Jump to content

SickAndTired

Honorary Members
  • Posts

    79
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I just ran into this very problem. I'm running XP SP3. Got a notification that a Java update was needed. I allowed it to update. I UNchecked for the added crap they wanted to install (McAfee) and when it finished the install it said it 'updated successfully'. I clicked OK and got the "GetDefaultBrowserError:2" message. No codes on the error message, not even a title - just a plain white message box with that message. I am running the latest FF version and it is set as my default as well. I have had plenty of run-ins with Java in the past and can say it is my least favorite updates to do. I went to verify if the version was correct and working and it tells me this: Verified Java Version Congratulations!You have the recommended Java installed (Version 7 Update 25). So looks like I am okay, but I will still keep an eye on this post.
  2. Great! Looks like I have nothing to worry about then. Thank you very much for your time, David.
  3. I got all the exact messages as was shown in those screenshots on that thread. S, just to be sure ... you are telling me I do "not" need to install this update and I can hide it once again? I will be happy not to have to fuss with it further. I can't stay in here tonight so will check back in tomorrow.
  4. Hi David. Yes, exactly as far as I can tell. I cannot try those steps right now but will give them a go this evening when I have free time. Thanks, I will get back with you. OH, if I may ask ... is it possible/okay even, to apply an older update with all the newer ones on there now? Thx
  5. Hello. No malware problem but am curious about this issue (if it is one). Thanks. Security Update Net Framework 1.1 SP1 Fails and reprompts constantly even though I have the latest versions installed. I had tried to install this in the past and it failed so I hid it so it would stop prompting me and I just remembered about it. I have many versions installed, up to Net Framework 3.5 SP1 as well as Net Framework 4 Client Profile. All of them include many more updates under each seperate listing. 1.1 SP1 is not in the list. Not sure why it never installed originally. Is it safe to ignore it and keep it hidden in updates?
  6. Done. Rebooted. All is gone and system seems to be running just fine. It has even been starting/rebooting faster since all that restore history is gone. Thank you!
  7. Maybe not running ... I might have looked at a different one on that, sorry.
  8. Well, when I tried to close out the txt file my computer rebooted. It reloaded fine, so far as I can tell. I went to program files - gone. I went into the registry and it is still there and shows it is running! Here are screenshots (edited) of those folders:
  9. Here are the results: ========== OTL ========== Process SASCore.exe killed successfully! Service !SASCORE stopped successfully! Service !SASCORE deleted successfully! C:\Program Files\SUPERAntiSpyware\SASCore.exe moved successfully. Service PCIDump stopped successfully! Service PCIDump deleted successfully! Service SASDIFSV stopped successfully! Service SASDIFSV deleted successfully! C:\Program Files\SUPERAntiSpyware\sasdifsv.sys moved successfully. Service SASKUTIL stopped successfully! Service SASKUTIL deleted successfully! C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS moved successfully. Registry value HKEY_USERS\S-1-5-21-1500982738-3618749481-1802049845-1007\Software\Microsoft\Windows\CurrentVersion\Run\\Power2GoExpress deleted successfully. Registry value HKEY_USERS\S-1-5-21-1500982738-3618749481-1802049845-1007\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware deleted successfully. C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE moved successfully. Registry value HKEY_USERS\S-1-5-21-1500982738-3618749481-1802049845-1011\Software\Microsoft\Windows\CurrentVersion\Run\\Power2GoExpress deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\ deleted successfully. C:\Program Files\SUPERAntiSpyware\SASSEH.DLL moved successfully. C:\Documents and Settings\~Debb~\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS folder moved successfully. C:\Documents and Settings\~Debb~\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine folder moved successfully. C:\Documents and Settings\~Debb~\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Logs folder moved successfully. C:\Documents and Settings\~Debb~\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\AppLogs folder moved successfully. C:\Documents and Settings\~Debb~\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware folder moved successfully. C:\Documents and Settings\~Debb~\Application Data\SUPERAntiSpyware.com folder moved successfully. C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware folder moved successfully. C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS folder moved successfully. C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware folder moved successfully. C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com folder moved successfully. C:\Program Files\SUPERAntiSpyware\Plugins folder moved successfully. C:\Program Files\SUPERAntiSpyware\Language folder moved successfully. C:\Program Files\SUPERAntiSpyware folder moved successfully. C:\Documents and Settings\All Users\Application Data\SUPERSetup folder moved successfully. OTL by OldTimer - Version 3.2.69.0 log created on 12132012_124012
