimhbbaikfnpkkjkpoan
[C:\Users\RAJKUMAR\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : lmnbobhffedhdhfpcjkjphcfpeeiocdn
[C:\Users\RAJKUMAR\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : hoidflomjnnnbiemmkjdjkkialmhbago
[C:\Users\RAJKUMAR\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ekpibplnnkfdcafdpoekhoffegcajene

*************************

AdwCleaner[R0].txt - [63123 octets] - [16/12/2014 08:46:34]
AdwCleaner[S0].txt - [58777 octets] - [16/12/2014 08:54:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [58838 octets] ##########

ADWCleaner Log

# AdwCleaner v4.105 - Report created 15/12/2014 at 23:46:56
# Updated 08/12/2014 by Xplode
# Database : 2014-12-13.4 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Desktop\AdwCleaner (2).exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v


-\\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R0].txt - [1140 octets] - [08/05/2014 00:47:48]
AdwCleaner[R10].txt - [697 octets] - [15/12/2014 23:46:56]
AdwCleaner[R1].txt - [1012 octets] - [22/05/2014 23:47:41]
AdwCleaner[R2].txt - [2631 octets] - [01/06/2014 22:02:54]
AdwCleaner[R3].txt - [1858 octets] - [20/09/2014 00:08:22]
AdwCleaner[R4].txt - [1804 octets] - [23/09/2014 21:44:10]
AdwCleaner[R5].txt - [1874 octets] - [08/11/2014 14:51:58]
AdwCleaner[R6].txt - [2784 octets] - [14/12/2014 17:29:57]
AdwCleaner[R7].txt - [3968 octets] - [15/12/2014 22:46:40]
AdwCleaner[R8].txt - [1737 octets] - [15/12/2014 23:17:46]
AdwCleaner[R9].txt - [1857 octets] - [15/12/2014 23:43:03]
AdwCleaner[S0].txt - [1170 octets] - [08/05/2014 00:48:32]
AdwCleaner[S1].txt - [1073 octets] - [22/05/2014 23:49:30]
AdwCleaner[S2].txt - [2609 octets] - [01/06/2014 22:03:50]
AdwCleaner[S3].txt - [1931 octets] - [20/09/2014 00:09:24]
AdwCleaner[S4].txt - [1873 octets] - [23/09/2014 21:45:35]
AdwCleaner[S5].txt - [1823 octets] - [08/11/2014 14:53:53]
AdwCleaner[S6].txt - [2833 octets] - [14/12/2014 17:31:41]
AdwCleaner[S7].txt - [3625 octets] - [15/12/2014 22:49:11]
AdwCleaner[S8].txt - [1798 octets] - [15/12/2014 23:20:13]

########## EOF - C:\AdwCleaner\AdwCleaner[R10].txt - [1837 octets] ##########

closing duplicate, you are getting assistance at http://forums.techguy.org/windows-7/...says-your.html

