rday22

DK- First, thanks for your willingness to help. It is sincerely appreciated. Second, I still have the problem. Thanks in advance Ross

I am trying to set up printer sharing on my home network. Well, I get an error when I try to set up the sharing (that is not the problem....for now). One of the solutions is to check the firewall settings. Well, when I try to check my firewall settings I get the following error message: "Due to an unidentified problem, Windows cannot display Windows Firewall settings" I have the dds.txt files posted below. I also have posted my MBAM log as well as the HiJack This! log. Thanks in advance for all you guys do! DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.6001.19272 BrowserJavaVersion: 1.6.0_35 Run by User at 18:27:10 on 2013-01-01 Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.3838.1883 [GMT -8:00] . SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe C:\Windows\SysWOW64\F5InstallerService.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files (x86)\Pocket Watch, LLC\ActivePrint System\ActivePrintSystem.exe C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe C:\Users\User\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\McAfee Security Scan\2.1.119\SSScheduler.exe C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\system32\RunDll32.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files (x86)\Fisher-Price\iXL\iXL.Middleware.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe C:\Program Files (x86)\Nova Development\Print Artist Platinum\ReminderApp.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MagicTune Premium\MagicTune.exe C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe C:\Program Files\HP\HP Officejet Pro 8600\bin\HPNetworkCommunicator.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\Program Files\PC Optimizer Pro\PCOptimizerPro.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\WerCon.exe C:\Windows\system32\msiexec.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = hxxp://www.yahoo.com mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file> BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [{6CE6B062-EF6C-465c-AF36-96C67DAD3B65}] "C:\Program Files (x86)\Pocket Watch, LLC\ActivePrint System\ActivePrintSystem.exe" uRun: [softAuto.exe] "C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe" uRun: [search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe uRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler uRun: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN1B21R23Y05KF:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1 uRun: [ALconnect] C:\Users\User\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe mRun: [YSearchProtection] "C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe" mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [RunTasktray] "C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe" --regkeypath=Software\Hewlett-Packard\HP Easy Printer Care\HPPRun --valuename=InstallTTM mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun: [KnexStarter] C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\Appinterfaces\HPDeviceService.exe mRun: [iXL_MiddleWare] C:\Program Files (x86)\Fisher-Price\iXL\iXL.Middleware.exe mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini" mRun: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [AgentMonitor] "C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [AddressBookReminderApp] C:\Program Files (x86)\Nova Development\Print Artist Platinum\ReminderApp.exe mRun: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\QFSCHD160.EXE" dRunOnce: [RunNarrator] Narrator.exe StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FORGET~1.LNK - C:\PROGRA~2\BRODER~1\AG CreataCard\agremind.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECURI~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.1.119\SSScheduler.exe uPolicies-Explorer: NoDriveAutoRun = dword:67108863 uPolicies-Explorer: NoDrives = dword:0 uPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\WPLauncher.hta IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll LSP: mswsock.dll Trusted Zone: hp.com Trusted Zone: hp.com DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab DPF: Yahoo! Pool 2 - hxxp://download2.games.yahoo.com/games/clients/y/poti_x.cab DPF: {00627E89-A19D-4A2B-938B-059CB7B1B493} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5certchk.cab DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} - hxxp://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab DPF: {16F67783-7E72-4C39-99C4-4780A8335484} - hxxp://www.syncmyride.com/Own/Modules/UpdateCenter/applets/sync.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/cachecleaner.cab DPF: {2B497CAF-D938-4059-BA76-0DA5DB77EA0A} - hxxps://mail.shortlawgroup.com/Remote/BuiltIns/FS/Wssg.Web.FileAccess.RichUpload.cab DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxvpn.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} - hxxp://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} - hxxp://zone.msn.com/bingame/rtlw/default/ReflexiveWebGameLoader.cab DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5tunsrv.cab DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/InstallerControl.cab DPF: {49EC7987-E331-44E3-B170-748B58A268B9} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} - hxxp://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5InspectionHost.cab DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {7584c670-2274-4efb-b00b-d6aaba6d3850} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/msrdp.cab DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/vdeskctrl.cab DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://zone.msn.com/bingame/chnz/default/mjolauncher.cab DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} - hxxp://community.weightwatchers.com/Scripts/ImageUploader6.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} - hxxp://zone.msn.com/bingame/zpagames/zpa_txhe.cab55579.cab DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38459.8818865741 DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxshost.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} - hxxp://zone.msn.com/binframework/v10/StProxy.cab55579.cab DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxhost.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} - hxxps://connections.weightwatchers.com/policy/download_binary.php/win32/f5syschk.cab#Version=6031,2010,1005,1351 DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - hxxp://download.abacast.com/download/files/abasetup162.cab DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{18E96790-F4ED-47FA-9D44-304EBA60CD52} : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll Handler: HPDCS - {ba135f49-a12c-4e26-a2c4-6ea945999072} - C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\APP\hpdcsapp.dll Handler: hppfile - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll Handler: hppsam - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll Handler: hppzip - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Handler: x-owacid2 - {5B290518-830E-4C57-A66B-E4F748900C27} - C:\Program Files (x86)\Microsoft\SMIME Client (2010)\mimectl.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\System32\wpdshserviceobj.dll SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Windows\Program Files\SUPERAntiSpyware\SASSEH.DLL LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\SysWow64\browseui.dll x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file> x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [MagicTuneEngine] C:\Program Files\MagicTune Premium\MagicTuneLauncher.exe x64-Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" x64-Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 x64-mPolicies-Explorer: NoDriveAutoRun = dword:67108863 x64-mPolicies-Explorer: NoDrives = dword:0 x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 x64-mPolicies-System: EnableLUA = dword:0 x64-mPolicies-System: EnableUIADesktopToggle = dword:0 x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - LocalServer32 - <no file> x64-Handler: HPDCS - {ba135f49-a12c-4e26-a2c4-6ea945999072} - LocalServer32 - <no file> x64-Handler: hppfile - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - <orphaned> x64-Handler: hppsam - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - <orphaned> x64-Handler: hppzip - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Handler: x-owacid2 - {5B290518-830E-4C57-A66B-E4F748900C27} - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e248sa1j.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxp://us.yhs4.search.yahoo.com/web/partner?&hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,205,0_0,StartPage,20121250,16900,0,63,0 FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=w3i&type=W3i_DS,157,0_0,Search,20121250,6902,0,63,0&p= FF - component: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension\components\FFQpBHO3.5.dll FF - component: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension\components\FFQpBHO3.6.dll FF - component: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension\components\hpWebPrinting35.dll FF - component: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension\components\hpWebPrinting36.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\Roblox\Versions\version-59ef45ad660c45f5\NPRobloxProxy.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Program Files\IGN\Download Manager\npfpdlm.dll FF - plugin: C:\Program Files\REAL\RealPlayer\Netscape6\nppl3260.dll FF - plugin: C:\Program Files\REAL\RealPlayer\Netscape6\nprjplug.dll FF - plugin: C:\Program Files\REAL\RealPlayer\Netscape6\nprpjplug.dll FF - plugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e248sa1j.default\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}\plugins\NPuroamHost.dll FF - plugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\NPAbacheck.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll FF - plugin: C:\Windows\SysWOW64\npacrx.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\Npindeo.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - plugin: C:\Windows\SysWOW64\npptools.dll FF - plugin: C:\Windows\SysWOW64\npwmsdrm.dll FF - ExtSQL: 2012-12-12 08:39; ConsumerInput@Compete; C:\Program Files (x86)\Consumer Input\Firefox\src FF - ExtSQL: !HIDDEN! 2009-10-23 08:12; {20a82645-c095-46ed-80e3-08825760534b}; c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - ExtSQL: !HIDDEN! 2010-02-08 13:14; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false FF - user.js: yahoo.ytff.general.dontshowhpoffer - true ============= SERVICES / DRIVERS =============== . R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-6-25 203776] R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2011-6-4 296808] R2 F5 Networks Component Installer;F5 Networks Component Installer;C:\Windows\SysWOW64\F5InstallerService.exe [2010-8-19 246400] R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648] R2 Jcpacket;Fldp Packet Driver;C:\Windows\System32\drivers\Jcpacket.sys [2010-11-5 23848] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-1 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-23 682344] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-7-23 24176] R3 Point64;Microsoft IntelliPoint Filter Driver;C:\Windows\System32\drivers\point64k.sys [2009-5-8 33160] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2009-11-6 297496] R3 urvpndrv;F5 Networks VPN Adapter;C:\Windows\System32\drivers\covpnv64.sys [2010-1-25 41232] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2009-10-16 27704] S1 SASDIFSV;SASDIFSV;C:\Windows\Program Files\SUPERAntiSpyware\sasdifsv.sys [2009-1-15 8944] S1 SASKUTIL;SASKUTIL;C:\Windows\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2009-1-15 55024] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560] S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2010-11-18 35840] S3 CTUPnPSv;Creative Centrale Media Server;C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-5-21 64000] S3 f5ipfw;F5 Networks StoneWall Filter;C:\Windows\System32\drivers\urfltv64.sys [2011-9-23 18448] S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-31 48488] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352] S3 Leapfrog-USBLAN;Leapfrog-USBLAN;C:\Windows\System32\drivers\btblan.sys [2010-1-20 40320] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.1.119\McCHSvc.exe [2010-3-8 227232] S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968] S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2012-11-23 31800] S3 SASENUM;SASENUM;C:\Windows\Program Files\SUPERAntiSpyware\SASENUM.SYS [2009-1-15 7408] S3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] S3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712] S3 WiselinkPro;SAMSUNG WiselinkPro Service;C:\Windows\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2009-10-20 4708864] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768] S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-10-16 89920] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== File Associations =============== . FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %* ShellExec: EasyShare.exe: Preview="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" ShellExec: FRONTPG.EXE: edit=C:\PROGRA~1\MICROS~1\Office\FRONTPG.EXE ShellExec: LightningViewer.exe: View="c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\LightningNavigator.exe" "-ViewDocument" "%1" ShellExec: QSync.exe: Open="C:\Program Files\Logitech\Video\QSync.exe" . =============== Created Last 30 ================ . . ==================== Find3M ==================== . 