  10. OTL.txt: OTL logfile created on: 12/13/2012 10:46:54 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\~Debb~\Desktop Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.25 Gb Total Physical Memory | 2.29 Gb Available Physical Memory | 70.55% Memory free 5.08 Gb Paging File | 4.33 Gb Available in Paging File | 85.18% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 927.21 Gb Total Space | 894.66 Gb Free Space | 96.49% Space Free | Partition Type: NTFS Drive D: | 4.29 Gb Total Space | 1.74 Gb Free Space | 40.50% Space Free | Partition Type: FAT32 Drive N: | 465.75 Gb Total Space | 259.50 Gb Free Space | 55.72% Space Free | Partition Type: NTFS Computer Name: XXXXX | User Name: ~Debb~ | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/12/13 10:46:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\~Debb~\Desktop\OTL.exe PRC - [2012/11/29 03:27:34 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012/11/01 17:46:40 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2012/09/29 18:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/09/29 18:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/09/29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012/09/23 09:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe PRC - [2012/09/12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe PRC - [2012/06/26 10:17:26 | 000,108,032 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe PRC - [2011/11/12 00:28:01 | 000,186,760 | ---- | M] () -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe PRC - [2010/08/23 16:42:22 | 000,196,608 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS PRC - [2009/07/20 11:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe PRC - [2009/07/20 11:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe PRC - [2009/07/10 11:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe PRC - [2008/06/25 12:02:28 | 000,069,632 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe PRC - [2008/06/21 17:01:32 | 000,090,112 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe PRC - [2008/05/21 16:56:52 | 001,122,304 | ---- | M] () -- C:\Program Files\CalendarPal\CalendarPal.exe PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/10/30 18:52:34 | 000,016,200 | ---- | M] () -- C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe PRC - [2007/06/05 12:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe PRC - [2007/02/09 11:17:30 | 000,694,008 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Software\Floater.exe PRC - [2007/02/09 11:17:26 | 000,694,008 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe PRC - [2006/12/12 09:46:54 | 000,020,480 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\Ctxfihlp.exe PRC - [2006/12/12 09:46:52 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CtHelper.exe PRC - [2006/12/12 09:43:58 | 000,842,240 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTxfispi.exe PRC - [2006/11/29 21:37:20 | 000,561,213 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2006/11/29 21:35:42 | 001,396,820 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe PRC - [2006/11/16 18:04:20 | 000,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2006/11/16 17:58:32 | 000,884,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2005/12/09 20:44:40 | 000,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Digital Media Reader\readericon45G.exe PRC - [2005/10/12 18:16:06 | 000,172,032 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe PRC - [2005/10/05 11:00:44 | 000,053,248 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe PRC - [2005/10/05 11:00:06 | 000,065,536 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\servicestub.exe PRC - [2005/03/09 12:29:58 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2005/03/09 12:29:44 | 000,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2004/03/02 22:24:50 | 005,576,704 | ---- | M] (Chicony) -- C:\WINDOWS\CNYHKey.exe ========== Modules (No Company Name) ========== MOD - [2012/11/29 03:27:37 | 002,397,152 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012/07/17 15:02:20 | 000,970,240 | ---- | M] () -- C:\Documents and Settings\~Debb~\Application Data\Mozilla\Firefox\Profiles\6iegk1ue.