thanks,

v

Extras.TXT


OTL Extras logfile created on: 12/16/2014 6:35:54 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mine-K\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.93 Gb Total Physical Memory | 1.70 Gb Available Physical Memory | 58.09% Memory free
5.86 Gb Paging File | 3.27 Gb Available in Paging File | 55.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.49 Gb Total Space | 124.21 Gb Free Space | 43.82% Space Free | Partition Type: NTFS
Drive D: | 14.31 Gb Total Space | 2.35 Gb Free Space | 16.44% Space Free | Partition Type: NTFS
Drive E: | 99.34 Mb Total Space | 95.40 Mb Free Space | 96.04% Space Free | Partition Type: FAT32
Drive F: | 223.21 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: MINE-K-PC | User Name: Mine-K | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]
"{01D9553E-ED99-4FA6-A603-1967AF73A001}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{02B58D78-E79D-4533-819C-3961D5CB3E7A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0E92D0F0-222A-4CB6-9B33-42AE951FAFBE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1CDF49DC-711A-457B-B1AB-27D399C31765}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{27EB9CEC-1EFB-4BC6-A898-E8FC3F28CD61}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3330BB13-71FE-48C2-95C2-FCAD310A4B02}" = rport=138 | protocol=17 | dir=out | app=system |
"{5704466D-BA16-4003-A807-0E796317EE77}" = lport=445 | protocol=6 | dir=in | app=system |
"{5DFB0BFB-7DF5-4309-9D0D-7FB3917C751F}" = lport=139 | protocol=6 | dir=in | app=system |
"{6E34B9A7-CE37-47A9-8664-510D65218916}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{7DE7AE7A-C21B-4CAA-9DA5-CB596291C56A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7E2D5709-76D1-46BD-8371-7899F6D62378}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8AEB442D-4107-49B9-8E16-E6512C6BE0AE}" = rport=139 | protocol=6 | dir=out | app=system |
"{9863690A-6930-4B72-97C3-F197F06C3C5F}" = lport=137 | protocol=17 | dir=in | app=system |
"{9B232CC6-986E-4B2B-BBB7-D7AA909E055D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD834D6A-A080-4B9C-BB9F-005DC1154E3E}" = lport=138 | protocol=17 | dir=in | app=system |
"{AEE222D1-5287-48D2-BF5B-C03ECCE1492C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B2F278E0-F9F1-48B6-9367-0DE036EE924A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C03BB2EA-2E95-49F0-9FF1-A6FE5669B99A}" = rport=445 | protocol=6 | dir=out | app=system |
"{C07201D8-1B88-433C-BA39-0757B0B7054E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C17297E3-854D-4BDC-8FCF-C3A09890ABC3}" = rport=137 | protocol=17 | dir=out | app=system |
"{C20CD11F-ADD7-4732-B3A0-0E5A5586F516}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C7B3AB01-66F2-4F6C-9288-583467188E74}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D378C1DB-B67A-4782-9466-A0FF927591E4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{EA3CF5CB-B5C0-46F3-9631-6CEBAB23A227}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EDB21352-FFFF-4F78-AEDF-858258AC4FAB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F5A97731-E61C-43FD-B731-FCF893FDAAB4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]
"{09DB8371-70CE-45C5-84F8-CC0CC0324C12}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{0EBC28A6-D32F-460E-8178-51E0D70B52FE}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe |
"{0F41119F-F6BD-465A-B7EE-29FB4A75D92A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"{1524D928-CFEE-4129-BC2A-5777396C5BD8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{1DAA015D-10B4-489E-94C0-E92D7557390C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{20B09328-3297-4959-97B2-9B8592D4D772}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2133B1AA-EE19-4EC0-9366-B3E2DAD8F1A1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{255255E3-3938-4122-8AFE-E1C7226E4754}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{273EE1CD-7D91-49A6-86ED-E0200A6A3302}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{283FC7B5-8E4F-4AD5-8B91-16E75DB72EDF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{28B112DA-FC00-490A-AC0D-3E7A270288A3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{2D3AFAEC-803A-4EF8-8C88-A62FA23DEC71}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{2EFDE348-DAB1-4C3F-A647-310815E58D0F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{391CACD6-D3A1-44D2-A54D-065806ADD2B1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{39A5522A-1C20-49B3-A335-1A7512DF5E71}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3CF57059-A126-45DF-AFF1-6749536CFCE0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{3D6A2AB2-A075-4460-AC18-56F04FFB0149}" = protocol=6 | dir=out | app=system |