2013-01-02 01:50:55 710504 ----a-w- C:\Windows\isRS-000.tmp 2012-12-15 00:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-12-12 15:12:11 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-12-12 15:12:10 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2010-09-26 17:04:34 94208 ----a-w- C:\Program Files (x86)\Common Files\regdll.dll 2010-09-26 17:04:34 69632 ----a-w- C:\Program Files (x86)\Common Files\ClacAdv.dll 2010-09-26 17:04:34 28672 ----a-w- C:\Program Files (x86)\Common Files\MYSWHelpComp.dll 2010-09-26 17:04:34 126976 ----a-w- C:\Program Files (x86)\Common Files\ClacStmp.dll 2003-08-27 22:19:18 36963 ----a-r- C:\Program Files (x86)\Common Files\SM1updtr.dll . ============= FINISH: 18:27:54.50 =============== MBAM log Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.01.01.04 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 8.0.6001.19272 User :: USER-PC [administrator] 1/1/2013 6:03:43 PM mbam-log-2013-01-01 (18-03-43).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 301295 Time elapsed: 14 minute(s), 29 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) HiJack this log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 6:34:39 PM, on 1/1/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19272) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Pocket Watch, LLC\ActivePrint System\ActivePrintSystem.exe C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Users\User\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\McAfee Security Scan\2.1.119\SSScheduler.exe C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files (x86)\Fisher-Price\iXL\iXL.Middleware.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe C:\Program Files (x86)\Nova Development\Print Artist Platinum\ReminderApp.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RunTasktray] "C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe" --regkeypath=Software\Hewlett-Packard\HP Easy Printer Care\HPPRun --valuename=InstallTTM O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" O4 - HKLM\..\Run: [KnexStarter] C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\Appinterfaces\HPDeviceService.exe O4 - HKLM\..\Run: [iXL_MiddleWare] C:\Program Files (x86)\Fisher-Price\iXL\iXL.Middleware.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini" O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AgentMonitor] "C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AddressBookReminderApp] C:\Program Files (x86)\Nova Development\Print Artist Platinum\ReminderApp.exe O4 - HKLM\..\Run: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\QFSCHD160.EXE" O4 - HKCU\..\Run: [{6CE6B062-EF6C-465c-AF36-96C67DAD3B65}] "C:\Program Files (x86)\Pocket Watch, LLC\ActivePrint System\ActivePrintSystem.exe" O4 - HKCU\..\Run: [softAuto.exe] "C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe" O4 - HKCU\..\Run: [search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN1B21R23Y05KF:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1 O4 - HKCU\..\Run: [ALconnect] C:\Users\User\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Startup: Dropbox.lnk = User\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk = ? O4 - Global Startup: Forget Me Not.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: SecurityScan.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\WPLauncher.hta O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O15 - Trusted Zone: http://connections.weightwatchers.com O15 - Trusted Zone: http://portal.field.weightwatchers.com O15 - Trusted Zone: http://*.hp.com (HKLM) O16 - DPF: Yahoo! Pool 2 - http://download2.gam...ts/y/poti_x.cab O16 - DPF: {00627E89-A19D-4A2B-938B-059CB7B1B493} (F5 Networks Certificate Checker) - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5certchk.cab O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/...UI.cab55579.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebo...toUploader5.cab O16 - DPF: {16F67783-7E72-4C39-99C4-4780A8335484} (SyncXfer Class) - http://www.syncmyrid...pplets/sync.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204 O16 - DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} (OPSWAT AntiViruses Class) - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner) - file://C:/Program Files (x86)/F5 VPN/F5_TMP/cachecleaner.cab O16 - DPF: {2B497CAF-D938-4059-BA76-0DA5DB77EA0A} (Wssg.Web.FileAccess.RichUpload.UploadControl Class) - https://mail.shortla....RichUpload.cab O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} (F5 Networks VPN Manager) - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxvpn.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - http://us.dl1.yimg.c...nst_current.cab O16 - DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} (OPSWAT FireWalls Class) - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/...dy.cab55579.cab O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://zone.msn.com/...bGameLoader.cab O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} (F5 Networks Dynamic Application Tunnel Control) - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5tunsrv.cab O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - file://C:/Program Files (x86)/F5 VPN/F5_TMP/InstallerControl.cab O16 - DPF: {49EC7987-E331-44E3-B170-748B58A268B9} (OPSWAT ProcessesScanner Class) - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/...at.cab55579.cab O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} (F5 Networks Policy Agent Host Class) - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5InspectionHost.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.h...hpdetect118.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset...lineScanner.cab O16 - DPF: {7584c670-2274-4efb-b00b-d6aaba6d3850} (Microsoft Terminal Services Client Control (redist)) - file://C:/Program Files (x86)/F5 VPN/F5_TMP/msrdp.cab O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} (F5 Virtual Sandbox Class) - file://C:/Program Files (x86)/F5 VPN/F5_TMP/vdeskctrl.cab O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/...mjolauncher.cab O16 - DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} (Image Uploader Control) - http://community.wei...geUploader6.cab O16 - DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} (F5 Networks Group Policy Control) - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/...he.cab55579.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxshost.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/...xy.cab55579.cab O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxhost.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab O16 - DPF: {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} (F5 Networks OS Policy Agent) - https://connections....,2010,1005,1351 O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abac...abasetup162.cab O16 - DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} (F5 Networks OPSWAT Helper Control) - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab O18 - Protocol: HPDCS - {BA135F49-A12C-4E26-A2C4-6EA945999072} - C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\APP\hpdcsapp.dll O18 - Protocol: hppfile - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll O18 - Protocol: hppsam - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll O18 - Protocol: hppzip - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Protocol: x-owacid2 - {5B290518-830E-4C57-A66B-E4F748900C27} - C:\Program Files (x86)\Microsoft\SMIME Client (2010)\mimectl.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\Windows\SysWow64\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe O23 - Service: F5 Networks Component Installer - F5 Networks - C:\Windows\SysWOW64\F5InstallerService.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GoToMyPC - Unknown owner - C:\Citrix\GoToMyPC\g2svc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\NERO\InCD\InCDsrv.exe O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.1.119\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Pml Driver - HP - C:\Windows\SysWOW64\HPHipm09.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Unknown owner - C:\WINDOWS\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: WPS Scanner Service (WPSScannerSvc) - Unknown owner - C:\WINDOWS\Program Files\Skyhook Wireless\Wi-Fi Driver\WPSScannerSvc.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 21424 bytes Here are the two dds files dds.txt: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.6001.19272 BrowserJavaVersion: 1.6.0_35 Run by User at 18:27:10 on 2013-01-01 Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.3838.1883 [GMT -8:00] . SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe C:\Windows\SysWOW64\F5InstallerService.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files (x86)\Pocket Watch, LLC\ActivePrint System\ActivePrintSystem.exe C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe C:\Users\User\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\McAfee Security Scan\2.1.119\SSScheduler.exe C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\system32\RunDll32.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files (x86)\Fisher-Price\iXL\iXL.Middleware.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe C:\Program Files (x86)\Nova Development\Print Artist Platinum\ReminderApp.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MagicTune Premium\MagicTune.exe C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe C:\Program Files\HP\HP Officejet Pro 8600\bin\HPNetworkCommunicator.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\Program Files\PC Optimizer Pro\PCOptimizerPro.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\WerCon.exe C:\Windows\system32\msiexec.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = hxxp://www.yahoo.com mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file> BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [{6CE6B062-EF6C-465c-AF36-96C67DAD3B65}] "C:\Program Files (x86)\Pocket Watch, LLC\ActivePrint System\ActivePrintSystem.exe" uRun: [softAuto.exe] "C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe" uRun: [search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe uRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler uRun: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN1B21R23Y05KF:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1 uRun: [ALconnect] C:\Users\User\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe mRun: [YSearchProtection] "C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe" mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [RunTasktray] "C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe" --regkeypath=Software\Hewlett-Packard\HP Easy Printer Care\HPPRun --valuename=InstallTTM mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun: [KnexStarter] C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\Appinterfaces\HPDeviceService.exe mRun: [iXL_MiddleWare] C:\Program Files (x86)\Fisher-Price\iXL\iXL.Middleware.exe mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini" mRun: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [AgentMonitor] "C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [AddressBookReminderApp] C:\Program Files (x86)\Nova Development\Print Artist Platinum\ReminderApp.exe mRun: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\QFSCHD160.EXE" dRunOnce: [RunNarrator] Narrator.exe StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FORGET~1.LNK - C:\PROGRA~2\BRODER~1\AG CreataCard\agremind.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECURI~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.1.119\SSScheduler.exe uPolicies-Explorer: NoDriveAutoRun = dword:67108863 uPolicies-Explorer: NoDrives = dword:0 uPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\WPLauncher.hta IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll LSP: mswsock.dll Trusted Zone: hp.com Trusted Zone: hp.com DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab DPF: Yahoo! Pool 2 - hxxp://download2.games.yahoo.com/games/clients/y/poti_x.cab DPF: {00627E89-A19D-4A2B-938B-059CB7B1B493} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5certchk.cab DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} - hxxp://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab DPF: {16F67783-7E72-4C39-99C4-4780A8335484} - hxxp://www.syncmyride.com/Own/Modules/UpdateCenter/applets/sync.