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll MOD - [2011/11/12 00:28:01 | 000,186,760 | ---- | M] () -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe MOD - [2011/11/03 10:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll MOD - [2011/10/14 17:38:00 | 000,456,192 | ---- | M] () -- C:\WINDOWS\system32\encdec.dll MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll MOD - [2009/07/20 11:27:14 | 000,017,936 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\khalwrapper.dll MOD - [2008/06/25 12:02:28 | 000,069,632 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe MOD - [2008/05/21 16:56:52 | 001,122,304 | ---- | M] () -- C:\Program Files\CalendarPal\CalendarPal.exe MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2007/10/30 18:52:34 | 000,016,200 | ---- | M] () -- C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe MOD - [2007/06/05 12:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe MOD - [2007/02/09 11:17:30 | 000,694,008 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Software\Floater.exe MOD - [2007/02/09 11:17:26 | 000,694,008 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe MOD - [2007/02/09 11:16:08 | 000,245,760 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Software\Winphook.dll MOD - [2005/10/29 22:31:08 | 000,003,072 | ---- | M] () -- C:\WINDOWS\CTXFIRES.DLL MOD - [2005/10/05 11:00:44 | 000,053,248 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe MOD - [2005/10/05 11:00:06 | 000,094,208 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\libwidcommc-2.dll MOD - [2005/10/05 11:00:06 | 000,069,632 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\shellexecutehook.dll MOD - [2005/10/05 11:00:06 | 000,065,536 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\servicestub.exe MOD - [2005/10/05 11:00:06 | 000,049,152 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\pybluetooth.pyd MOD - [2005/10/05 11:00:06 | 000,045,056 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\libbluetooth.dll MOD - [2005/10/05 11:00:06 | 000,028,672 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\pywidcommc.pyd MOD - [2005/10/05 11:00:06 | 000,015,360 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\libwidcommc.dll MOD - [2005/10/05 11:00:06 | 000,011,776 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\pyvspdxp.pyd MOD - [2005/08/05 23:01:54 | 000,159,744 | ---- | M] () -- C:\WINDOWS\system32\VBICodec.ax MOD - [2005/08/05 22:06:50 | 000,165,376 | ---- | M] () -- C:\WINDOWS\system32\mpg2splt.ax MOD - [2005/02/23 15:27:06 | 000,307,200 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\pythoncom23.dll MOD - [2005/02/23 15:27:06 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\pywintypes23.dll MOD - [2004/04/26 12:21:08 | 000,040,960 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\dde.pyd MOD - [2004/04/26 12:20:58 | 000,659,456 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\win32ui.pyd MOD - [2004/04/26 12:20:34 | 000,094,208 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\shell.pyd MOD - [2004/04/26 12:19:22 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\win32gui.pyd MOD - [2004/04/26 12:19:16 | 000,057,344 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\win32security.pyd MOD - [2004/04/26 12:19:14 | 000,036,864 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\win32process.pyd MOD - [2004/04/26 12:19:12 | 000,028,672 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\win32pdh.pyd MOD - [2004/04/26 12:19:12 | 000,024,576 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\win32pipe.pyd MOD - [2004/04/26 12:19:00 | 000,073,728 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\win32file.pyd MOD - [2004/04/26 12:19:00 | 000,024,576 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\win32event.pyd MOD - [2004/04/26 12:18:58 | 000,069,632 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\win32api.pyd MOD - [2003/12/18 20:30:20 | 000,061,503 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\zlib.pyd MOD - [2003/12/18 20:29:36 | 000,036,864 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\_winreg.pyd MOD - [2003/12/18 20:28:10 | 000,135,234 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\pyexpat.pyd MOD - [2003/12/18 20:26:04 | 000,495,616 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\_ssl.pyd MOD - [2003/12/18 20:25:42 | 000,057,407 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\_sre.pyd MOD - [2003/12/18 20:25:18 | 000,049,218 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\_socket.pyd MOD - [2003/12/08 05:36:28 | 000,049,152 | ---- | M] () -- C:\WINDOWS\CNYUSB.dll MOD - [2003/10/01 12:41:58 | 000,196,608 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\htmlc.pyd MOD - [2003/10/01 12:41:56 | 002,240,512 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\wxc.pyd MOD - [2003/10/01 10:48:44 | 003,416,064 | ---- | M] () -- C:\Program Files\Logitech\Easy Synchronization\wxmsw24uh.dll MOD - [2002/09/26 05:07:02 | 000,005,120 | ---- | M] () -- C:\WINDOWS\HKCYDLL.dll ========== Services (SafeList) ========== SRV - [2012/12/11 17:04:15 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/11/01 17:46:40 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012/09/29 18:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/09/29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012/09/23 09:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012/09/12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE) SRV - [2011/11/12 00:28:01 | 000,186,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe -- (ScsiAccess) SRV - [2010/08/23 16:42:22 | 000,196,608 