"{3FE3DF28-9B84-4DAD-B671-18C25E05553C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{4741533D-0C8B-4DE2-A773-F8CEE65F94B1}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{47F422D4-8271-4BC9-9DAF-FAAAB6346FFD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{49EB7BFF-1C92-4EBC-83F7-06F944213529}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{4D931045-B35E-4A9A-B88A-0201B9D52B6D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{51C435D0-0486-4B24-B61A-A48A4BE88C19}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{54561EF8-7F60-447F-B3A8-63D0BD03E663}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{55E34D90-79C5-4336-8CE9-E5EEB72F1FA4}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{59F8A14B-F232-4600-BE1E-AA9EBE24A3E1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5BDCBEA4-B2ED-4046-9CAD-007A2D8CBC6F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{5C77B992-1674-426E-969F-8B2947A34F2C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{6737275D-C8B7-4952-B0CB-9094CAEFC0F0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{688D7A0E-47C9-4631-80A6-AEBD85222213}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{6AB992D5-622C-44DF-8B94-E078FAEA7FE5}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{7EEEBFFA-0962-4354-BC4A-294119FBA00C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7FA267AF-E454-4D6F-9F17-8E82627EEEAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{802F47B3-1BE0-457E-A04B-903287EBFDAE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{82F9679A-EF3F-4717-8EB7-5CB966094C10}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{834320E6-162B-4A08-ACDB-7302C6B1B7BD}" = protocol=17 | dir=in | app=c:\users\mine-k\appdata\roaming\utorrent\utorrent.exe |
"{83FE4F7A-7AC2-4625-B47D-F1198E622C73}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{8432CE4D-26B9-4E32-86FD-CC923AC750D4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8538977D-BDB7-4B86-8E02-4D5551772035}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{85EFCA76-C5EF-4AF7-8C13-8445ECFE6009}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{87A624A3-55B8-42FC-8B91-FB34ECF0E734}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{8A417899-C0F5-45ED-AAB4-1372E0217032}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{8ACE0951-F158-4722-9FDF-CD9109F11A94}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{962C6B19-1642-4E8E-936F-1F392A04A699}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9E3FA489-6CFA-4565-A5A4-211031459725}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{A01032B9-FC80-4C06-8FF1-4061FC5BD01E}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{A08754E5-6087-4BB7-8B5C-58EBBEDCC52A}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{A19AEEF7-7FB6-4298-B399-DE7E61B7668E}" = protocol=6 | dir=in | app=c:\users\mine-k\appdata\roaming\utorrent\utorrent.exe |
"{A3F6369C-7973-42EB-990B-C0C571FB952E}" = protocol=17 | dir=in | app=c:\program files (x86)\ipcamsetup\ipcamera.exe |
"{A7374C2D-61AA-42C3-83BD-215B5283509D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AAA0C03C-6216-495C-889A-BD200CAE1923}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{AE982B54-4E88-402D-9B79-CFD0C9EA3EF3}" = dir=in | app=c:\program files (x86)\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{B0391C39-5CE2-4D2F-AF3F-D5ACB5D504A5}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{B88421ED-7671-4B0A-B9CC-C1CFAA39D1C6}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{B93A045B-9455-4B65-8B48-048E34BEEB6C}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{BDCC35B7-9A46-48CF-AD96-DEC14F643BEA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{C0F7CB15-6ABF-422D-A5BF-2036DD36EC06}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{C11D89A8-5B1F-4C46-90EB-0F98E1A4CCC1}" = protocol=6 | dir=in | app=c:\program files (x86)\ipcamsetup\ipcamera.exe |
"{C1C66A5D-88E4-4784-8951-1335AD2AFC80}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D2AE7019-B57B-4228-8D53-EB497B81AA85}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{D467979E-554F-474A-89DA-898DEF6E5648}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D4E32AAB-6D25-48D9-9DCD-59FE1E36B47E}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{DA72E4DA-5253-42DE-B047-2AC5B2533C89}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DDE6B241-2B0B-4506-A872-C5A88D7E4B3D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{E246E368-5AF1-4FD1-930F-756AF05A5178}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"{E5C1B5CF-885B-41D4-8964-2AEA7FF7B33E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F0103C98-6161-4391-B627-50458CE8D1BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FBA59004-46BE-47FC-BDC4-72263F2AAFA7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd8\powerdvd8.exe |
"TCP Query User{28ACE572-A8A6-4256-A86A-770AE79066CD}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{D6158F35-FBC6-4195-97C9-7EFA54F0563A}C:\program files (x86)\ipcamsetup\ipcamera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ipcamsetup\ipcamera.exe |
"TCP Query User{E49FD98B-94FA-4AC5-AD96-D00E0734A7C1}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{F87BC737-59F9-4E6B-855F-B027971CBF04}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{2E6F5712-11BB-4515-ADEE-1075956D83C2}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{AB18037D-9FD3-4D77-BEEB-7BD917E65AB8}C:\program files (x86)\ipcamsetup\ipcamera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ipcamsetup\ipcamera.exe |