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/cachecleaner.cab DPF: {2B497CAF-D938-4059-BA76-0DA5DB77EA0A} - hxxps://mail.shortlawgroup.com/Remote/BuiltIns/FS/Wssg.Web.FileAccess.RichUpload.cab DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxvpn.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} - hxxp://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} - hxxp://zone.msn.com/bingame/rtlw/default/ReflexiveWebGameLoader.cab DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5tunsrv.cab DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/InstallerControl.cab DPF: {49EC7987-E331-44E3-B170-748B58A268B9} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} - hxxp://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5InspectionHost.cab DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {7584c670-2274-4efb-b00b-d6aaba6d3850} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/msrdp.cab DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/vdeskctrl.cab DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://zone.msn.com/bingame/chnz/default/mjolauncher.cab DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} - hxxp://community.weightwatchers.com/Scripts/ImageUploader6.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} - hxxp://zone.msn.com/bingame/zpagames/zpa_txhe.cab55579.cab DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38459.8818865741 DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxshost.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} - hxxp://zone.msn.com/binframework/v10/StProxy.cab55579.cab DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxhost.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} - hxxps://connections.weightwatchers.com/policy/download_binary.php/win32/f5syschk.cab#Version=6031,2010,1005,1351 DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - hxxp://download.abacast.com/download/files/abasetup162.cab DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{18E96790-F4ED-47FA-9D44-304EBA60CD52} : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll Handler: HPDCS - {ba135f49-a12c-4e26-a2c4-6ea945999072} - C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\APP\hpdcsapp.dll Handler: hppfile - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll Handler: hppsam - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll Handler: hppzip - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Handler: x-owacid2 - {5B290518-830E-4C57-A66B-E4F748900C27} - C:\Program Files (x86)\Microsoft\SMIME Client (2010)\mimectl.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\System32\wpdshserviceobj.dll SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Windows\Program Files\SUPERAntiSpyware\SASSEH.DLL LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\SysWow64\browseui.dll x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file> x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [MagicTuneEngine] C:\Program Files\MagicTune Premium\MagicTuneLauncher.exe x64-Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" x64-Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 x64-mPolicies-Explorer: NoDriveAutoRun = dword:67108863 x64-mPolicies-Explorer: NoDrives = dword:0 x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 x64-mPolicies-System: EnableLUA = dword:0 x64-mPolicies-System: EnableUIADesktopToggle = dword:0 x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - LocalServer32 - <no file> x64-Handler: HPDCS - {ba135f49-a12c-4e26-a2c4-6ea945999072} - LocalServer32 - <no file> x64-Handler: hppfile - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - <orphaned> x64-Handler: hppsam - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - <orphaned> x64-Handler: hppzip - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Handler: x-owacid2 - {5B290518-830E-4C57-A66B-E4F748900C27} - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e248sa1j.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxp://us.yhs4.search.yahoo.com/web/partner?&hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,205,0_0,StartPage,20121250,16900,0,63,0 FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=w3i&type=W3i_DS,157,0_0,Search,20121250,6902,0,63,0&p= FF - component: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension\components\FFQpBHO3.5.dll FF - component: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension\components\FFQpBHO3.6.dll FF - component: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension\components\hpWebPrinting35.dll FF - component: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension\components\hpWebPrinting36.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\Roblox\Versions\version-59ef45ad660c45f5\NPRobloxProxy.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Program Files\IGN\Download Manager\npfpdlm.dll FF - plugin: C:\Program Files\REAL\RealPlayer\Netscape6\nppl3260.dll FF - plugin: C:\Program Files\REAL\RealPlayer\Netscape6\nprjplug.dll FF - plugin: C:\Program Files\REAL\RealPlayer\Netscape6\nprpjplug.dll FF - plugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e248sa1j.default\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}\plugins\NPuroamHost.dll FF - plugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\NPAbacheck.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll FF - plugin: C:\Windows\SysWOW64\npacrx.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\Npindeo.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - plugin: C:\Windows\SysWOW64\npptools.dll FF - plugin: C:\Windows\SysWOW64\npwmsdrm.dll FF - ExtSQL: 2012-12-12 08:39; ConsumerInput@Compete; C:\Program Files (x86)\Consumer Input\Firefox\src FF - ExtSQL: !HIDDEN! 2009-10-23 08:12; {20a82645-c095-46ed-80e3-08825760534b}; c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - ExtSQL: !HIDDEN! 2010-02-08 13:14; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false FF - user.js: yahoo.ytff.general.dontshowhpoffer - true ============= SERVICES / DRIVERS =============== . R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-6-25 203776] R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2011-6-4 296808] R2 F5 Networks Component Installer;F5 Networks Component Installer;C:\Windows\SysWOW64\F5InstallerService.exe [2010-8-19 246400] R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648] R2 Jcpacket;Fldp Packet Driver;C:\Windows\System32\drivers\Jcpacket.sys [2010-11-5 23848] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-1 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-23 682344] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-7-23 24176] R3 Point64;Microsoft IntelliPoint Filter Driver;C:\Windows\System32\drivers\point64k.sys [2009-5-8 33160] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2009-11-6 297496] R3 urvpndrv;F5 Networks VPN Adapter;C:\Windows\System32\drivers\covpnv64.sys [2010-1-25 41232] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2009-10-16 27704] S1 SASDIFSV;SASDIFSV;C:\Windows\Program Files\SUPERAntiSpyware\sasdifsv.sys [2009-1-15 8944] S1 SASKUTIL;SASKUTIL;C:\Windows\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2009-1-15 55024] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560] S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2010-11-18 35840] S3 CTUPnPSv;Creative Centrale Media Server;C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-5-21 64000] S3 f5ipfw;F5 Networks StoneWall Filter;C:\Windows\System32\drivers\urfltv64.sys [2011-9-23 18448] S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-31 48488] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352] S3 Leapfrog-USBLAN;Leapfrog-USBLAN;C:\Windows\System32\drivers\btblan.sys [2010-1-20 40320] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.1.119\McCHSvc.exe [2010-3-8 227232] S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968] S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2012-11-23 31800] S3 SASENUM;SASENUM;C:\Windows\Program Files\SUPERAntiSpyware\SASENUM.SYS [2009-1-15 7408] S3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] S3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712] S3 WiselinkPro;SAMSUNG WiselinkPro Service;C:\Windows\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2009-10-20 4708864] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768] S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-10-16 89920] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== File Associations =============== . FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %* ShellExec: EasyShare.exe: Preview="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" ShellExec: FRONTPG.EXE: edit=C:\PROGRA~1\MICROS~1\Office\FRONTPG.EXE ShellExec: LightningViewer.exe: View="c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\LightningNavigator.exe" "-ViewDocument" "%1" ShellExec: QSync.exe: Open="C:\Program Files\Logitech\Video\QSync.exe" . =============== Created Last 30 ================ . . ==================== Find3M ==================== . 2013-01-02 01:50:55 710504 ----a-w- C:\Windows\isRS-000.tmp 2012-12-15 00:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-12-12 15:12:11 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-12-12 15:12:10 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2010-09-26 17:04:34 94208 ----a-w- C:\Program Files (x86)\Common Files\regdll.dll 2010-09-26 17:04:34 69632 ----a-w- C:\Program Files (x86)\Common Files\ClacAdv.dll 2010-09-26 17:04:34 28672 ----a-w- C:\Program Files (x86)\Common Files\MYSWHelpComp.dll 2010-09-26 17:04:34 126976 ----a-w- C:\Program Files (x86)\Common Files\ClacStmp.dll 2003-08-27 22:19:18 36963 ----a-r- C:\Program Files (x86)\Common Files\SM1updtr.dll . ============= FINISH: 18:27:54.50 =============== attach.txt: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft® Windows Vista™ Business Boot Device: \Device\HarddiskVolume1 Install Date: 10/17/2009 12:54:48 AM System Uptime: 1/1/2013 5:52:14 PM (1 hours ago) . Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD | | 785GM-E65 (MS-7596) Processor: AMD Athlon™ II X2 240 Processor | CPU1 | 2807/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 233 GiB total, 42.957 GiB free. D: is CDROM () H: is NetworkDisk (NTFS) - 932 GiB total, 882.677 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . 2x1/4x1 USB Peripheral Switch 64 Bit HP CIO Components Installer Abacast Client ABBYY FineReader 9.0 Sprint ActiveLink Connect ActivePrint System Adobe Acrobat 5.0 Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) Adobe® Photoshop® Album Starter Edition 3.0 Adobe® Photoshop® Album Starter Edition 3.0.1 AiO_Scan AIOMinimal AiOSoftware Alphabet Express AMD USB Filter Driver American Greetings CreataCard AOL Uninstaller (Choose which Products to Remove) Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft PhotoImpression 5 ArcSoft Software Suite ArcSoft VideoImpression 2 ATI AVIVO64 Codecs ATI Catalyst Install Manager AVS DVDMenu Editor 1.0.0.5 AVS Video Tools 5.5 Bing Bar BitZipper 2013 BizArt Blasterball 2 Blasterball Wild bpd_scan Brother MFL-Pro Suite ByteRun Editor for PHP 1.1 Demo Canon MF Toolbox 4.9.1.1.mf01 Canon MF6500 Series Canon Utilities Easy-PhotoPrint Catalyst Control Center InstallProxy Check Designer Common Consumer Input Firefox Extension (remove only) Content Transfer Contents Copy Core Communication Components Corel VideoStudio Essentials X4 Creative Centrale Creative Jukebox Driver Creative Removable Disk Manager Creative Software Update Creative System Information Creative Zen Micro Creative ZEN X-Fi User's Guide Creative ZEN X-Fi Video Converter CreativeProjects CreativeProjectsTemplates CueTour D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Destination Component Destinations Device Data Communication Components DeviceDiscovery DeviceIO Director DocMgr DocProc DocumentViewer Download Updater (AOL LLC) Dragon NaturallySpeaking 11 Dropbox Easy-WebPrint Easy CD & DVD Creator 6 Easy DVD Clone Easy DVD Rip Events Communication Components ExamView Pro F5 Networks VPN Client for Windows Fax Fisher-Price Computer Cool School Fisher-Price iXL Computer Software FTP Commander Google Chrome Google Earth Plug-in Google Update Helper GPBaseService2 Hewlett-Packard ACLM.NET v1.1.0.0 HiJackThis HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) hp center HP Digital Imaging Album Printing 1.0 HP Document Manager 2.0 HP Easy Printer Care HP FWUpdateEDO2 HP Image Zone 4.2 HP Image Zone Express HP Imaging Device Functions 12.0 HP Instant Support hp LaserJet 1000 HP Officejet Pro 8600 Basic Device Software HP Officejet Pro 8600 Help HP Officejet Pro 8600 Product Improvement