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL) SRV - [2009/07/20 11:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2008/06/25 12:02:28 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC) SRV - [2008/06/21 17:01:32 | 000,090,112 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService) SRV - [2008/01/29 15:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist) SRV - [2007/06/05 12:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing) SRV - [2005/12/12 18:32:32 | 000,053,248 | ---- | M] (SigmaTel, Inc.) [Auto | Stopped] -- C:\Program Files\SigmaTel\C-Major Audio\wdm\stacsv.exe -- (STacSV) SRV - [2005/10/12 18:16:06 | 000,172,032 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe -- (ELService) SRV - [2005/10/05 11:00:06 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Logitech\Easy Synchronization\servicestub.exe -- (Logitech Easy Synchronization) SRV - [2005/03/09 12:29:44 | 000,086,140 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - [2012/09/29 18:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012/07/03 10:25:19 | 000,124,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2010/04/27 15:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2010/04/27 15:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2010/04/27 15:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2010/04/27 13:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) DRV - [2009/12/18 09:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv) DRV - [2009/06/17 11:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009/06/17 11:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2008/06/21 17:01:44 | 000,017,064 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PdiPorts.sys -- (PdiPorts) DRV - [2008/04/13 13:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2008/04/10 19:10:10 | 001,271,032 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2007/06/18 02:01:28 | 000,514,560 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) DRV - [2007/04/24 09:49:34 | 000,011,776 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pdiddcci.sys -- (pdiddcci) DRV - [2007/02/09 11:17:18 | 000,017,465 | ---- | M] (Portrait Displays, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pivot.sys -- (Pivot) DRV - [2007/02/09 11:17:16 | 000,011,323 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pivotmou.sys -- (pivotmou) DRV - [2007/01/23 14:44:00 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2006/12/19 07:36:54 | 001,160,504 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k) DRV - [2006/12/19 07:36:46 | 000,090,936 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia) DRV - [2006/12/19 07:36:42 | 000,156,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2006/12/19 07:36:36 | 000,014,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k) DRV - [2006/12/19 07:36:32 | 000,128,312 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2006/12/19 07:35:40 | 000,511,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k) DRV - [2006/12/04 16:33:36 | 000,067,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB) DRV - [2006/12/04 16:33:34 | 000,863,402 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL) DRV - [2006/12/04 16:33:34 | 000,047,907 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid) DRV - [2006/12/04 16:33:34 | 000,030,459 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver) DRV - [2006/12/04 16:33:32 | 000,329,901 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio) DRV - [2005/12/02 19:38:04 | 000,041,728 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32) DRV - [2005/10/12 18:15:50 | 000,007,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ELacpi.sys -- (ELacpi) DRV - [2005/10/12 18:15:48 | 000,007,040 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELmon.sys -- (ELmon) DRV - [2005/10/12 18:15:24 | 000,006,912 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELkbd.sys -- (ELkbd) DRV - [2005/10/12 18:15:22 | 000,006,400 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELmou.sys -- (ELmou) DRV - [2005/10/12 18:15:20 | 000,006,400 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELhid.sys -- (ELhid) DRV - [2005/10/05 11:00:06 | 000,047,104 | ---- | M] (ELTIMA Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vserial.sys -- (vserial) DRV - [2005/10/05 11:00:06 | 000,018,167 | ---- | M] (ELTIMA Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vsb.sys -- (vsbus) DRV - [2005/09/16 00:24:38 | 000,206,080 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinavrr.sys -- (ATIAVPCI) DRV - [2005/08/31 14:31:44 | 000,020,480 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL) DRV - [2005/07/13 20:18:48 | 000,340,704 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.com/g/startpage.html?Ch=Consumer&Br=GTW&Loc=ENG_US&Sys=DTP&M=FX510S IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.com/g/startpage.html?Ch=Consumer&Br=GTW&Loc=ENG_US&Sys=DTP&M=FX510S IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007\..\SearchScopes,DefaultScope = {70020C68-0823-4804-90A8-5A708D694CA9} IE - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007\..