"UDP Query User{B239A47A-1097-4A11-A34A-7971AEF5E575}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{D5934313-4429-41EA-8E02-413D2C8BE984}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.2 (r693)
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{4071D9CC-F259-4243-85CD-60DEE1D1260C}" = AVG 2015
"{41357956-5B67-489C-9F7D-FABACC2CD3CB}" = AVG 2015
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F560BEB-021F-43AC-825F-AA60442D8DE4}" = 64 Bit HP CIO Components Installer
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{DC7333D1-596A-404D-876D-446E6D27BA20}" = AVG 2011
"{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}" = RtVOsd
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"AVG" = AVG 2015
"GIMP-2_is1" = GIMP 2.8.10
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47D7C9B8-BD44-4D2E-9040-E946477B2F9A}" = Microsoft Live Search Toolbar
"{49A143E9-4A6A-43E7-86B1-388194C79248}" = HP Smart Web Printing
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{653A0F15-C146-46E8-8309-92A97ACEBEF6}" = NWZ-E360 WALKMAN Guide
"{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}" = Digital Voice Editor 3
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}" = Rosetta Stone Version 3
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8A0C34E5-01A6-476B-87F3-321ABAA3948D}" = LeapFrog Connect
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{901F0D4C-009D-1112-8DE4-03599E7B0C5C}" = REALTEK Wireless LAN Software
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97174E88-52F9-445A-A28E-704A45332D19}" = HP Software Framework
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-FFFF-7760-000000000006}" = Adobe Acrobat XI Pro
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BC146E5F-A2B0-40DB-90E7-2833807E98DF}" = HP User Guides 0183
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C2CE3FDB-F51D-427D-AC35-C6E6A8BC7410}" = LeapFrog Tag Plugin
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1" = VSO ConvertXToDVD
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D43E122B-C053-4545-999A-2219BF8F6422}" = Avery Wizard 5.0
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.2.336
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DE626616-D7C4-4F00-7E0B-EAF26FA65749}" = muvee Reveal
"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E15BC10F-04AA-0AFD-A6C9-476730195F8B}" = Adobe Download Assistant
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DAEMON Tools Lite" = DAEMON Tools Lite
"DVDFab 8 Qt_is1" = DVDFab 8.2.2.6 (25/12/2012) Qt
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HP Smart Web Printing" = HP Smart Web Printing
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Media Player - Codec Pack" = Media Player Codec Pack 3.9.8
"Mozilla Firefox 34.0.5 (x86 en-US)" = Mozilla Firefox 34.0.5 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"My HP Game Console" = HP Game Console
"TagPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
"UPCShell" = LeapFrog Connect
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WT082122" = Blackhawk Striker 2
"WT082124" = Blasterball 3
"WT082133" = Dora's Carnival Adventure
"WT082141" = FATE
"WT082168" = Penguins!
"WT082170" = Plants vs. Zombies
"WT082171" = Poker Superstars III
"WT082172" = Polar Bowler
"WT082173" = Polar Golfer
"WT082188" = Virtual Families
"WT082189" = Wheel of Fortune 2
"WT082192" = Bejeweled 2 Deluxe
"WT082200" = Chuzzle Deluxe
"WT082241" = Virtual Villagers - The Secret City
"WT082396" = Diner Dash 2 Restaurant Rescue
"WT082438" = Build-a-lot 2
"WT082442" = Faerie Solitaire
"WT082443" = Jewel Quest 3
"WT082456" = Mystery P.I. - The New York Fortune
"WT082463" = Zuma's Revenge
"WT082468" = Jewel Quest Solitaire 2
"WT083477" = Cake Mania
"WT083484" = Escape Rosecliff Island
"WT083491" = TextTwist 2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1119873572-3175110681-2248958626-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/11/2014 10:25:10 PM | Computer Name = Mine-K-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 12/12/2014 3:27:36 PM | Computer Name = Mine-K-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 12/12/2014 3:46:53 PM | Computer Name = Mine-K-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 12/14/2014 4:10:47 PM | Computer Name = Mine-K-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 12/14/2014 4:56:12 PM | Computer Name = Mine-K-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 12/14/2014 11:58:07 PM | Computer Name = Mine-K-PC | Source = Application Error | ID = 1000
Description = Faulting application name: wmpnetwk.exe, version: 12.0.7601.17514,
time stamp: 0x4ce7ae7f Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409,
time stamp: 0x5315a05a Exception code: 0x0000046b Fault offset: 0x000000000000940d
Faulting
process id: 0x738 Faulting application start time: 0x01d015b4286bc7cc Faulting application
path: C:\Program Files\Windows Media Player\wmpnetwk.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report
Id: 936a0a72-840e-11e4-8bdf-60eb695f37b0