Study HP Printer Settings Tools HP Printer Usage Report HP Product Detection HP PSC & OfficeJet 3.0 HP Smart Web Printing 4.60 HP Software Update HP Solution Center 13.0 HP Update hpmdtab HPProductAssistant HPSSupply HPSystemDiagnostics I.R.I.S. OCR ICA IGN Download Manager 2.2.2 Inactive HP Printer Drivers (Remove only) Indeo® Software InstantShare InstantShareAlert Intellisync® for Yahoo! InterVideo WinDVD 4 IPM_VS_Pro ISCOM iTunes Java Auto Updater Java™ 6 Update 35 Junk Mail filter update JustRegistry v3.5 LeapFrog Connect LeapFrog Leapster Explorer Plugin LeapFrog My Pals Plugin Learning Lodge Navigator LEGO Digital Designer LightScribe 1.4.62.1 Linksys Wireless-G Print Server Logitech Print Service Logitech QuickCam Logitech VideoCall Logitech® Camera Driver MagicTunePremium Malwarebytes Anti-Malware version 1.70.0.1100 McAfee UnInstaller Memories Disc Creator 2.0 Mesh Runtime Messenger Companion Microsoft .NET Framework (English) Microsoft .NET Framework (English) v1.0.3705 Microsoft .NET Framework 1.0 Hotfix (KB928367) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft FrontPage 2000 Microsoft IntelliPoint 6.3 Microsoft IntelliPoint 7.0 Microsoft IntelliType Pro 6.3 Microsoft IntelliType Pro 7.0 Microsoft Money 2005 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Business 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint Viewer 2003 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft S/MIME Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Web Publishing Wizard 1.52 Move Networks Media Player for Internet Explorer Mozilla Firefox 17.0.1 (x86 en-US) Mozilla Maintenance Service Mozilla Thunderbird (2.0.0.12) MPM MSN Toolbar MSVCRT MSVCRT_amd64 MSVCSetup MSXML 4.0 SP2 (KB925672) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6 Service Pack 2 (KB973686) MTI for Windows 7.01 Multiple Image Resizer .NET MyCheckBook MyDVD myfantasyleague.com Game Day 2012 Namo WebBoard Namo WebCanvas Namo WebEditor 6 Namo WebUtilities Namu6 Nero Suite NetGear PS121v2 NVIDIA Display Driver NWZ-E350 WALKMAN Guide OCR Software by I.R.I.S. 12.0 Octoshape add-in for Adobe Flash Player OmniPage SE 2.0 OpenOffice.org 2.0 Operating System Communication Components Outlook Express Backup Wizard version 1.1 Overland PaperPort PC Optimizer Pro Pencil-Pal Preschool Photo Toolkit 1.7 PhotoGallery PHP 5.2.4 Presto! PageManager 6.03 Print Artist Platinum 23 PrintScreen Prospect Finder 7.0 Prospect Manager 7.0 Prospect Verifier 7.0 PureHD Python 2.2 combined Win32 extensions QFolder Quicken 2003 New User Edition QuickProjects QuickTime Readiris Pro 12 Readme RealPlayer Realtek 8136 8168 8169 Ethernet Driver RecordNow Update Manager Revo Uninstaller Pro 2.5.9 Rhapsody Ricochet Roblox S3Display S3Gamma2 S3Info2 S3Overlay Saint Paint Studio SAMSUNG PC Share Manager Samsung_MonSetup Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition SecurityScan Segoe UI Setup Share Share64 Shockwave Shop for HP Supplies SHOUTcast DNAS (remove only) SHOUTcast Source DSP 1.9.0 (remove only) Simple Backup for My Pictures Simple Installer - Multilanguage Version SkinsHP1 SkinsHP2 Skyhook Wireless Wi-Fi Driver SmartFTP Client SmartWebPrinting Snowboard Extreme SolutionCenter Sound Blaster Space Rocks Status SUPERAntiSpyware Free Edition SureThing CD Labeler 4 SE SX Virtual Link TrayApp TurboTax 2010 TurboTax 2010 WinPerFedFormset TurboTax 2010 WinPerReleaseEngine TurboTax 2010 WinPerTaxSupport TurboTax 2010 woriper TurboTax 2010 wrapper TurboTax Deluxe 2005 TurboTax Deluxe Deduction Maximizer 2006 TurboTax ItsDeductible 2004 TurboTax ItsDeductible 2005 TurboTax ItsDeductible 2006 TweetDeck UMPlayer 0.98 [Athlon] UninstallAbility Unload Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin) Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) VGA USB Camera VIO Virtual Warfare Visual C++ 8.0 Runtime Setup Package (x64) Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) VoiceOver Kit VSClassic VSPro VTech Download Agent Library Web Photo Album 0.9 Beta WebFldrs XP WexTech AnswerWorks Winamp (remove only) Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) Windows Genuine Advantage v1.3.0254.0 Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Encoder 9 Series Windows Media Format 11 runtime Windows Media Player 11 WinPcap 3.0 WinRAR archiver WinZip 16.0 Wonder Words WordPerfect Office IFilter 32-bit WordPerfect Office IFilter 64-bit WordPerfect Office X6 WordPerfect Office X6 - Common Files WordPerfect Office X6 - Common Files English WordPerfect Office X6 - Extras WordPerfect Office X6 - IPM WordPerfect Office X6 - Lightning Files WordPerfect Office X6 - Lightning Files English WordPerfect Office X6 - Oxford WordPerfect Office X6 - Presentations Files WordPerfect Office X6 - Presentations Files English WordPerfect Office X6 - Quattro Pro Files WordPerfect Office X6 - Quattro Pro Files English WordPerfect Office X6 - Setup Files WordPerfect Office X6 - System Files WordPerfect Office X6 - WordPerfect Files WordPerfect Office X6 - WordPerfect Files English WordPerfect Office X6 - WT WordPerfect OfficeReady XviD & MP3 Codec Pack (remove only) XviD MPEG-4 Video Codec Yahoo! Install Manager Yahoo! Internet Mail Yahoo! Search Protection Yahoo! Software Update Yahoo! Toolbar ZENcast Organizer . ==== End Of File ===========================

My computer seems to be acting fine now, how can I be sure? Also, I received a strange random phone call yesterday from someone who said he knew my computer was running slow and he could help me fix it? They are calling me now!

Here is my combofix log: ComboFix 12-07-26.03 - User 07/25/2012 12:56:20.6.2 - x64 MINIMAL Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.3838.2347 [GMT -7:00] Running from: c:\users\User\Desktop\sega.com Command switches used :: /killall SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\assembly\GAC_32\Desktop.ini c:\windows\assembly\GAC_64\Desktop.ini c:\windows\Installer\{8c48dcd0-0738-fe1a-a270-72328b18f57a}\@ c:\windows\Installer\{8c48dcd0-0738-fe1a-a270-72328b18f57a}\L\00000004.@ c:\windows\Installer\{8c48dcd0-0738-fe1a-a270-72328b18f57a}\L\201d3dde c:\windows\Installer\{8c48dcd0-0738-fe1a-a270-72328b18f57a}\U\00000004.@ c:\windows\Installer\{8c48dcd0-0738-fe1a-a270-72328b18f57a}\U\00000008.@ c:\windows\Installer\{8c48dcd0-0738-fe1a-a270-72328b18f57a}\U\000000cb.@ c:\windows\Installer\{8c48dcd0-0738-fe1a-a270-72328b18f57a}\U\80000000.@ c:\windows\Installer\{8c48dcd0-0738-fe1a-a270-72328b18f57a}\U\80000032.@ c:\windows\Installer\{8c48dcd0-0738-fe1a-a270-72328b18f57a}\U\80000064.@ . c:\windows\system32\services.exe . . . is infected!! . . ((((((((((((((((((((((((( Files Created from 2012-06-25 to 2012-07-25 ))))))))))))))))))))))))))))))) . . 2012-07-25 20:06 . 2012-07-25 20:07 -------- d-----w- c:\windows\ServiceProfiles\LocalService\AppData\Local\temp 2012-07-25 20:06 . 2012-07-25 20:06 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2012-07-25 20:06 . 2012-07-25 20:06 -------- d-----w- c:\windows\ServiceProfiles\NetworkService\AppData\Local\temp 2012-07-25 20:06 . 2012-07-25 20:06 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-25 20:06 . 2012-07-25 20:06 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2012-07-25 15:48 . 2012-07-25 15:48 -------- d-----w- C:\found.001 2012-07-24 05:11 . 2012-07-24 05:11 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-07-24 05:11 . 2012-07-03 20:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-22 23:35 . 2012-07-22 23:35 -------- d-sh--w- c:\windows\SysWow64\%APPDATA% 2012-07-21 22:06 . 2012-07-21 22:34 -------- d-----w- C:\TDSSKiller_Quarantine 2012-07-20 08:40 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{82C72DEA-BF80-4495-A16A-BD314554EB4A}\mpengine.dll 2012-07-02 23:00 . 2012-07-02 23:00 -------- dc-h--w- c:\users\User\AppData\Local\{E8D024FE-9C03-4ECF-B3CA-FB58783D91C2} 2012-07-02 23:00 . 2012-07-02 23:00 -------- d-----w- c:\users\User\AppData\Roaming\DirectLife 2012-07-02 23:00 . 2012-07-02 23:00 -------- d-----w- c:\users\User\AppData\Local\PackageAware 2012-07-01 02:12 . 2012-07-01 02:12 -------- d-----w- c:\users\User\AppData\Local\Macromedia . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-13 06:12 . 2012-04-29 18:23 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-13 06:12 . 2011-05-22 00:51 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-13 10:07 . 2006-11-02 12:35 58957832 ----a-w- c:\windows\system32\mrt.exe 2012-05-31 19:25 . 2009-10-16 17:54 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-05-15 20:15 . 2012-06-12 21:55 2767360 ----a-w- c:\windows\system32\win32k.sys 2012-05-15 06:37 . 2012-06-12 21:55 916992 ----a-w- c:\windows\SysWow64\wininet.dll 2012-05-15 06:32 . 2012-06-12 21:55 43520 ----a-w- c:\windows\SysWow64\licmgr10.dll 2012-05-15 06:32 . 2012-06-12 21:55 1469440 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-05-15 06:31 . 2012-06-12 21:55 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll 2012-05-15 06:31 . 2012-06-12 21:55 71680 ----a-w- c:\windows\SysWow64\iesetup.dll 2012-05-15 05:01 . 2012-06-12 21:55 385024 ----a-w- c:\windows\SysWow64\html.iec 2012-05-15 03:26 . 2012-06-12 21:55 133632 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-05-15 03:23 . 2012-06-12 21:55 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-05-15 02:19 . 2012-06-12 21:55 1147392 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 02:19 . 2012-06-12 21:55 1488384 ----a-w- c:\windows\system32\urlmon.dll 2012-05-15 02:19 . 2012-06-12 21:55 108032 ----a-w- c:\windows\system32\url.dll 2012-05-15 02:18 . 2012-06-12 21:55 243712 ----a-w- c:\windows\system32\occache.dll 2012-05-15 02:16 . 2012-06-12 21:55 1062912 ----a-w- c:\windows\system32\mstime.dll 2012-05-15 02:15 . 2012-06-12 21:55 9328640 ----a-w- c:\windows\system32\mshtml.dll 2012-05-15 02:15 . 2012-06-12 21:55 98304 ----a-w- c:\windows\system32\mshtmled.dll 2012-05-15 02:15 . 2012-06-12 21:55 742912 ----a-w- c:\windows\system32\msfeeds.dll 2012-05-15 02:15 . 2012-06-12 21:55 71680 ----a-w- c:\windows\system32\msfeedsbs.dll 2012-05-15 02:15 . 2012-06-12 21:55 56832 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-15 02:15 . 2012-06-12 21:55 31744 ----a-w- c:\windows\system32\jsproxy.dll 2012-05-15 02:14 . 2012-06-12 21:55 1538560 ----a-w- c:\windows\system32\inetcpl.cpl 2012-05-15 02:14 . 2012-06-12 21:55 2350592 ----a-w- c:\windows\system32\iertutil.dll 2012-05-15 02:14 . 2012-06-12 21:55 77312 ----a-w- c:\windows\system32\iesetup.dll 2012-05-15 02:14 . 2012-06-12 21:55 219136 ----a-w- c:\windows\system32\ieui.dll 2012-05-15 02:14 . 2012-06-12 21:55 132096 ----a-w- c:\windows\system32\iesysprep.dll 2012-05-15 02:14 . 2012-06-12 21:55 72192 ----a-w- c:\windows\system32\iernonce.dll 2012-05-15 02:14 . 2012-06-12 21:55 12508672 ----a-w- c:\windows\system32\ieframe.dll 2012-05-15 02:14 . 2012-06-12 21:55 252416 ----a-w- c:\windows\system32\iepeers.dll 2012-05-15 02:14 . 2012-06-12 21:55 459776 ----a-w- c:\windows\system32\iedkcs32.dll 2012-05-15 01:21 . 2012-06-12 21:55 479232 ----a-w- c:\windows\system32\html.iec 2012-05-15 00:40 . 2012-06-12 21:55 162816 ----a-w- c:\windows\system32\ieUnatt.exe 2012-05-15 00:40 . 2012-06-12 21:55 70656 ----a-w- c:\windows\system32\ie4uinit.exe 2012-05-15 00:39 . 2012-06-12 21:55 12288 ----a-w- c:\windows\system32\msfeedssync.exe 2012-05-15 00:39 . 2012-06-12 21:55 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2012-05-01 14:29 . 2012-06-12 21:55 209920 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2003-08-27 22:19 . 2003-12-06 19:43 36963 ----a-r- c:\program files (x86)\Common Files\SM1updtr.dll 1999-12-13 14:33 . 2000-02-26 20:14 19456 ----a-w- c:\program files\internet explorer\plugins\atpversion.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2009-04-11 . BC81150939BD52DBC7A08C245F1FB229 . 384512 . . [6.0.6000.16386] .. c:\windows\system32\services.exe . . [-] 2009-01-31 03:33 . 051B1BDECD6DEE18C771B5D5EC7F044D . 27136 . . [11.0.5721.5262] .. c:\windows\SysWOW64\mspmsnsv.dll [-] 2009-01-31 03:33 . 051B1BDECD6DEE18C771B5D5EC7F044D . 27136 . . [11.0.5721.5262] .. c:\windows\SysWOW64\dllcache\mspmsnsv.dll [-] 2005-01-28 20:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] .. c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll [-] 2004-08-04 07:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] .. c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll . [-] 2010-02-16 . 26A901A1840E9E46FFFC6D09B9618CDF . 2016768 . . [5.1.2600.3670] .. c:\windows\SysWOW64\ntkrnlpa.exe [-] 2010-02-16 . 1EE6B94ACA7BE115A1813BBCA65099A8 . 2058368 . . [5.1.2600.3670] .. c:\windows\SysWOW64\dllcache\ntkrnlpa.exe [-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] .. c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntkrnlpa.exe . [-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] .. c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntmssvc.dll [-] 2004-08-04 07:56 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] .. c:\windows\SysWOW64\ntmssvc.dll . [-] 2010-02-16 . EBB75B113E74E90074382347B74D652B . 