\SearchScopes\{70020C68-0823-4804-90A8-5A708D694CA9}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-1500982738-3618749481-1802049845-1011\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.gateway.com/g/sidepanel.html?Ch=Consumer&Br=GTW&Loc=ENG_US&Sys=DTP&M=FX510S IE - HKU\S-1-5-21-1500982738-3618749481-1802049845-1011\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Consumer&Br=GTW&Loc=ENG_US&Sys=DTP&M=FX510S IE - HKU\S-1-5-21-1500982738-3618749481-1802049845-1011\..\SearchScopes,DefaultScope = ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/11 13:32:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/11 13:32:46 | 000,000,000 | ---D | M] [2012/12/10 12:33:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\~Debb~\Application Data\Mozilla\Extensions [2012/12/10 12:59:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\~Debb~\Application Data\Mozilla\Firefox\Profiles\6iegk1ue.default\extensions [2012/12/10 12:43:11 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\~Debb~\Application Data\Mozilla\Firefox\Profiles\6iegk1ue.default\extensions\support@lastpass.com [2012/12/10 12:59:26 | 000,804,627 | ---- | M] () (No name found) -- C:\Documents and Settings\~Debb~\Application Data\Mozilla\Firefox\Profiles\6iegk1ue.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012/12/10 12:32:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/11/29 03:27:51 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/10/19 18:18:49 | 000,248,192 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll [2012/10/19 18:18:57 | 000,248,192 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll [2012/11/29 03:27:12 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/11/29 03:27:12 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2012/11/12 22:22:55 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Reg Error: Value error.) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPToolbar.dll () O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPToolbar.dll () O3 - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\mHotkey.exe () O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe () O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd) O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd) O4 - HKLM..\Run: [DT GWY] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe () O4 - HKLM..\Run: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe () O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [intelAudioStudio] C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe (Intel Corporation) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [KodakShareButtonApp] C:\Program Files\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company) O4 - HKLM..\Run: [ledpointer] C:\WINDOWS\CNYHKey.exe (Chicony) O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4 - HKLM..\Run: [PivotSoftware] C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe () O4 - HKLM..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe (Alcor Micro, Corp.) O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe () O4 - HKLM..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007..\Run: [CalendarPal] C:\Program Files\CalendarPal\CalendarPal.exe () O4 - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007..\Run: [KGShareApp] C:\Program Files\Kodak\KODAK Share Button App\KGShare_App.exe (Eastman Kodak Company) O4 - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007..\Run: [Power2GoExpress] NA File not found O4 - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4 - HKU\S-1-5-21-1500982738-3618749481-1802049845-1011..\Run: [Power2GoExpress] NA File not found O4 - HKLM..\RunOnce: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe () O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe (LastPass) O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe (LastPass) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1500982738-3618749481-1802049845-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1500982738-3618749481-1802049845-1011\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1500982738-3618749481-1802049845-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\Bin\resources\WebMenuImg.htm () O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8 - Extra context menu item: LastPass - file://C:\Documents and Settings\~Debb~\Local Settings\Application Data\LastPass\context.html?cmd=lastpass File not found O8 - Extra context menu item: LastPass Fill Forms - file://C:\Documents and Settings\~Debb~\Local Settings\Application Data\LastPass\context.html?cmd=fillforms File not found O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPToolbar.dll () O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPToolbar.dll () O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1282605770000 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1344552290562 (MUWebControl Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://d1ylr6sba64qi3.cloudfront.net/global/bin/srldetect_intel_4.1.66.0.cab (SysInfo Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} http://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab (CTAdjust Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.209.36 97.64.168.13 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{288821FE-6D52-4199-93B1-3025EE1D3178}: DhcpNameServer = 97.64.209.36 97.64.168.13 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logitech\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\~Debb~\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\~Debb~\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O28 - HKLM ShellExecuteHooks: {FE24CD78-7C63-465D-8787-4EDF7FC79895} - C:\Program Files\Logitech\Easy Synchronization\shellexecutehook.dll () O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/06/17 04:41:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/12/13 10:46:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\~Debb~\Desktop\OTL.exe [2012/12/12 17:20:48 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012/12/12 16:20:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\~Debb~\My Documents\Smokey [2012/12/11 20:42:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\~Debb~\Desktop\Music Midis [2012/12/11 20:38:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\~Debb~\Desktop\SD_OurHouse1 [2012/12/11 18:40:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\~Debb~\Desktop\SD_OurHouse2 [2012/12/11 15:55:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\~Debb~\Desktop\SD_OurHouse [2012/12/11 13:32:50 | 000,464,024 | R--- | C] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2win32.cid [2012/12/11 13:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons [2012/12/10 23:08:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\~Debb~\Desktop\Christmas actions [2012/12/10 18:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\~Debb~\Application Data\SUPERAntiSpyware.com [2012/12/10 17:56:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware [2012/12/10 17:56:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com [2012/12/10 17:56:16 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2012/12/10 17:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERSetup [2012/12/10 15:19:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\~Debb~\Desktop\4 IM Stats [2012/12/10 12:32:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012/12/08 20:30:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\~Debb~\Desktop\4 Em 3 [2012/12/04 14:43:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\~Debb~\My Documents\DFFL [2012/12/04 14:05:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation [2012/12/04 14:05:27 | 000,065,536 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll [2012/12/04 13:56:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\~Debb~\Desktop\Graphics Card DRIVER Updates [2012/12/04 13:44:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA [2012/11/24 22:06:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\~Debb~\Desktop\GTA Maps [2012/11/18 18:13:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\~Debb~\Desktop\RESEARCH ME [2012/11/18 16:24:37 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012/11/17 11:51:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\~Debb~\Desktop\Photo Paper & Sticker Paper Sites [2012/11/16 22:49:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2012/11/14 11:59:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\~Debb~\Desktop\4Debbs2Save [2012/07/02 13:43:06 | 010,974,280 | ---- | C] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/12/13 10:46:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\~Debb~\Desktop\OTL.exe [2012/12/13 10:16:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/12/13 10:14:54 | 000,064,756 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000000-00001102-00000005-00211102}.rfx [2012/12/13 10:14:54 | 000,054,328 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000000-00001102-00000005-00211102}.rfx [2012/12/13 10:14:54 | 000,054,328 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000000-00001102-00000005-00211102}.rfx [2012/12/13 10:14:54 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm [2012/12/13 10:14:54 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm [2012/12/13 10:03:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/12/12 17:17:36 | 001,720,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012/12/12 16:48:26 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012/12/12 13:00:43 | 000,004,128 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2012/12/11 23:29:37 | 000,007,128 | ---- | M] () -- C:\Documents and Settings\~Debb~\Application Data\wklnhst.dat [2012/12/11 20:44:02 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012/12/11 20:43:19 | 000,084,992 | ---- | M] () -- C:\Documents and Settings\~Debb~\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/12/11 13:32:50 | 000,464,024 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2win32.cid [2012/12/11 12:03:53 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\~Debb~\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2012/12/10 15:13:44 | 000,299,013 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\Make