Error - 12/15/2014 6:27:51 PM | Computer Name = Mine-K-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 12/15/2014 7:29:07 PM | Computer Name = Mine-K-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 12/15/2014 9:51:59 PM | Computer Name = Mine-K-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 12/16/2014 2:12:16 AM | Computer Name = Mine-K-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

[ Hewlett-Packard Events ]
Error - 11/9/2012 6:08:40 PM | Computer Name = Mine-K-PC | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146232828 at System.ComponentModel.AsyncCompletedEventArgs.RaiseExceptionIfNecessary()
at System.ComponentModel.RunWorkerCompletedEventArgs.get_Result() at HP.SupportAssistant.UI.HPAMain.bgNet_RunWorkerCompleted(Object
sender, RunWorkerCompletedEventArgs e) at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(RunWorkerComple tedEventArgs
e) at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(Object arg)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,
Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Message:
An exception occurred during the operation, making the result invalid. Check InnerException
for exception details. StackTrace: at System.ComponentModel.AsyncCompletedEventArgs.RaiseExceptionIfNecessary()
at System.ComponentModel.RunWorkerCompletedEventArgs.get_Result() at HP.SupportAssistant.UI.HPAMain.bgNet_RunWorkerCompleted(Object
sender, RunWorkerCompletedEventArgs e) at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(RunWorkerComple tedEventArgs
e) at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(Object arg)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,
Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Source:
System InnerException.Message: Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoSI.xml'. Name: HPSF.exe Version: 06.00.01.01 Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
3002 Ram Utilization: 40 TargetSite: Void RaiseExceptionIfNecessary()

Error - 11/9/2012 6:08:51 PM | Computer Name = Mine-K-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.InitRegItem()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to initialize registry items StackTrace: at
HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.InitRegItem() at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean
singleScan, Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
HPAsset fails to release. Name: hpsa_service.exe Version: 06.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe Format: en-US RAM:
3002 Ram Utilization: 40 TargetSite: Void InitRegItem()

Error - 11/16/2012 6:18:23 PM | Computer Name = Mine-K-PC | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146232828 at System.ComponentModel.AsyncCompletedEventArgs.RaiseExceptionIfNecessary()
at System.ComponentModel.RunWorkerCompletedEventArgs.get_Result() at HP.SupportAssistant.UI.HPAMain.bgNet_RunWorkerCompleted(Object
sender, RunWorkerCompletedEventArgs e) at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(RunWorkerComple tedEventArgs
e) at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(Object arg)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,
Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Message:
An exception occurred during the operation, making the result invalid. Check InnerException
for exception details. StackTrace: at System.ComponentModel.AsyncCompletedEventArgs.RaiseExceptionIfNecessary()
at System.ComponentModel.RunWorkerCompletedEventArgs.get_Result() at HP.SupportAssistant.UI.HPAMain.bgNet_RunWorkerCompleted(Object
sender, RunWorkerCompletedEventArgs e) at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(RunWorkerComple tedEventArgs
e) at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(Object arg)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,
Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Source:
System InnerException.Message: Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoSI.xml'. Name: HPSF.exe Version: 06.00.01.01 Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
3002 Ram Utilization: TargetSite: Void RaiseExceptionIfNecessary()

Error - 11/16/2012 6:18:45 PM | Computer Name = Mine-K-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.InitRegItem()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to initialize registry items StackTrace: at
HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.InitRegItem() at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean
singleScan, Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
HPAsset fails to release. Name: hpsa_service.exe Version: 06.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe Format: en-US RAM:
3002 Ram Utilization: 60 TargetSite: Void InitRegItem()