2181376 . . [5.1.2600.3670] .. c:\windows\SysWOW64\dllcache\ntoskrnl.exe [-] 2010-02-16 . A63052FA8FB8685382E10EE83C326864 . 2137088 . . [5.1.2600.3670] .. c:\windows\SysWOW64\ntoskrnl.exe [-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] .. c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntoskrnl.exe . [-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] .. c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\srsvc.dll [-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] .. c:\windows\SysWOW64\srsvc.dll . [-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] .. c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\w32time.dll [-] 2004-08-04 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] .. c:\windows\SysWOW64\w32time.dll . [-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] .. c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\wiaservc.dll [-] 2006-12-19 . B6763F8534AC547CF1AF98AFDFF2EDC8 . 333824 . . [5.1.2600.3051] .. c:\windows\SysWOW64\wiaservc.dll [-] 2006-12-19 . B6763F8534AC547CF1AF98AFDFF2EDC8 . 333824 . . [5.1.2600.3051] .. c:\windows\SysWOW64\dllcache\wiaservc.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-02-09 00:40 1362320 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-02-09 1362320] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "{6CE6B062-EF6C-465c-AF36-96C67DAD3B65}"="c:\program files (x86)\Pocket Watch" [X] "Search Protection"="c:\program files (x86)\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856] "SoftAuto.exe"="c:\program files (x86)\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504] "HP Officejet Pro 8600 (NET)"="c:\program files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2011-09-10 2676584] "ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2011-06-04 222496] "ALconnect"="c:\users\User\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe" [2012-06-18 741504] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "RunTasktray"="c:\program files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe --regkeypath=Software\Hewlett-Packard\HP Easy Printer Care\HPPRun --valuename=InstallTTM" [X] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208] "YSearchProtection"="c:\program files (x86)\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856] "KnexStarter"="c:\program files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\Appinterfaces\HPDeviceService.exe" [2009-03-23 159744] "AddressBookReminderApp"="c:\program files (x86)\Nova Development\Print Artist Platinum\ReminderApp.exe" [2009-08-31 144672] "Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2010-11-19 193880] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888] "ContentTransferWMDetector.exe"="c:\program files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-20 583016] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "AgentMonitor"="c:\program files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" [2012-02-01 358312] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-17 421736] "TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" [2006-08-13 180269] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "iXL_MiddleWare"="c:\program files (x86)\Fisher-Price\iXL\iXL.Middleware.exe" [2011-08-04 56376] "DNS7reminder"="c:\program files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" [2010-10-27 328992] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "RunNarrator"="Narrator.exe" [2004-08-04 53760] . c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk - c:\windows\system32\RunDll32.exe [2006-11-2 46592] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360] SecurityScan.lnk - c:\program files (x86)\McAfee Security Scan\2.1.119\SSScheduler.exe [2010-3-8 255536] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\windows\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^F1U201.401.lnk] backup=c:\windows\pss\F1U201.401.lnkCommon Startup path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\F1U201.401.lnk . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk] backup=c:\windows\pss\Microsoft Office.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Namo APM Manager.lnk] backup=c:\windows\pss\Namo APM Manager.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk] backup=c:\windows\pss\Quicken Scheduled Updates.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk] backup=c:\windows\pss\OpenOffice.org 2.0.lnkStartup path=c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2005-06-07 07:46 57344 ----a-w- c:\windows\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd] 2006-06-28 15:46 622592 ----a-w- c:\program files\Brother\Brmfcmon\BrMfcWnd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamMonitor] 2002-06-18 07:11 69632 ----a-w- c:\program files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccRegVfy] 2002-08-20 06:23 34504 ----a-w- c:\program files (x86)\Common Files\Symantec Shared\ccRegVfy.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3] 2006-06-29 20:18 77824 ----a-w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2006-11-02 09:45 8704 ----a-w- c:\windows\SysWOW64\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HookUpFinder] 2005-03-21 12:40 225280 ----a-w- c:\program files\HookUpFinder\hookupfinder.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] 2002-09-09 15:05 114688 ----a-w- c:\windows\SysWOW64\hkcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv] 1998-05-08 00:04 52736 ----a-w- c:\windows\system\hpsysdrv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch] 2005-03-17 22:45 40960 ----a-w- c:\windows\Program Files\ScanSoft\PaperPort\IndexSearch.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 17:50 155648 ----a-w- c:\windows\SysWOW64\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2004-02-23 22:43 3026944 ----a-w- c:\windows\SysWOW64\nvcpl.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2] 2003-05-08 18:00 49152 ----a-w- c:\windows\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD] 2005-03-17 22:25 57393 ----a-w- c:\windows\Program Files\ScanSoft\PaperPort\pptd40nt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS121v2] 2007-05-23 14:39 696320 ----a-w- c:\program files\NETGEAR\PS121v2\PS121v2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSDiagnosticM] 2007-09-04 19:48 315392 ----a-w- c:\program files\Linksys Wireless-G Print Server\PSDiagnosticM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc] 2003-07-19 01:23 868352 ----a-w- c:\windows\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility] 2003-05-02 02:44 65536 ----a-w- c:\program files (x86)\Common Files\Roxio Shared\System\EngUtil.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SbUsb AudCtrl] 2003-03-12 02:48 64000 ----a-w- c:\windows\System32\sbusbdll.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt] 2005-01-27 02:02 49152 ----a-w- c:\program files\Brother\Brmfl06b\BrStDvPt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon] 2002-04-18 01:42 69632 ----a-w- c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2003-10-14 18:22 155648 ----a-r- c:\program files (x86)\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StorageGuard] 2002-06-18 16:01 155648 ----a-w- c:\program files\VERITAS Software\Update Manager\sgtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2006-08-13 06:24 180269 ----a-w- c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg] 2000-05-11 09:00 90112 ----a-w- c:\windows\Updreg.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "ccEvtMgr"=2 (0x2) "NPFMntor"=2 (0x2) "NSCService"=3 (0x3) "SAVScan"=3 (0x3) "SNDSrvc"=2 (0x2) "Symantec Core LC"=2 (0x2) "WebrootSpySweeperService"=2 (0x2) . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-13 250056] S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-15 759048] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs Themes . Contents of the 'Scheduled Tasks' folder . 2012-07-25 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 06:12] . 2012-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cce52bedcd0bf2.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-25 03:18] . 2012-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-25 03:18] . 2010-10-18 c:\windows\Tasks\User_Feed_Synchronization-{B452591A-6F2E-4ABF-AFBD-D13C494448F6}.job - c:\windows\system32\msfeedssync.exe [2012-06-12 03:24] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-05-21 2342800] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 2314120] "CX Print Msgsrv"="c:\program files\silex technology\CX Print\Msgsrv.exe" [2010-11-05 73216] "MagicTuneEngine"="c:\program files\MagicTune Premium\MagicTuneLauncher.exe" [2010-10-29 53760] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\SysWOW64\blank.htm uStart Page = hxxp://www.google.com/ig uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = hxxp://www.yahoo.com mLocal Page = c:\windows\SysWOW64\blank.htm mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 LSP: mswsock.dll Trusted Zone: intuit.com\ttlc Trusted Zone: rhapsody.com\rhap-app-4-0 Trusted Zone: rhapsody.com\rhapreg Trusted Zone: weightwatchers.com\connections Trusted Zone: weightwatchers.com\portal.field Trusted Zone: hp.com TCP: DhcpNameServer = 192.168.1.1 DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java DPF: {16F67783-7E72-4C39-99C4-4780A8335484} - hxxp://www.syncmyride.com/Own/Modules/UpdateCenter/applets/sync.cab DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab DPF: {2B497CAF-D938-4059-BA76-0DA5DB77EA0A} - hxxps://mail.shortlawgroup.com/Remote/BuiltIns/FS/Wssg.Web.FileAccess.RichUpload.cab DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab DPF: {49EC7987-E331-44E3-B170-748B58A268B9} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} - hxxp://community.weightwatchers.com/Scripts/ImageUploader6.cab DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e248sa1j.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=en FF - user.js: network.protocol-handler.warn-external.dnupdate - false . - - - - ORPHANS REMOVED - - - - . MSConfigStartUp-Adobe Reader Speed Launcher - c:\windows\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe MSConfigStartUp-NapsterShell - c:\program files\Napster\napster.exe MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\qttask.exe MSConfigStartUp-SpySweeper - c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe MSConfigStartUp-Yahoo! Pager - c:\program files\Yahoo!\Messenger\YahooMessenger.exe WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) AddRemove-HijackThis - c:\mgtools\HijackThis.exe AddRemove-The 80's Game - c:\program files\Yahoo! Games\The 80's Game\Uninstall.exe AddRemove-TurboTax Deluxe 2005 - c:\program files\TurboTax\Deluxe 2005\TaxUnst.EXE AddRemove-TurboTax Deluxe Deduction Maximizer 2006 - c:\program files\TurboTax\Deluxe 2006\TaxUnst.EXE AddRemove-UninstallAbility - c:\4\UNWISE.EXE AddRemove-WinRAR archiver - c:\users\User\Desktop\WinRAR\uninstall.exe AddRemove-{28BA89E7-2F60-4BE7-BAA2-7949EB3FE527} - c:\program files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe AddRemove-{357ECB62-CD36-4B63-B57E-769D0CA174F4} - c:\program files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe AddRemove-{4F0AE1FB-4082-4A27-8363-05D292D92FB0} - c:\program files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe AddRemove-{63272979-21F0-48EF-9B97-A83DBC05BE39} - c:\program files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe AddRemove-{753FE96B-D926-4B6C-BCFB-CC59153D004A} - c:\program files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe AddRemove-{7841B68B-B7DD-408E-8B45-D5CA39608185} - c:\program files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe AddRemove-{9FA01E11-9015-4140-B10A-5C6AA949B2FC} - c:\program files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8D8763AB-E93B-4812-964E-F04E0008FD50}\Version] @Denied: (A) (Everyone) @="{8D8763AB-E93B-4812-964E-F04E0008FD50}" "GlobalState"=hex:0b,ed,77,ff,16,d4,2a,55,50,80,af,d3,5e,09,cd,81,b8,68,24,5b "RevocationList"=hex:84,f2,86,0e,04,21,55,1d,15,ec,5e,38,fb,f3,9d,a4,cc,98,d3, 45 "{01434B69-7CE5-492A-9ABF-8E69F184C5FD}"=hex:59,ae,d4,ee,d6,a4,fc,0d,16,ac,b7, d6,eb,e3,17,99,f5,25,69,74 "{01EBAA2F-BE3C-4D67-8378-CCC3C49EA77B}"=hex:6b,4b,c4,5f,97,5e,56,0b,02,5f,3c, f7,95,7a,c5,ca,b9,c6,48,c3 "{040BCDB7-F29F-487A-B8AB-EEDD0DFB0446}"=hex:0d,b0,2b,cc,c1,a4,4e,0b,d7,27,9e, ea,7e,5e,ef,bc,4e,27,1e,32 "{0531B35B-5DE0-4CBF-A66B-3626E91FE8EE}"=hex:a7,bd,61,14,4b,f6,25,64,db,3a,19, 7c,f6,16,4e,f4,cb,32,1f,d9 "{05394759-4906-48D4-B17B-3408FEB1743E}"=hex:5a,29,47,de,6c,7f,56,ae,da,99,6a, 74,1e,19,de,26,90,4e,ae,84 "{05731E8A-6F4F-4E55-8EA3-F98387FB5618}"=hex:a8,e5,07,f8,d0,20,dd,87,14,04,87, 9b,99,92,d5,e3,0c,86,61,e8 "{08E882AD-4044-431C-88C3-6B3F4F5983B8}"=hex:f2,a7,52,16,a4,83,f3,31,2a,5d,1e, d2,ff,5d,43,7e,80,59,af,0b "{092450F2-E299-4A6B-A7AD-B4CBDAF517E0}"=hex:cd,a6,84,37,91,0b,df,61,ee,43,c8, d9,fd,20,c8,74,c3,77,a6,bf "{0AAC284D-C4A3-4625-8860-B48F92DF7667}"=hex:41,cf,3d,83,cb,33,30,56,30,66,1a, 1a,8b,e9,4f,a6,80,28,23,99 "{0ABEB496-775A-451A-8A9E-02959930981A}"=hex:72,0a,5a,6a,43,34,5e,4c,48,eb,41, 64,65,f0,0a,aa,f2,52,db,a0 "{118CC516-F59D-4203-A365-CD93DB2EA311}"=hex:d4,ab,6e,3b,13,d0,c5,47,f8,27,ce, 61,28,94,93,99,e3,29,1f,77 "{1284A346-AE35-4CD8-AAA2-D4A9B1C5C753}"=hex:53,f3,93,c9,cc,53,2f,49,23,7d,c5, 07,e0,83,d7,27,39,c8,3f,6a "{141924DF-9DA2-4F80-9BBF-476411E6F1D7}"=hex:86,60,b0,a3,5d,3e,e6,da,be,d2,fd, 26,90,2c,f8,1c,d5,c4,b8,23 "{15ACC827-6B16-4B1D-AB91-1ABABEE0416C}"=hex:12,e0,13,0d,5a,ae,c7,47,50,9b,75, 8f,63,40,05,b3,84,38,bb,73 "{1645339A-9C73-4C9E-9F63-F6469C9123FA}"=hex:78,d7,44,30,d0,6a,c1,33,34,1a,25, 9d,4d,2a,64,d3,4f,9f,df,13 "{16A74721-B353-4ACF-BAAB-F4C4BFA65845}"=hex:68,a8,3c,92,4e,68,62,53,3c,a6,87, e9,ae,55,54,f7,ee,ac,4e,fd "{16CAC876-CE01-4A23-B974-B5C4FC9927B2}"=hex:d4,c4,98,ae,f4,8b,bd,1f,bd,3e,98, 95,da,16,c9,80,a2,97,88,6c "{16EC7E43-DD93-4B19-B508-1EB225542EAE}"=hex:95,41,80,6e,0f,1c,2b,6e,50,d0,87, b9,5a,fb,d6,b7,a3,8d,20,3a "{17107E71-6D36-4BA6-8282-F0F71365A0C4}"=hex:46,95,75,c6,e5,7e,1e,d7,00,3e,e9, d0,af,d6,30,1b,05,87,3e,30 "{177DC53D-6CC7-47E3-9463-25644B0F0654}"=hex:4b,24,66,88,fc,a0,35,3d,98,32,b9, bc,e7,2f,ba,7c,13,1d,e6,ac "{1C100E88-E749-4D72-80CA-7F60FA7BB4C3}"=hex:2d,47,b4,a6,26,a5,86,0f,b4,ef,21, 24,6a,e3,ba,82,1f,bc,cf,5c "{1CE1C57A-A5F2-444B-AA98-830E69CF112E}"=hex:d4,1b,c1,80,3f,73,c3,71,d0,a0,87, 63,06,3f,25,32,b9,ad,42,9f "{1D9936B2-C96A-458F-A202-10846A72F1FC}"=hex:f0,10,88,23,fa,07,56,40,9f,97,8d, cd,d8,b8,d2,ba,bb,22,4e,d7 "{1F9544C2-CB46-4690-8C97-1A6D1ECF657E}"=hex:08,6d,78,c3,f1,77,f7,42,25,19,e2, 81,88,3e,05,a6,d9,4f,1e,ab "{20D5D1B8-FB20-445B-888F-1BB2719AB290}"=hex:fc,15,92,60,d9,c8,81,77,a0,45,10, 77,71,d0,0f,b2,42,88,a6,4f "{21701DD0-9D7E-43f7-A1B2-E92ED6E90A51}"=hex:ea,75,0a,90,f6,df,b4,19,86,50,53, dc,42,2f,0f,1b,58,d3,be,19,00,b6,db,6e,8d,e5,c6,01 "{222C3BB6-CD1F-4D15-AC93-133DACE33866}"=hex:fd,e9,28,0c,cb,8e,6e,62,34,ac,38, 62,24,a5,6d,cd,7c,16,71,2c "{22689A68-5453-42FA-94A1-6ED7B5F6A8AD}"=hex:a9,f4,36,61,3b,f2,81,e0,fb,31,eb, 8b,29,7b,8b,64,6c,8b,36,fe "{22A762F3-8AA8-4C62-962A-6A261B2C26E6}"=hex:72,bc,55,46,e9,c5,1e,d2,02,34,ef, 07,3a,08,ea,d8,48,ca,5d,b0 "{26A192C7-5B28-4923-B36B-E8C499FF5267}"=hex:bc,58,a7,82,c0,f8,e3,4c,18,cf,5b, b7,3c,af,51,f0,78,8d,23,ac "{26C226A3-3908-4348-BDFB-9F05754E81BD}"=hex:ab,41,54,87,89,cd,61,b7,91,da,31, fa,1a,b4,0e,7b,5c,ef,3e,8d "{288DFA63-553E-4123-BEDD-EA64931E3A60}"=hex:4e,8d,f2,1a,77,b0,dd,76,2b,e9,4e, 1c,3e,a8,75,17,bd,37,90,da "{28A1BDE4-3A56-4077-9472-6EA7DFAA1EBE}"=hex:68,af,55,db,77,c1,02,91,dc,0a,37, f8,6a,60,a7,82,e3,22,8c,58 "{2A81C47D-CD39-4B0C-8A35-EECFCFF635E7}"=hex:7b,09,43,65,81,08,61,0e,bc,54,fd, 24,e5,42,b8,84,10,e6,ca,53 "{2B7AFA97-2DDD-4A95-AD8F-86F6AEF73A89}"=hex:72,36,5d,95,83,71,64,7f,70,86,65, f8,4a,9c,1b,6b,82,25,77,c1 "{2D8197EF-DE36-4B3E-A316-2B59C338FE21}"=hex:77,bd,af,a5,14,d4,55,33,44,90,34, 6f,cc,16,58,01,f9,9b,0a,b1 "{2DB62F07-44F9-4E2F-A595-D13FF3F9F40C}"=hex:79,b8,1b,80,70,72,ef,ca,16,7b,fe, 8b,e4,80,12,2f,1b,41,69,71 "{2E1B858D-704A-41B5-A77D-C049B47F453D}"=hex:0f,56,f2,17,43,2b,5e,d1,6c,8b,ae, 53,45,af,bc,f0,4b,63,1d,79 "{2E6A11A5-2C3B-4196-BC73-742FF17D41FD}"=hex:98,7b,ca,72,db,e1,79,ea,7b,96,04, 9a,5b,f7,b4,36,68,d1,23,4c "{2F7904A6-FEE7-466C-9B61-BF2832623D44}"=hex:0a,d8,a7,26,51,bc,a0,cc,cd,73,d2, f2,70,ad,66,8d,30,32,ec,0b "{32CD0A88-25D6-432D-B30D-10CD0C22D62D}"=hex:bf,12,c9,4b,c2,5c,7c,bd,44,05,a3, 65,2e,80,6c,de,43,92,79,a1 "{3532FFFE-9D18-40E8-B359-C4F6D2DCC36B}"=hex:96,55,0e,89,bf,4b,44,c2,b3,23,b8, d5,43,d6,86,a0,f8,16,26,56 "{35F146EE-744F-4560-870B-A11919BE93C8}"=hex:f0,65,c7,64,be,38,80,a7,75,71,ed, 1e,d8,d9,04,b9,66,ba,31,0b "{360641CA-1296-4DBB-83C7-0962B9A41631}"=hex:ea,d7,e1,b1,76,b1,36,91,2f,42,46, 71,72,37,ff,ca,aa,ab,01,b8 "{36CE89E2-BB90-4627-BDF3-F17576360FBF}"=hex:2d,bb,63,e4,ba,ae,07,37,13,bd,d8, 1e,5f,48,78,50,dc,de,62,65 "{39E915DF-BC56-433E-AA37-F6E29364A3D1}"=hex:b0,1a,fc,d6,e8,f0,1b,4b,8d,fc,a0, e0,f4,6b,45,e4,b0,79,9e,33 "{3A50F954-3F9E-4583-9F0C-257A8A1AB6D5}"=hex:bb,5e,ac,3c,41,05,10,7e,9f,59,96, 26,17,b2,a5,a3,78,40,a1,2b "{3AC7142A-BC0C-427B-AB5E-BE2DBD9EFD57}"=hex:01,e2,47,aa,ca,2a,df,4c,71,5c,2f, b9,bc,a0,07,01,ea,d8,71,b7 "{3B2C7F34-5CC4-4D14-AA40-BC9992B554BE}"=hex:4b,18,99,42,2e,35,4e,85,06,c2,38, f3,40,c2,19,61,7c,5e,30,04 "{3BD2F192-95B0-4AE5-B06D-157B5044E0E1}"=hex:ec,a8,51,da,1b,d0,c3,4e,2f,de,4e, 49,0d,8d,13,c0,24,7d,90,1c "{3C46F627-05FC-4DEA-939A-13F85197E46E}"=hex:c7,e4,93,11,44,be,33,c4,6d,b0,aa, 20,12,df,4e,dd,e3,de,7f,b7 "{3C904815-B0BC-4A56-A553-1A1B7829E0F0}"=hex:e9,84,00,aa,e7,b1,ed,08,2a,cd,54, 16,d0,4d,27,12,ab,00,70,38 "{3D73A07E-5994-42A1-9DD0-82A62C2E9498}"=hex:85,ed,f6,fb,c5,c8,5c,ca,e1,a4,c3, c7,2b,cc,b4,b2,38,ad,19,5b "{3E90A45E-23D3-439B-8BE2-0A47491E5343}"=hex:8d,ac,19,64,ac,b6,ad,1a,97,91,cf, 60,04,20,6a,32,c1,c5,7a,fc "{4048C7CE-69ED-4E22-BA80-508335A56DE8}"=hex:18,96,81,20,29,06,b5,e1,18,15,a2, a3,b5,1f,ea,01,9a,0f,ec,1e "{40FACE2D-03BD-464C-AB57-C282EA403456}"=hex:02,e6,5d,df,7c,2e,fb,40,9f,a8,de, 34,f6,f6,39,64,49,82,e7,38 "{42F65824-96F1-430E-BA29-DA695C5A99A0}"=hex:64,ef,b8,6d,0c,b9,e2,1f,1d,56,a9, 71,b1,02,80,a1,31,55,a3,5e "{43BB1FBB-B79B-4017-A837-E3F2CBB79963}"=hex:20,23,ff,db,f0,eb,76,ca,3b,24,e9, 65,f9,61,1c,0a,df,45,88,84 "{44FB31CD-8FEB-47A9-B28A-B960A6C7EE78}"=hex:fd,27,b4,3e,55,af,1b,01,2b,2c,26, 5c,61,c2,c5,ff,e0,ce,2f,22 "{462FB115-B8A2-46EF-B9D5-01EDB75E1E2B}"=hex:57,2f,51,03,b0,e3,d1,05,41,52,36, 02,15,52,4d,6c,67,26,aa,a0 "{47453FB0-EE9D-4C14-AD15-5A961D6BABEB}"=hex:de,40,92,de,3a,07,36,17,6d,32,b9, c5,e1,9e,aa,3b,08,31,54,34 "{479DE87C-9A9C-41C2-9C1C-7738375D5DFB}"=hex:6f,ef,46,a9,86,28,6a,59,c7,a9,df, 6b,c7,24,e4,62,3b,43,8d,38 "{47B8839B-C4A0-46CA-AE17-0C77D5E6029C}"=hex:5f,63,b2,92,ef,8a,d7,a1,47,d6,15, dc,f4,ff,e6,eb,69,a9,3f,e2 "{47C148F5-5179-44F7-9793-88B5F91DDAEA}"=hex:58,0a,73,d1,0c,77,15,dc,44,ed,ae, 7e,85,39,d4,21,1b,a6,9d,a4 "{49A05E9E-E0C1-4992-BA58-EC08E3DB0ED1}"=hex:6a,b3,51,3b,e4,a6,b4,dc,7e,df,46, d6,ea,0e,4c,14,6d,aa,7c,cf "{4A80BF04-D4ED-4DA2-AEDB-A7A0DE0F94F8}"=hex:37,e9,7f,c9,62,b4,1d,c7,e3,3f,10, 21,e9,a4,25,88,cb,37,a5,5a "{4B5102AA-28F0-4F12-99A4-62329D33DD9E}"=hex:61,8b,32,75,66,eb,bf,56,fc,d7,ec, 57,1a,a3,a6,74,5c,40,4e,f9 "{4BCC734B-EBAB-4611-B82C-0272F63951E1}"=hex:53,62,d4,4a,de,7c,6f,93,0e,06,b9, d7,3f,04,8a,8d,b8,64,04,a7 "{4BEEEE79-DDEA-471F-95D5-76B663685865}"=hex:25,33,e9,2a,f3,ad,1f,c4,8f,79,bf, c4,3f,ef,a9,45,d7,b6,80,58 "{4D8CEA1E-7069-4EEC-84A7-C96488AC24BC}"=hex:9c,ee,d7,fa,6d,2e,fe,a4,69,66,b6, 33,6f,dc,9f,e8,a8,ad,6d,70 "{4F01C7C0-4260-4588-BC5C-57715F7B92C8}"=hex:fb,f6,2c,02,a9,32,8a,53,0c,42,91, 84,c9,7a,b5,8c,78,66,62,cb "{50D4D75F-8E53-429A-9A81-DC4941945D5D}"=hex:4e,17,43,a6,6d,6a,36,10,49,63,02, cf,3c,21,39,e3,a5,ff,74,98 "{50DBAE41-7083-40B6-AD2E-F3D56D95E89F}"=hex:f5,9f,0c,22,e8,41,13,94,3b,8c,14, b7,46,1c,b0,a6,73,39,d5,67 "{5188B123-789C-493C-8179-DBE96C248C5F}"=hex:a2,ac,f2,32,99,d4,8b,c3,a6,88,8d, b6,8f,cd,2b,a5,6a,76,d6,a0 "{52443777-7732-4791-BC0B-1765A8323F27}"=hex:16,60,8a,a9,e1,25,dc,8d,7f,2e,b5, 3a,ef,45,46,f1,27,b2,5b,48 "{5264CF1D-FB9B-4AFE-8B9D-762CAE3755EA}"=hex:62,96,71,96,bd,6b,9e,f4,23,ca,92, 65,b7,c4,b2,99,2a,99,df,49 "{53AF2586-6C34-4686-9D87-3A4139559863}"=hex:db,bd,e9,d8,34,b2,c3,f0,21,f5,ba, 8b,ab,17,dd,1a,74,77,f5,77 "{5402DEBE-E8BB-407A-A58F-30109E039404}"=hex:57,05,74,26,12,5f,69,47,a9,ff,d2, bb,29,63,8e,d6,16,06,00,43 "{545C1EE1-F4A6-442A-A829-B12550BDC18E}"=hex:2d,66,47,73,1a,b7,74,a7,d4,61,f2, 61,24,c4,15,6f,a9,b1,d8,b0 "{55E63605-8C5C-4F29-B13F-38820AD3E1A1}"=hex:49,b0,88,c5,f7,ef,7d,c5,ae,f8,19, 8a,96,d8,4b,a4,2c,c9,89,84 "{5654CBDD-D62C-46B5-9FF2-4C5D0190C59F}"=hex:85,ad,ee,ba,5f,0a,9a,63,71,01,09, 4d,eb,83,f1,7d,61,5d,7a,b0 "{565C5695-7668-45E7-9840-4C5AF50BDD59}"=hex:fc,d7,cf,9a,be,86,df,5c,73,5e,0d, a1,d9,52,4f,6f,d2,ba,ea,51 "{56A54194-3651-446D-90EA-4CBBD56189A0}"=hex:f9,29,07,76,d3,0f,23,21,22,69,71, 06,f7,b9,fb,56,ac,18,86,ca "{56A75047-6658-4239-8C38-FA4C79838346}"=hex:1a,a7,6f,5e,d5,7b,7d,4f,e9,df,57, 5b,26,1b,d4,f0,9b,40,09,20 "{57A3E010-9E8D-440C-B81F-011E9027AAB9}"=hex:3e,6a,d1,9b,fb,de,cc,7e,ef,5d,59, 04,dd,85,dc,86,93,77,c1,46 "{5865FC8A-6CB0-4C71-BF7A-892D21938E9B}"=hex:97,97,12,b1,b2,9d,d0,e9,33,db,2a, 97,b9,af,9e,29,a3,42,51,a3 "{586B9954-98B0-4D51-AF5D-FBFFC149A21F}"=hex:48,10,38,b0,e7,c7,dc,d9,b0,73,b7, 12,b1,f2,ae,bf,0d,ce,a5,e0 "{58B592D9-8BB1-4897-BAF0-7263B6ED9860}"=hex:5a,8d,91,51,0a,bd,50,10,8f,53,9f, f5,30,2b,0c,77,ff,72,4b,b1 "{5BCBC1EE-9722-46B5-80E0-29313D576342}"=hex:2e,9d,51,9c,00,40,81,95,a7,34,02, 25,f2,c1,fe,06,9c,8b,c2,5b "{5C078EE5-6F7E-4D0A-9D19-6C8D8EFDBDCA}"=hex:12,c3,ee,d8,70,10,03,ac,4a,e9,cc, 71,56,30,03,74,95,95,a4,83 "{5D680B11-6718-4357-9DFA-0BB2B903A319}"=hex:be,6f,2b,ce,f5,27,0b,3e,1f,7b,d8, f4,be,6b,d8,82,1e,46,e3,fb "{5D83DD38-5AF8-470E-B6FA-5C3719C4208C}"=hex:48,e5,4a,53,b5,e0,d0,70,81,b1,84, f1,7a,c7,7b,1c,ea,49,10,c9 "{5D877F39-7AD7-43A5-A427-A7F8A6E8CC96}"=hex:ba,c3,78,5b,44,e9,7d,62,39,76,2d, da,e2,3a,d2,49,1d,92,fc,3c "{5ED25DED-05B6-46A3-BB3E-D6D823761360}"=hex:7b,fd,2a,fc,25,69,12,26,d8,73,35, ab,21,6c,dc,c9,45,d7,8e,fa "{5F3766FA-225B-4BA6-8FE0-59FC17F567AD}"=hex:ac,85,aa,ba,d4,d3,43,85,97,3a,90, 29,fe,4a,1e,03,9d,fd,ae,3d "{60A67DF4-D0C5-40AC-94DD-E023C2ADA153}"=hex:b8,4f,8c,fa,8c,6a,6f,1b,c6,7a,59, fa,12,da,98,08,dd,04,0d,67 "{61C60067-2A01-4381-B828-8D57DB89BFCD}"=hex:2d,01,32,d7,23,2e,e4,e0,3c,be,c0, 14,4a,26,74,30,05,b7,34,12 "{625F8D68-007C-4F0C-8576-5F04807E3FEA}"=hex:f2,0a,d3,41,60,f3,0c,c9,55,00,18, de,cc,e9,60,43,3f,ad,95,d8 "{62C1EE74-EA17-442B-B9B0-5A695A283DCA}"=hex:b5,b9,54,15,ac,5d,c0,70,13,49,77, 93,c0,95,bf,86,12,75,d9,58 "{62ED9ED5-3100-4620-A87A-715F4102FFE2}"=hex:46,bd,fc,2d,83,9f,51,bf,f9,b2,bf, 30,e4,ad,ac,50,97,e7,d8,1a "{63399308-B7F7-4F6C-AB43-40864F90CDBA}"=hex:7c,6a,f2,99,fa,89,96,2b,ab,f3,66, e8,f0,6d,6f,62,1a,59,49,b0 "{63A0C1F7-9798-466B-B53E-A49B6F134599}"=hex:ad,f0,df,54,fb,f9,9b,3c,6b,e2,0d, 9b,f2,83,59,46,7a,cc,3d,23 "{6508327C-FD30-4BDD-A556-FEA4CBAB662F}"=hex:de,93,18,2a,f3,cc,f9,0b,1f,e9,ad, 6d,d5,a6,83,1e,7b,b9,e5,6e "{65F8B22D-77A6-48F1-B1D4-61D995A6BB6C}"=hex:87,5c,9e,55,c1,0e,64,ff,ba,e3,2f, cc,ef,ec,3f,e6,a3,46,8e,ee "{68480597-9F6A-48C8-8884-BA17C15C9795}"=hex:c9,29,4a,24,43,a7,02,41,4e,df,ba, f8,48,c9,7c,c4,32,bd,db,86 "{6A4B7020-12F4-416F-AC3C-49524C661FD5}"=hex:13,0c,20,8a,57,94,15,1a,46,5b,11, aa,03,dc,b1,6b,de,1f,40,8c "{6A991CBE-319B-4E5A-BFA5-62EFAEBB1FCE}"=hex:bb,7d,b5,89,9e,15,ad,51,05,4f,1f, b9,b8,d7,d6,c1,6a,f0,ec,85 "{6BAC5461-BFFA-42BD-9641-2C2E9472281C}"=hex:4e,93,b3,30,1c,33,20,38,d9,ec,06, 3d,5d,75,86,4e,6e,dc,51,bb "{6DA52084-5655-46C9-91C6-69F933BB196E}"=hex:cc,5c,42,3a,7c,f7,f9,bc,45,72,b0, 85,e2,e1,44,b3,8d,7f,e6,37 "{6E01A01C-00B4-4C92-9066-AD91E60AF9EE}"=hex:75,03,7f,86,a4,f0,26,1e,d4,59,6a, f3,28,59,c5,fd,8c,2c,fb,81 "{6E24629D-A6D7-45CE-9258-BE4E8CDAB0B5}"=hex:3a,f3,4a,07,81,00,86,8f,54,8a,67, f6,b8,a6,09,1e,c3,ae,b5,20 "{6F4EFADF-3752-49C5-BB90-2C9C3461FDCF}"=hex:5d,b7,74,7b,b2,cd,b9,19,78,43,e0, b0,df,55,50,d5,a4,73,8b,53 "{716BDB0B-31C1-412C-8FD5-210E96E5623A}"=hex:38,10,0a,d1,25,62,cf,61,0c,2f,fb, 14,5d,4a,20,87,28,38,ec,83 "{71F2A930-311A-40CC-8BAE-B938464A0AB5}"=hex:e8,3c,1b,90,b8,f4,97,c9,32,50,62, 7c,a2,b6,39,d7,1c,29,41,a1 "{72017083-2D15-40E1-9D60-DAF1358C3F83}"=hex:f1,a2,03,77,26,86,00,52,ee,8d,e4, a7,5e,bb,4b,59,41,c6,d0,98 "{724247D7-442E-464C-98DB-5CB195AECC7C}"=hex:fb,f9,cf,e2,30,c8,31,5e,2f,91,3e, a9,83,22,ac,02,61,38,38,a1 "{72ACEDAE-7CE6-4E4D-A1CD-7D4513DC0C59}"=hex:d3,26,69,af,b5,e7,19,91,70,08,be, 33,11,5b,eb,b0,20,d2,27,7e "{73CE72D9-0A04-442C-AAC6-F36AD0AE2F51}"=hex:cf,d2,ca,80,b7,64,a0,12,2e,03,e7, 3d,de,c2,fd,f6,96,c3,dd,d0 "{747BBAAB-4C1F-4CDE-B75C-1AC56933E86F}"=hex:53,52,05,d8,50,ae,28,96,a7,98,04, bb,ca,0c,56,69,da,a8,69,5a "{7633EBB3-27B7-4288-96EA-7DBB24D81154}"=hex:69,c6,e9,16,06,75,1b,cb,7c,7d,e5, 34,05,bd,07,6f,02,66,27,7e "{76DB4E34-35ED-48C2-9527-440869C5B3FA}"=hex:b6,12,7f,2d,a1,79,7d,ee,0b,97,e8, 8d,95,09,94,8c,da,17,3d,a4 "{78243AC7-2107-48F1-8C2D-EABE964BC542}"=hex:cd,91,1d,23,98,0c,64,d2,00,64,fa, ef,95,8b,d1,c2,c8,16,a3,db "{78277FCA-6BA6-4E9F-8ECA-A80EC0B178BD}"=hex:7f,6b,5a,fd,e4,c4,6e,e3,1f,33,46, e7,55,ba,9e,26,bc,58,52,5e "{785215AB-7A8F-4D5C-95CE-2B8A603444BF}"=hex:57,37,fd,d9,6a,9c,f9,0c,7d,b0,42, bf,22,06,83,37,6f,c9,4c,12 "{7979C22C-01BC-4AD7-AA78-26F828F0083C}"=hex:3a,32,0e,19,d2,02,8a,2e,b4,23,bc, d3,0f,97,a6,21,06,b3,5f,08 "{7A3BCA63-7C72-41CC-9A57-9C73BF2FB3E1}"=hex:b6,e1,cb,23,fc,48,c9,bd,8d,d6,50, d1,63,d4,11,90,4d,4f,28,eb "{7CD78E11-77BF-4A89-A41B-9EF1FC873F52}"=hex:6b,18,49,2a,0c,32,51,08,08,d4,a1, 66,29,dd,e4,59,4c,97,6e,c2 "{7D597137-5FB8-47C6-8897-390B2089AAF9}"=hex:e1,05,17,69,f7,bf,49,22,a3,99,d9, 1b,d0,2a,23,e1,2a,d1,95,43 "{7D86554B-9452-4A94-A7C4-1BA4F77B790A}"=hex:77,59,8e,8f,f0,38,7b,c7,44,7d,2c, 63,30,b6,d1,6f,77,9b,f7,f1 "{7E7CC10A-7EC0-4001-A4A2-801F924CC066}"=hex:66,ca,e7,f0,ff,2d,e1,8f,39,ce,fe, 17,9b,22,ec,ac,84,4b,37,2b "{7F7E3129-0B40-46EB-B827-1C79E7DF4D95}"=hex:23,2a,7b,c4,69,a8,e6,72,dd,26,d0, 97,21,f7,de,a7,a9,c2,85,d1 "{807B2CAB-7025-47A9-BFF5-C9640732B82A}"=hex:8b,ee,ce,ee,43,ed,d9,55,63,e4,d3, 51,50,6a,79,cc,56,d2,a5,f4 "{80BC1868-C875-49A8-BEDB-578BF84AB2CE}"=hex:82,d7,e3,85,81,2d,16,9d,12,e0,1e, 93,5a,3c,62,0d,5e,15,32,51 "{80DD32FB-1A21-4547-A8AA-2C464861A744}"=hex:5b,95,e4,73,52,76,b1,08,73,c8,a4, 98,45,3f,5e,30,78,c9,e2,96 "{81A8D84A-29F0-4DDE-B2ED-F9D2E4BB0296}"=hex:d4,f3,e8,1b,f9,76,de,71,be,34,ae, db,63,65,c5,8f,fd,69,cd,de "{81BF29AC-25DF-4E8C-87AF-09832E9DEB74}"=hex:9e,1a,e6,3f,9c,f7,3b,3b,2b,d0,42, b0,f2,32,c9,8f,30,40,84,37 "{82D59913-E413-4DB5-BB2A-54E066059FD9}"=hex:20,f0,d0,37,47,80,f8,d7,dd,2b,1b, 20,88,6d,4c,e3,7e,88,13,cd "{83F64BAC-BCA4-4FFF-BA90-D1252BD7B8B9}"=hex:e2,fc,d7,fa,90,be,ef,03,e9,d5,51, ef,9a,cb,fb,19,f7,2d,7c,18 "{84E83D8F-9743-4D80-A993-AFBDB9BED140}"=hex:7d,68,f5,df,a3,85,93,c9,9b,bf,56, a5,e5,18,55,f0,1d,4b,96,f5 "{85C30C8B-618C-4791-BF49-86F536DF3729}"=hex:6d,f0,00,ae,25,3a,55,3a,d1,41,30, 1b,8e,01,41,f2,83,24,78,d4 "{86A4EF20-16CC-4719-99E3-9EC41B046789}"=hex:96,3e,a5,b7,fa,31,a8,a3,52,e5,ae, af,c2,35,54,1b,7e,48,f6,36 "{87D6377C-3739-4DDA-BFAB-A0F4C3F6F1B1}"=hex:93,a2,11,c3,3a,9c,f7,c8,3b,00,83, dc,66,5f,12,79,8f,82,6d,f3 "{8A7487EA-2E17-4C32-8B13-A30C8945AA7B}"=hex:2f,80,7b,46,af,97,fe,7b,21,9d,59, bc,57,c7,a8,18,03,b6,62,ff "{8C6B590A-DD24-44AD-B3D9-44F6DA8BE5C9}"=hex:3d,af,21,ea,12,96,a7,00,a0,82,0e, 2c,ca,5e,45,3f,8f,17,d0,73 "{8D3B48A2-FE6A-47AD-BAB8-4F82F65A879A}"=hex:b9,62,58,83,a3,fe,4e,ac,8d,d6,03, 99,87,07,e7,84,cc,8f,04,a8 "{8DF174B0-6291-4019-8C1C-91D9551EBC8C}"=hex:47,07,de,62,be,de,dc,f8,af,ec,cb, fa,82,ea,1f,38,a2,34,2c,c9 "{8FC9038E-D0C4-4DE9-83E6-82FD9A1BF08F}"=hex:67,35,ad,77,ad,09,fc,0e,00,50,ee, e3,7a,ea,87,b2,d4,8e,a0,41 "{90D34CCB-9B37-4F3C-98A1-A13364F771E0}"=hex:11,a0,06,ee,35,aa,aa,16,45,41,cc, 10,bc,9d,10,c4,f5,14,35,dc "{92A7C715-EF0F-4C41-8CF2-602610A74FDC}"=hex:bd,a2,ae,1b,83,8c,30,04,9e,bd,bd, f5,19,1c,9c,1b,f7,b9,3e,8c "{931C0A9D-CBEA-42F7-A0AB-DF10CFBB7ACA}"=hex:8d,27,34,74,cf,0a,a5,1d,76,d7,33, 63,dd,69,10,60,f1,74,42,84 "{95A2AAEE-B042-42CA-B366-2BEEAAA12C93}"=hex:b9,d3,92,69,b3,c6,4b,dc,f3,c1,6c, 82,6a,b5,5a,56,42,1a,45,cc "{9D72C6B2-04CA-4622-8F2B-439B71962B35}"=hex:1f,80,03,3d,1c,66,15,d6,77,5c,48, 30,4b,21,cd,08,95,1b,34,b1 "{9EB7A0E1-2688-4FD6-B33E-9680E31570FE}"=hex:b1,70,43,d8,ea,f9,6e,10,77,7c,bb, 6a,73,b8,bf,b1,2e,20,22,9e "{9F317BEB-76BB-429F-A4B0-87B9600651AB}"=hex:1c,63,7e,10,44,55,ba,87,b5,5d,2e, c0,1d,8c,17,35,c6,6c,a6,87 "{9F4419AD-5B32-47D5-A210-2A356BD7FFB9}"=hex:c0,d9,8a,0d,a3,e4,d2,23,17,ae,27, f4,51,5f,61,17,08,22,49,3d "{A05B55B6-4868-4CD1-9A8C-61074E525FE2}"=hex:89,8a,1a,2c,85,05,df,bf,99,a4,bf, d3,1d,ff,49,f6,8f,36,c2,52 "{A0D7BD09-42B1-46FC-8D6E-B977C5C96872}"=hex:fe,ef,50,b5,81,e5,8c,6b,a8,ce,01, 7d,e1,4a,ce,db,b0,68,3a,54 "{A225ADAF-1234-46F9-8987-AF9620B88FC4}"=hex:b4,eb,05,71,76,75,13,b7,7e,f1,66, b1,7d,d3,e2,fb,18,2d,5e,83 "{A575EA76-9495-4A53-A2FD-A1AB43EF83EB}"=hex:57,7a,f4,a8,34,87,06,ae,f0,c1,8e, db,a3,18,7d,54,2e,bc,b9,bf "{A7175FDA-9B3E-45CF-B41A-13C74AC94889}"=hex:59,f3,7b,ed,c7,6c,8a,5e,83,e8,ff, f9,67,ad,5a,6c,5d,f4,62,60 "{A7252ED4-6CF7-402E-BE0A-669C27DDA1BC}"=hex:13,b8,c5,b4,86,ea,18,39,b7,34,50, ad,a0,53,31,42,12,2e,2c,5a "{A9896581-5E98-467B-98C3-1D71B4F92D5E}"=hex:96,fe,b3,b5,24,4f,14,9d,3a,07,c7, 36,e8,a1,04,a2,50,bc,31,95 "{AA7D8B1C-8062-498F-9148-0226DC26BAFA}"=hex:0b,2a,e1,bd,88,6e,5e,d4,d2,8a,ba, 62,11,02,6d,e8,cb,80,4c,0c "{ABA39F98-1B85-4510-ABCE-13ACE2CDC1CB}"=hex:88,5b,d2,7b,1e,78,71,a8,8e,7a,51, 5d,4c,bb,9f,c2,58,a1,39,86 "{ACC7BF7F-A1D5-4B7F-9309-4673F98C4BC4}"=hex:53,75,da,79,79,c6,e0,d0,0f,de,dd, 12,c2,60,57,39,5a,23,0d,0c "{AE79880C-3815-4E93-961B-D37F1764C92A}"=hex:95,aa,f1,aa,40,9c,5e,fe,df,99,d5, 7d,2c,6f,4e,7d,1f,f2,76,32 "{AE9AE176-1FF1-4777-8FFF-7D42D0D89E29}"=hex:88,21,25,d8,84,ee,f6,0c,b5,e7,ff, 3f,5c,09,d2,86,b2,58,d8,24 "{AEA30D3A-5551-4C8B-BCB8-6FAF5B84D513}"=hex:de,6b,dd,cf,9b,fc,13,b9,53,c1,f3, 38,84,16,75,56,7d,11,54,e6 "{AFF45C96-E740-4C73-84C4-C7EC7678F221}"=hex:35,78,ec,da,0c,b9,37,f1,c3,eb,9a, cb,01,cd,77,1b,2b,81,fc,46 "{B047AE6D-C6C3-4FB7-9847-11AD794F2AD0}"=hex:fc,d3,45,45,65,4a,47,58,36,e6,f6, 82,8f,0b,4f,94,bf,79,88,70 "{B176D3AF-45E4-414E-9889-61DA139D1FAC}"=hex:29,1b,50,31,33,f5,06,31,bb,af,35, 16,bf,42,44,f5,34,b2,92,76 "{B2F5A2B8-DD04-4AC7-82CF-D29142085221}"=hex:ac,38,d7,c1,6b,d9,27,12,a7,4e,c5, 5b,dc,58,50,4a,f9,9f,fa,c6 "{B5AB4E4F-58AF-4237-8E73-CB0DE8D490C0}"=hex:63,cb,82,10,50,4f,29,26,f8,04,63, e4,02,65,3f,7d,1c,b7,d0,a5 "{B7052501-4139-41FD-9353-C604AF417A41}"=hex:0f,23,41,62,d4,d8,64,41,5e,28,65, f2,b6,84,5d,34,eb,41,e0,14 "{B84A89CF-555F-47F9-8471-C804025C8B88}"=hex:a9,37,f0,43,5d,f1,08,c6,9c,ba,7d, fc,0c,b7,4c,41,2c,bd,4e,2a "{B9B088F9-BB2B-4159-AB06-AF539417A62D}"=hex:1d,9c,7a,9b,7a,6b,76,f7,13,57,cf, 8a,df,8b,70,e5,09,aa,e4,d3 "{BA0A2385-14CD-4AD8-AC94-10B961016736}"=hex:b8,9d,3d,b6,fd,9d,b3,29,65,9e,ad, 68,51,8a,ba,c0,4c,14,29,e0 "{BC11B925-292C-4E49-B70D-4EB45B8FE831}"=hex:dc,bf,7d,4e,34,1a,06,9f,97,5e,ae, af,5e,ec,0f,00,8b,95,33,5c "{BC1AF5CB-D1AF-444D-A40C-CB2EBC1903A2}"=hex:ff,0a,70,61,86,22,85,e8,bf,2a,25, d5,41,81,d8,76,42,2e,6b,0c "{BF646F1A-2EA1-4007-95B9-B68E82E4B233}"=hex:3d,2c,e9,1e,65,94,90,ab,76,69,2f, 10,d2,77,ce,95,cc,c5,70,05 "{C13A0636-546C-4528-A595-61D1213AD2B1}"=hex:b3,2b,86,5e,85,c9,c6,46,e2,dd,9f, 9e,18,ed,d0,ce,58,2a,96,04 "{C19ED00F-FC32-45EB-B37E-CAA059997789}"=hex:09,91,02,e9,c5,44,bd,0e,e7,65,be, 58,28,7a,f6,3f,c5,90,26,1d "{C5D173F1-D9F7-423B-8768-912DC609D243}"=hex:dc,4c,fc,b9,17,e8,41,da,be,21,8e, 97,41,0f,81,44,57,96,22,a3 "{C5DCFB96-EA18-4900-9CC3-A72C24E7891E}"=hex:32,33,05,56,20,c0,c4,85,a9,f2,db, da,f7,b0,92,27,4f,6f,f3,35 "{C65420C5-DAC4-404D-A3F8-D9C9C089397D}"=hex:76,63,55,92,ea,b1,70,45,5a,fa,76, 58,ef,39,d5,07,7e,ba,73,37 "{C7577F7A-DBCB-43A6-A5D7-FC0B4D1D61BB}"=hex:51,b0,06,84,73,79,98,ec,a3,b6,5d, fe,da,40,e5,3f,d8,1c,4f,35 "{C78DB350-D393-42A7-B2BA-88645118AD13}"=hex:27,a2,57,e6,65,89,97,71,49,34,91, ce,3c,9c,c0,c3,05,8b,19,84 "{CA774C18-A672-4CAD-84A7-28A28F835303}"=hex:a0,b1,fc,62,54,99,7b,4d,59,b6,f4, bf,94,79,0f,86,d5,2c,9d,ae "{CAADD581-E2A4-40AC-9C73-1C84547FFE31}"=hex:95,11,b4,2d,98,0b,8f,18,fc,3e,6f, c4,bf,74,3c,ca,08,fa,ed,f1 "{CB87A30E-DAF6-473F-880D-677226D883E7}"=hex:73,15,91,f8,18,73,b9,6b,d2,72,de, 10,88,8a,5f,a7,e3,15,b9,f2 "{CDDD4705-3F15-4113-A3DA-E50F0F1D6893}"=hex:73,98,e5,83,f3,76,a2,de,c0,05,d0, 9a,97,d5,1c,d7,3b,a5,a8,a5 "{CE6752BD-0829-4B1C-965B-F757844AF249}"=hex:32,e8,ec,c4,4e,fd,1f,c7,5c,7c,f4, 80,33,d8,ac,db,7b,c9,95,58 "{CFC73685-5CCC-4183-8183-E0B1FEF6E6B9}"=hex:e7,97,c3,d3,72,08,ad,9b,8e,7c,3a, 7f,bd,a3,1d,62,e2,5f,45,1e "{D2B140F1-5D61-4B10-8497-F0D54BA599E1}"=hex:22,e7,05,ed,e9,bc,ec,2a,ee,13,7a, fe,f0,2a,5d,fa,bc,19,df,09 "{D3030B54-2628-40D4-A317-15B1FB4918FD}"=hex:79,ba,f8,1b,81,af,84,c8,79,6c,ce, e1,30,e1,ae,c2,6e,65,2b,e4 "{D3986B5F-C56F-472C-BD32-008D00AC500D}"=hex:c2,06,fc,fb,6e,44,2d,7f,eb,c9,c4, d1,41,fb,e7,9f,2e,78,eb,77 "{D452B72C-A367-4246-80E3-2F8425D704B4}"=hex:33,1e,8d,1f,99,15,05,0f,cf,7d,7b, 41,86,81,6a,59,18,50,9a,c8 "{D4D7CA3E-9110-48BA-B96D-25D842090FCD}"=hex:74,b9,f5,24,ba,9b,67,fc,b1,16,e3, 34,00,a4,7f,d9,9e,22,b8,a8 "{D5C51132-2461-49FD-8D51-CEF83B35A89F}"=hex:91,6a,ae,00,2c,b6,34,45,e5,d5,f4, a8,a7,6e,da,37,8b,a5,e4,da "{D5DE9A21-BE9F-429B-ABC2-1349BA94028F}"=hex:36,e3,69,75,4c,83,0f,0a,50,71,d8, 10,b7,00,47,58,d7,28,2e,0d "{D5E4EB26-7205-4DCD-B049-BBC1077EB64F}"=hex:52,6f,4d,5c,3b,3b,8f,b6,71,9c,37, cc,80,9c,a2,72,80,04,5e,a2 "{D6DFE142-10EA-4095-AAD7-9BF42D6AE7D1}"=hex:cc,d5,f4,fc,8d,ea,c3,55,4c,c4,ac, 0c,9e,22,21,3b,81,c7,be,9d "{D70B5074-3255-4424-9FCE-DB811F2D066A}"=hex:a3,dc,92,e3,ad,ce,bc,50,23,e8,49, 2a,65,7f,88,d5,87,75,4a,e0 "{D710C5C5-6705-4729-9568-5440A251A2C7}"=hex:46,cd,e5,c7,40,a6,a9,e8,e6,8d,9f, 19,19,24,d7,75,9b,c8,07,7a "{D730F90A-8586-401A-A75D-12ABB3EDFDBF}"=hex:f0,21,67,34,59,b5,7b,80,70,e0,39, 6f,c2,b5,ac,f0,4f,d2,64,c4 "{D82E64E5-0B95-43AB-851F-EDDE0D135C64}"=hex:ef,8f,ac,40,47,1f,95,ec,91,c2,d5, 73,94,0b,cf,95,04,18,40,32 "{D84C2E30-A7A3-4EEC-89C8-F0611DFFC7BC}"=hex:7c,ea,7c,f2,63,25,23,dd,04,c4,40, c6,e3,e1,54,f5,35,78,bd,e1 "{D999EB41-612E-4CEB-B311-92745750C591}"=hex:9d,2b,23,d4,12,7e,84,1d,77,7e,88, 4a,77,85,4e,5f,2a,02,75,1b "{D9B28751-1B0E-4235-BAFE-F6A77D88C26A}"=hex:dd,da,48,38,fe,11,c4,93,87,a7,36, cc,52,2f,79,3d,f2,c7,08,3d "{DC049269-9C02-4A1E-AE79-66C2BFFE31CA}"=hex:1d,bf,e9,b2,3a,15,20,f7,97,19,ee, 7e,9b,ef,a1,6d,92,08,15,91 "{DCAB3E69-A4D5-4A91-9E35-E425E3A38E70}"=hex:dd,0d,2b,dd,68,01,ef,15,58,db,39, 39,e4,87,51,28,e4,4d,7b,ea "{DCB935BC-488E-4420-8936-85B1C720DD02}"=hex:7e,76,e7,b2,4d,7a,40,b6,ae,bf,46, b5,73,46,d2,63,28,d1,8e,bd "{DD30F56F-BAD5-47BC-8641-97225F06BD38}"=hex:f2,82,ab,2e,c1,23,58,81,6c,df,96, 5d,c5,26,ea,32,d6,d7,6a,dd "{DFDBD256-8E09-46DA-B669-564693ED396D}"=hex:e3,97,54,52,d8,38,3a,f0,25,cb,81, c9,3e,e9,c2,dc,b2,c6,53,e6 "{E15C8B96-AF40-4E16-869E-F50F1DB33630}"=hex:16,0f,5a,4d,08,b6,bc,ba,9f,ba,5a, 37,b9,a5,60,96,ac,c2,5f,36 "{E15CD977-E3C4-48DC-B673-803227B19B91}"=hex:44,30,a5,c8,ee,3a,af,28,e0,53,2d, 5d,4d,c3,3b,0d,a6,ea,6b,16 "{E2F2735A-AEDB-4F0A-B831-A8626D208B81}"=hex:bb,41,33,36,bc,ee,80,59,c2,76,93, 43,73,0f,e5,4c,18,0f,ca,3a "{E3BC8B6B-9338-4304-9364-4E0380205FBD}"=hex:ee,b0,9d,aa,99,46,65,d5,bf,7a,ea, 24,bf,14,66,70,0b,7f,54,21 "{E3DB23E9-E74A-478A-B7BA-FC123FC6A5E5}"=hex:29,b4,45,5a,1e,b7,01,24,be,86,bc, f0,9e,b9,2e,57,78,86,5a,69 "{E52C148B-62EB-4223-A8EB-DE7C9A3F4D3A}"=hex:7c,59,57,fa,e5,e3,c2,64,94,3b,16, 60,12,09,58,09,4e,fa,a2,bc "{E5C8BEB8-DB11-472A-9CFA-0447FC3825CC}"=hex:7e,d2,5e,e3,e8,8b,ac,87,d2,53,3b, 9b,98,69,51,43,6c,77,f5,30 "{E747770B-E433-4106-AE5D-1D35FF6D0EBA}"=hex:e5,07,e5,cb,8f,44,20,b1,63,60,05, 82,d2,46,a3,5a,35,4e,6f,a8 "{E819B318-2B41-4F71-9A86-65FF36076315}"=hex:0d,6e,38,eb,ab,33,39,e5,21,23,d4, ab,16,dc,ab,cb,6b,cc,c5,7a "{E84EB40A-F49D-418A-91F8-7410BD6CA13A}"=hex:6f,b6,a1,bf,30,ac,fa,6b,d7,f8,9d, 18,3b,3d,74,9c,f8,82,02,cc "{EC67F8B3-33B5-4A8B-8F2E-B3F78ED77588}"=hex:b6,ff,60,b2,09,91,be,f6,35,17,a4, 2e,cb,b4,7c,4c,3b,92,67,7f "{EEB9DAF7-AD59-4C75-B720-5A687821BD0B}"=hex:fb,2d,03,db,be,f2,c5,88,78,42,13, 63,84,6b,f9,d4,ab,49,3f,50 "{F00DE2F2-0FA8-4CBE-A650-C459BCA04591}"=hex:0f,cc,f1,10,9d,1b,74,56,6f,6c,0d, ef,a3,21,93,1b,81,e8,bd,0d "{F1C354EA-CCCF-4BBA-A636-66D9E4EBF8DE}"=hex:ab,9f,1c,e4,ce,ff,bc,1f,14,9d,cf, 11,59,c5,e5,11,a9,30,27,fb "{F27A64AF-0576-4A31-B4FF-FA9CF6B4065F}"=hex:29,46,b8,06,13,31,6f,12,93,36,68, 06,0f,9a,08,da,b9,68,d7,34 "{F3A21EFE-B4A3-4EBD-8FDC-3F9DF80AA69C}"=hex:2b,5c,e3,bc,55,c2,e4,4c,1d,ca,d7, f3,44,9b,03,3b,6e,70,9c,88 "{F3ADE56E-5328-4C8C-9CC3-57DEC434E49D}"=hex:fb,8f,48,52,21,19,03,fd,eb,83,9d, 55,b9,3b,8f,03,5d,ad,3c,65 "{F411A85F-E865-4146-8484-EA04FE342CCC}"=hex:c5,12,3b,6c,52,a5,f3,7c,e4,db,dd, e6,46,66,c9,c8,70,5e,bc,f1 "{F4C38EDE-6982-4426-80C7-018C6797C354}"=hex:a7,b7,3b,32,f5,1e,60,aa,cb,31,a8, 42,3a,92,d2,b1,39,fc,30,02 "{F50CE5F3-9C50-4E4E-90A7-F9F98358AEE1}"=hex:88,3d,93,38,2d,b7,be,2c,9b,75,8b, 9d,f5,f7,c4,d4,d8,73,e4,b1 "{F6FE5646-BBBF-4E60-8D56-D67BBADB917F}"=hex:08,0f,94,0b,21,59,cf,bd,f6,cc,5e, a8,84,65,0d,69,f7,43,0e,02 "{F7CC98E0-A024-45C4-AADB-7BB206D6D87C}"=hex:be,2b,f5,a8,e3,c4,d4,3f,b8,fb,2f, f1,ea,d3,37,33,8a,ec,56,08 "{F9C499B6-EF69-41A6-A6BF-A3098B847BED}"=hex:35,43,58,30,df,e4,52,2a,f2,87,66, 8f,a6,0e,42,e0,32,5c,38,3a "{FA33EDD9-50B1-4BDF-B39E-14B51E400C35}"=hex:0f,5a,64,c7,e2,85,46,83,c6,1c,3f, 1e,49,3a,4b,80,d1,55,26,06 "{FE69D147-8830-44E9-90B1-1A874E707C7C}"=hex:68,50,a0,09,d2,55,2b,2b,47,97,39, 7b,47,46,5a,c0,87,9f,93,2b "{FEFAC903-1B72-41F8-9419-567C099752C4}"=hex:aa,0c,05,6b,88,fa,33,ea,19,f3,ab, 17,54,a6,e3,d1,f3,66,5a,5b "{FF21F171-B840-4A9F-BD1B-D6C62ABC447E}"=hex:5e,6d,5a,23,10,cd,79,3d,a0,28,52, c7,0c,f8,b4,91,b0,99,75,e4 "{FF647081-027A-4978-94AA-8578520FD29C}"=hex:6e,73,c2,58,81,f9,41,54,b3,a5,16, 27,51,92,35,53,1a,24,bd,d8 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Common Files\Symantec Shared\ccSetMgr.exe c:\program files (x86)\Creative\Shared Files\CTDevSrv.exe c:\program files (x86)\Common Files\Nuance\dgnsvc.exe c:\windows\SysWOW64\F5InstallerService.exe c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Pocket Watch, LLC\ActivePrint System\ActivePrintSystem.exe c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe . ************************************************************************** . Completion time: 2012-07-25 13:20:16 - machine was rebooted ComboFix-quarantined-files.txt 2012-07-25 20:20 . Pre-Run: 54,474,784,768 bytes free Post-Run: 54,447,665,152 bytes free . - - End Of File - - F9EFA26D8BC0E9708D669758401A81A1

I can't get ComboFix to do anything on my machine....