Error - 11/23/2012 5:49:30 PM | Computer Name = Mine-K-PC | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146232828 at System.ComponentModel.AsyncCompletedEventArgs.RaiseExceptionIfNecessary()
at System.ComponentModel.RunWorkerCompletedEventArgs.get_Result() at HP.SupportAssistant.UI.HPAMain.bgNet_RunWorkerCompleted(Object
sender, RunWorkerCompletedEventArgs e) at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(RunWorkerComple tedEventArgs
e) at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(Object arg)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,
Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Message:
An exception occurred during the operation, making the result invalid. Check InnerException
for exception details. StackTrace: at System.ComponentModel.AsyncCompletedEventArgs.RaiseExceptionIfNecessary()
at System.ComponentModel.RunWorkerCompletedEventArgs.get_Result() at HP.SupportAssistant.UI.HPAMain.bgNet_RunWorkerCompleted(Object
sender, RunWorkerCompletedEventArgs e) at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(RunWorkerComple tedEventArgs
e) at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(Object arg)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,
Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Source:
System InnerException.Message: Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoSI.xml'. Name: HPSF.exe Version: 06.00.01.01 Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
3002 Ram Utilization: 40 TargetSite: Void RaiseExceptionIfNecessary()

Error - 11/23/2012 5:49:47 PM | Computer Name = Mine-K-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.InitRegItem()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to initialize registry items StackTrace: at
HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.InitRegItem() at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean
singleScan, Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
HPAsset fails to release. Name: hpsa_service.exe Version: 06.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe Format: en-US RAM:
3002 Ram Utilization: 40 TargetSite: Void InitRegItem()

Error - 11/30/2012 6:33:56 PM | Computer Name = Mine-K-PC | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146232828 at System.ComponentModel.AsyncCompletedEventArgs.RaiseExceptionIfNecessary()
at System.ComponentModel.RunWorkerCompletedEventArgs.get_Result() at HP.SupportAssistant.UI.HPAMain.bgNet_RunWorkerCompleted(Object
sender, RunWorkerCompletedEventArgs e) at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(RunWorkerComple tedEventArgs
e) at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(Object arg)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,
Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Message:
An exception occurred during the operation, making the result invalid. Check InnerException
for exception details. StackTrace: at System.ComponentModel.AsyncCompletedEventArgs.RaiseExceptionIfNecessary()
at System.ComponentModel.RunWorkerCompletedEventArgs.get_Result() at HP.SupportAssistant.UI.HPAMain.bgNet_RunWorkerCompleted(Object
sender, RunWorkerCompletedEventArgs e) at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(RunWorkerComple tedEventArgs
e) at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(Object arg)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,
Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Source:
System InnerException.Message: Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoSI.xml'. Name: HPSF.exe Version: 06.00.01.01 Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
3002 Ram Utilization: 40 TargetSite: Void RaiseExceptionIfNecessary()

Error - 11/30/2012 6:34:08 PM | Computer Name = Mine-K-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.InitRegItem()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to initialize registry items StackTrace: at
HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.InitRegItem() at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean
singleScan, Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
HPAsset fails to release. Name: hpsa_service.exe Version: 06.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe Format: en-US RAM:
3002 Ram Utilization: 40 TargetSite: Void InitRegItem()

Error - 5/2/2014 5:11:22 PM | Computer Name = Mine-K-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(Stri ng
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCo re()
at HP.SupportFramework.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan, Boolean isAsync) Message: Failed to perform update. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(Stri ng
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCo re()
at HP.SupportFramework.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan, Boolean isAsync) Source: HP.ActiveCheckLocalMode.SessionManager
InnerException.Message:
Object '/cd4cd972_26d7_4652_9404_e5884d28de98/3gxcvd_b_4_3epkq2j7pxtgp_5.rem' has
been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
07.00.00.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3002 Ram Utilization: 50 TargetSite: Void UpdateDetail(System.String)

Error - 9/7/2014 10:33:47 PM | Computer Name = Mine-K-PC | Source = hpsa_service.exe | ID = 2000
Description =

[ System Events ]
Error - 12/6/2014 4:32:48 PM | Computer Name = Mine-K-PC | Source = Service Control Manager | ID = 7000
Description = The SessionLauncher service failed to start due to the following error:
%%2

Error - 12/6/2014 4:33:15 PM | Computer Name = Mine-K-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd

Error - 12/6/2014 7:13:44 PM | Computer Name = Mine-K-PC | Source = Service Control Manager | ID = 7030
Description = The LeapFrog Connect Device Service service is marked as an interactive
service. However, the system is configured to not allow interactive services.
This service may not function properly.

Error - 12/11/2014 10:16:20 PM | Computer Name = Mine-K-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB3004394).

Error - 12/11/2014 10:32:14 PM | Computer Name = Mine-K-PC | Source = Service Control Manager | ID = 7000
Description = The SessionLauncher service failed to start due to the following error:
%%2

Error - 12/11/2014 10:32:26 PM | Computer Name = Mine-K-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd

Error - 12/14/2014 11:58:51 PM | Computer Name = Mine-K-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 12/15/2014 9:51:28 AM | Computer Name = Mine-K-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Installer service to connect.

Error - 12/15/2014 9:51:31 AM | Computer Name = Mine-K-PC | Source = Service Control Manager | ID = 7000
Description = The Windows Installer service failed to start due to the following
error: %%1053

Error - 12/15/2014 9:51:35 AM | Computer Name = Mine-K-PC | Source = DCOM | ID = 10005
Description =


< End of report >

Hello guys. I've been experiencing slow performance from my laptop. This is my machines details.
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i3-4100M CPU @ 2.50GHz, Intel64 Family 6 Model 60 Stepping 3
Processor Count: 4
RAM: 4008 Mb
Graphics Card: Intel(R) HD Graphics 4600, 2036 Mb
Hard Drives: C: Total - 912623 MB, Free - 845483 MB; D: Total - 25599 MB, Free - 21747 MB;
Motherboard: LENOVO, INVALID
Antivirus: Kaspersky Anti-Virus, Updated and Enabled

When I am downloading anything it seems to freeze just before the end. Sometimes if I cancel and restart it then completes.
Also it is very slow at opening pages on the internet sometimes not doing so at all.
Usually closing a window and re opening works after a few attempts.
After downloading files to exe it tells me they are not suitable for my machine. Even the syst info file did it.

I have run virus scans and also tried a Hijack this but the system is not allowing the program access to certain areas.
Also when I left click on something it doesn't always respond.
I have run a registry fixing program but had no effect.
I regularly use CCleaner.

Can someone help me to clean my machine?

Thanks,
Spoonthumb

How do you detect a virus from a sophisticated hacker who can breach your firewall even if you have ant-virus protection?

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 6091 Mb
Graphics Card: Radeon (TM) HD 6490M, 1024 Mb
Hard Drives: C: Total - 697930 MB, Free - 595347 MB; D: Total - 17169 MB, Free - 1882 MB;
Motherboard: Hewlett-Packard, 17F9
Antivirus: Microsoft Security Essentials, Updated and Enabled




Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 15:58:23, on 17/12/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
CHROME: 30.0.1599.14
FIREFOX: 34.0.5 (x86 en-US)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\sue\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [Magic Desktop for HP notification] "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHBE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX440"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHBE.EXE /EPT "EPLTarget\P0000000000000001" /M "Epson Stylus SX440"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1418829758
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd...pIdfPlugin.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab...l_4.5.15.0.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BT Help Wizard - Alcatel-Lucent - C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\MAHostService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: pcCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
O23 - Service: pcCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\pcCMService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 17190 bytes



Can somebody please take look at my hjt log, I'm having serious problems with the blue screen, mainly when I try to open more than 1 page in internet explorer, also does not work in the right place, if a button says click next - then I have to go to the righthand side of the button. Problems don't seem to happen in firefox, and I don't really use chrome or opera.


I have updated and run Anti malware bytes, Super anti spyware and Microsoft security essentials and removed any threats and cookies, but the problem's still there.


Thanks in advance