here is the MBAM log But ComboFix won't run on my computer for some reason. It hangs and hangs and then the dialogue box just disappears: Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.25.03 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 8.0.6001.19272 User :: USER-PC [administrator] Protection: Disabled 7/25/2012 9:39:43 AM mbam-log-2012-07-25 (09-47-41).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 249058 Time elapsed: 5 minute(s), 10 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Windows\Installer\{8c48dcd0-0738-fe1a-a270-72328b18f57a}\U\00000008.@ (Trojan.Dropper.BCMiner) -> No action taken. (end)

It looks like I am infected. Can't figure out how to get rid of this thing. I followed the instructions you gave to another person who has this same virus, but when I hit F8 and got to the Advanced Boot Options, there was no option for "Repair Your Computer". I am running Vista 64 bit, by the way. Here are the logs . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.6001.19272 BrowserJavaVersion: 1.6.0_26 Run by User at 8:56:50 on 2012-07-25 SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = hxxp://www.yahoo.com mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html uInternet Settings,ProxyOverride = *.local uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe uRun: [{6CE6B062-EF6C-465c-AF36-96C67DAD3B65}] "C:\Program Files (x86)\Pocket Watch, LLC\ActivePrint System\ActivePrintSystem.exe" uRun: [softAuto.exe] "C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe" uRun: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN1B21R23Y05KF:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1 uRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler uRun: [ALconnect] C:\Users\User\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [YSearchProtection] "C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe" mRun: [KnexStarter] C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\Appinterfaces\HPDeviceService.exe mRun: [RunTasktray] "C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe" --regkeypath=Software\Hewlett-Packard\HP Easy Printer Care\HPPRun --valuename=InstallTTM mRun: [AddressBookReminderApp] C:\Program Files (x86)\Nova Development\Print Artist Platinum\ReminderApp.exe mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [AgentMonitor] "C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [iXL_MiddleWare] C:\Program Files (x86)\Fisher-Price\iXL\iXL.Middleware.exe mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray dRunOnce: [RunNarrator] Narrator.exe StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\system32\RunDll32.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECURI~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.1.119\SSScheduler.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-explorer: <NO NAME> = mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll LSP: mswsock.dll Trusted Zone: intuit.com\ttlc Trusted Zone: rhapsody.com\rhap-app-4-0 Trusted Zone: rhapsody.com\rhapreg Trusted Zone: weightwatchers.com\connections Trusted Zone: weightwatchers.com\portal.field Trusted Zone: hp.com DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java DPF: Yahoo! Pool 2 - hxxp://download2.games.yahoo.com/games/clients/y/poti_x.cab DPF: {00627E89-A19D-4A2B-938B-059CB7B1B493} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5certchk.cab DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} - hxxp://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab DPF: {16F67783-7E72-4C39-99C4-4780A8335484} - hxxp://www.syncmyride.com/Own/Modules/UpdateCenter/applets/sync.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/cachecleaner.cab DPF: {2B497CAF-D938-4059-BA76-0DA5DB77EA0A} - hxxps://mail.shortlawgroup.com/Remote/BuiltIns/FS/Wssg.Web.FileAccess.RichUpload.cab DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxvpn.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} - hxxp://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} - hxxp://zone.msn.com/bingame/rtlw/default/ReflexiveWebGameLoader.cab DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5tunsrv.cab DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/InstallerControl.cab DPF: {49EC7987-E331-44E3-B170-748B58A268B9} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} - hxxp://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5InspectionHost.cab DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {7584c670-2274-4efb-b00b-d6aaba6d3850} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/msrdp.cab DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/vdeskctrl.cab DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://zone.msn.com/bingame/chnz/default/mjolauncher.cab DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} - hxxp://community.weightwatchers.com/Scripts/ImageUploader6.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} - hxxp://zone.msn.com/bingame/zpagames/zpa_txhe.cab55579.cab DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38459.8818865741 DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxshost.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} - hxxp://zone.msn.com/binframework/v10/StProxy.cab55579.cab DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxhost.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} - hxxps://connections.weightwatchers.com/policy/download_binary.php/win32/f5syschk.cab#Version=6031,2010,1005,1351 DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - hxxp://download.abacast.com/download/files/abasetup162.cab DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{18E96790-F4ED-47FA-9D44-304EBA60CD52} : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll Handler: HPDCS - {ba135f49-a12c-4e26-a2c4-6ea945999072} - C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\APP\hpdcsapp.dll Handler: hppfile - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll Handler: hppsam - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll Handler: hppzip - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - C:\WINDOWS\Program Files\SUPERAntiSpyware\SASSEH.DLL BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll BHO-X64: 0x1 - No File BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO-X64: HP Print Enhancer - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO-X64: Ask Toolbar BHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll BHO-X64: HP Smart BHO Class - No File TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [YSearchProtection] "C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe" mRun-x64: [KnexStarter] C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\Appinterfaces\HPDeviceService.exe mRun-x64: [RunTasktray] "C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe" --regkeypath=Software\Hewlett-Packard\HP Easy Printer Care\HPPRun --valuename=InstallTTM mRun-x64: [AddressBookReminderApp] C:\Program Files (x86)\Nova Development\Print Artist Platinum\ReminderApp.exe mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [AgentMonitor] "C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [iXL_MiddleWare] C:\Program Files (x86)\Fisher-Price\iXL\iXL.Middleware.exe mRun-x64: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray IE-X64: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe SSODL-X64: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll SEH-X64: SABShellExecuteHook Class: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\WINDOWS\Program Files\SUPERAntiSpyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e248sa1j.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=en FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\Roblox\Versions\version-59ef45ad660c45f5\NPRobloxProxy.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Program Files\IGN\Download Manager\npfpdlm.dll FF - plugin: C:\Program Files\REAL\RealPlayer\Netscape6\nppl3260.dll FF - plugin: C:\Program Files\REAL\RealPlayer\Netscape6\nprjplug.dll FF - plugin: C:\Program Files\REAL\RealPlayer\Netscape6\nprpjplug.dll FF - plugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e248sa1j.default\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}\plugins\NPuroamHost.dll FF - plugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\NPAbacheck.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false . ============= SERVICES / DRIVERS =============== . . =============== File Associations =============== . JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %* . =============== Created Last 30 ================ . 2012-07-25 15:48:56 -------- d-sh--w- C:\found.001 2012-07-24 05:11:18 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-07-24 05:11:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-07-22 23:35:14 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA% 2012-07-22 05:21:36 -------- d-sh--w- C:\$RECYCLE.BIN 2012-07-21 22:06:31 -------- d-----w- C:\TDSSKiller_Quarantine 2012-07-20 08:40:40 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{82C72DEA-BF80-4495-A16A-BD314554EB4A}\mpengine.dll 2012-07-02 23:00:38 -------- dc-h--w- C:\Users\User\AppData\Local\{E8D024FE-9C03-4ECF-B3CA-FB58783D91C2} 2012-07-02 23:00:37 -------- d-----w- C:\Users\User\AppData\Roaming\DirectLife 2012-07-02 23:00:11 -------- d-----w- C:\Users\User\AppData\Local\PackageAware 2012-07-01 02:12:24 -------- d-----w- C:\Users\User\AppData\Local\Macromedia . ==================== Find3M ==================== . 2012-07-13 06:12:08 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-13 06:12:08 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-31 19:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-05-15 20:15:08 2767360 ----a-w- C:\Windows\System32\win32k.sys 2012-05-15 06:37:49 916992 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-15 06:32:25 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2012-05-15 06:32:00 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-05-15 06:31:44 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2012-05-15 06:31:43 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll 2012-05-15 05:01:56 385024 ----a-w- C:\Windows\SysWow64\html.iec 2012-05-15 03:26:05 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-05-15 03:23:41 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-05-15 02:19:57 1147392 ----a-w- C:\Windows\System32\wininet.dll 2012-05-15 02:15:14 56832 ----a-w- C:\Windows\System32\licmgr10.dll 2012-05-15 02:14:53 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-05-15 02:14:26 77312 ----a-w- C:\Windows\System32\iesetup.dll 2012-05-15 02:14:26 132096 ----a-w- C:\Windows\System32\iesysprep.dll 2012-05-15 01:21:55 479232 ----a-w- C:\Windows\System32\html.iec 2012-05-15 00:40:32 162816 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-05-15 00:39:13 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2012-05-01 14:29:44 209920 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2003-08-27 22:19:18 36963 ----a-r- C:\Program Files (x86)\Common Files\SM1updtr.dll . ============= FINISH: 8:59:14.16 =============== AND THE ATTACH LOG: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . . ==== Disk Partitions ========================= . . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . . 2x1/4x1 USB Peripheral Switch Abacast Client ABBYY FineReader 9.0 Sprint ActiveLink Connect ActivePrint System Adobe Acrobat 5.0 Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.3) Adobe® Photoshop® Album Starter Edition 3.0 Adobe® Photoshop® Album Starter Edition 3.0.1 AIM 7 AiO_Scan AIOMinimal AiOSoftware Alphabet Express AMD USB Filter Driver American Greetings CreataCard AOL Uninstaller (Choose which Products to Remove) Apple Application Support Apple Software Update ArcSoft PhotoImpression 5 ArcSoft Software Suite ArcSoft VideoImpression 2 Ask Toolbar AVS DVDMenu Editor 1.0.0.5 AVS Video Tools 5.5 Bing Bar BizArt Blasterball 2 Blasterball Wild bpd_scan Brother MFL-Pro Suite ByteRun Editor for PHP 1.1 Demo Canon iP5200 Canon MF Toolbox 4.9.1.1.mf01 Canon MF6500 Series Canon Utilities Easy-PhotoPrint Catalyst Control Center InstallProxy CCleaner (remove only) Content Transfer Copy Core Communication Components Creative Centrale Creative Jukebox Driver Creative Removable Disk Manager Creative Software Update Creative System Information Creative Zen Micro Creative ZEN X-Fi User's Guide Creative ZEN X-Fi Video Converter CreativeProjects CreativeProjectsTemplates CueTour D3DX10 Dark Orbit Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Destination Component Destinations Device Data Communication Components DeviceDiscovery Director Disney's Lilo and Stitch Pinball DocMgr DocProc DocumentViewer Download Updater (AOL LLC) Dragon NaturallySpeaking 11 Easy-WebPrint Easy CD & DVD Creator 6 Easy DVD Clone Easy DVD Rip Events Communication Components ExamView Pro F5 Networks VPN Client for Windows Fax Fisher-Price Computer Cool School Fisher-Price iXL Computer Software FTP Commander Google Chrome Google Earth Plug-in Google Update Helper GoToMyPC GPBaseService2 Hewlett-Packard ACLM.NET v1.1.0.0 HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) hp center HP Digital Imaging Album Printing 1.0 HP Easy Printer Care HP FWUpdateEDO2 HP Image Zone 4.2 HP Image Zone Express HP Instant Support hp LaserJet 1000 HP Officejet Pro 8600 Help HP Printer Settings Tools HP Printer Usage Report HP Product Detection HP PSC & OfficeJet 3.0 HP Software Update HP Update hpmdtab HPProductAssistant HPSSupply HPSystemDiagnostics I.R.I.S. OCR IGN Download Manager 2.2.2 Inactive HP Printer Drivers (Remove only) Indeo® Software InstantShare InstantShareAlert Intellisync® for Yahoo! InterVideo WinDVD 4 Java Auto Updater Java 6 Update 26 Junk Mail filter update JustRegistry v3.5 LeapFrog Connect LeapFrog Leapster Explorer Plugin LeapFrog My Pals Plugin Learning Lodge Navigator LightScribe 1.4.62.1 Linksys Wireless-G Print Server Logitech Print Service Logitech QuickCam Logitech VideoCall Logitech® Camera Driver MagicTunePremium Malwarebytes Anti-Malware version 1.62.0.1300 McAfee UnInstaller Memories Disc Creator 2.0 Mesh Runtime Messenger Companion Microsoft .NET Framework (English) Microsoft .NET Framework (English) v1.0.3705 Microsoft .NET Framework 1.0 Hotfix (KB928367) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft FrontPage 2000 Microsoft IntelliPoint 6.3 Microsoft IntelliType Pro 6.3 Microsoft Money 2005 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Business 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint Viewer 2003 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Web Publishing Wizard 1.52 Move Networks Media Player for Internet Explorer Mozilla Firefox 13.0.1 (x86 en-US) Mozilla Maintenance Service Mozilla Thunderbird (2.0.0.12) MPM MSN Toolbar MSVCRT MSVCRT_amd64 MSVCSetup MSXML 4.0 SP2 (KB925672) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6 Service Pack 2 (KB973686) MTI for Windows 7.01 Multiple Image Resizer .NET MyDVD myfantasyleague.com Game Day 2011 Namo WebBoard Namo WebCanvas Namo WebEditor 6 Namo WebUtilities Namu6 Nero Suite NetGear PS121v2 NVIDIA Display Driver NWZ-E350 WALKMAN Guide Octoshape add-in for Adobe Flash Player OmniPage SE 2.0 OpenOffice.org 2.0 Operating System Communication Components Outlook Express Backup Wizard version 1.1 Overland PaperPort PCmover Professional Pencil-Pal Preschool Photo Toolkit 1.7 PhotoGallery PHP 5.2.4 Presto! PageManager 6.03 Print Artist Platinum 23 PrintScreen Prospect Finder 7.0 Prospect Manager 7.0 Prospect Verifier 7.0 Python 2.2 combined Win32 extensions QFolder Quicken 2003 New User Edition QuickProjects QuickTime Readiris Pro 12 Readme RealPlayer Realtek 8136 8168 8169 Ethernet Driver RecordNow RecordNow Update Manager Rhapsody Ricochet Roblox S3Display S3Gamma2 S3Info2 S3Overlay Saint Paint Studio SAMSUNG PC Share Manager Samsung_MonSetup Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition SecurityScan Segoe UI Shockwave SHOUTcast DNAS (remove only) SHOUTcast Source DSP 1.9.0 (remove only) Simple Backup for My Pictures Simple Installer - Multilanguage Version SkinsHP1 SkinsHP2 Skyhook Wireless Wi-Fi Driver SmartFTP Client SmartWebPrinting Snowboard Extreme SolutionCenter Sound Blaster Space Rocks Spybot - Search & Destroy Status SUPERAntiSpyware Free Edition SureThing CD Labeler 4 SE The 80's Game (remove only) TrayApp TurboTax 2010 TurboTax 2010 WinPerFedFormset TurboTax 2010 WinPerReleaseEngine TurboTax 2010 WinPerTaxSupport TurboTax 2010 woriper TurboTax 2010 wrapper TurboTax Deluxe 2005 TurboTax Deluxe Deduction Maximizer 2006 TurboTax ItsDeductible 2004 TurboTax ItsDeductible 2005 TurboTax ItsDeductible 2006 UninstallAbility Unload Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin) Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) VGA USB Camera Virtual Warfare Visual C++ 8.0 Runtime Setup Package (x64) VoiceOver Kit VTech Download Agent Library Web Photo Album 0.9 Beta WebFldrs XP WexTech AnswerWorks Winamp (remove only) Windows Genuine Advantage v1.3.0254.0 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Format 11 runtime Windows Media Player 11 WinPcap 3.0 WinRAR archiver Wonder Words WordPerfect Productivity Pack XviD & MP3 Codec Pack (remove only) XviD MPEG-4 Video Codec Yahoo! Install Manager Yahoo! Internet Mail Yahoo! Search Protection Yahoo! Software Update Yahoo! Toolbar ZENcast Organizer . ==== End Of File =========================== Thanks in advance for your help. R Attach.txt DDS.txt