into a stat.png [2012/12/09 17:33:06 | 000,000,098 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\Uninstall Firefox from your computer Firefox Help.URL [2012/12/08 11:03:54 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/12/05 22:17:41 | 000,001,302 | ---- | M] () -- C:\WINDOWS\nvrbm.ini [2012/12/05 20:48:12 | 000,000,445 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\christmas - Google Search.URL [2012/12/04 14:05:27 | 001,101,436 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2012/12/04 14:05:27 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2012/12/04 14:05:23 | 001,101,436 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2012/12/04 14:05:23 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk [2012/11/24 23:09:29 | 000,025,349 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\FIND your mouse.png [2012/11/20 10:13:13 | 000,000,060 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\The Graphics Fairy LLC.URL [2012/11/20 10:11:30 | 000,306,744 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\acorn oak vintage image graphicsfairy002b.jpg [2012/11/20 10:11:12 | 000,931,681 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\turkey vintage image graphicsfairy4.jpg [2012/11/18 23:08:20 | 000,000,068 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\Freebies.URL [2012/11/18 16:08:21 | 000,000,126 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\Crockpot Breakfast Recipe Just A Pinch Recipes.URL [2012/11/17 21:36:47 | 000,077,807 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\SD_DFFL.jpg [2012/11/17 16:58:53 | 000,853,355 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\JACK.pspimage [2012/11/17 16:06:58 | 000,000,091 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\Shopping Cart.URL [2012/11/16 22:29:42 | 000,000,089 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\Mr.C Want to see if I have an infection on Desktop now. - Malwarebytes Forum - Page 2.URL [2012/11/16 22:18:02 | 000,000,068 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\Premium Hosting.URL [2012/11/16 21:42:01 | 000,000,047 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\1&1 Internet - Home.URL [2012/11/16 10:04:17 | 000,481,716 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012/11/16 10:04:17 | 000,079,790 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012/11/13 17:43:40 | 029,949,923 | ---- | M] () -- C:\Documents and Settings\~Debb~\Desktop\mask.pspimage [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/12/11 12:03:53 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\~Debb~\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2012/12/10 15:13:43 | 000,299,013 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\Make into a stat.png [2012/12/09 17:33:06 | 000,000,098 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\Uninstall Firefox from your computer Firefox Help.URL [2012/12/05 20:48:12 | 000,000,445 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\christmas - Google Search.URL [2012/12/04 14:05:23 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2012/12/04 14:05:23 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2012/12/04 14:05:23 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2012/12/04 14:05:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk [2012/12/04 13:42:34 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2012/12/04 13:42:34 | 000,012,210 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb [2012/11/24 23:09:28 | 000,025,349 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\FIND your mouse.png [2012/11/24 22:52:07 | 000,246,104 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\SD_MeshBowSupplies.zip [2012/11/20 10:13:13 | 000,000,060 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\The Graphics Fairy LLC.URL [2012/11/20 10:11:30 | 000,306,744 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\acorn oak vintage image graphicsfairy002b.jpg [2012/11/20 10:11:11 | 000,931,681 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\turkey vintage image graphicsfairy4.jpg [2012/11/18 23:08:20 | 000,000,068 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\Freebies.URL [2012/11/18 16:08:21 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\Crockpot Breakfast Recipe Just A Pinch Recipes.URL [2012/11/17 21:36:47 | 000,077,807 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\SD_DFFL.jpg [2012/11/17 16:29:54 | 000,000,118 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\Cricut® Pink Tool Kit - Cricut Shop.URL [2012/11/17 16:29:54 | 000,000,046 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\Free HTML, CSS and Paint Shop Pro Classes - WebTech University.URL [2012/11/17 16:06:58 | 000,000,091 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\Shopping Cart.URL [2012/11/16 22:29:42 | 000,000,089 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\Mr.C Want to see if I have an infection on Desktop now. - Malwarebytes Forum - Page 2.URL [2012/11/16 22:18:02 | 000,000,068 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\Premium Hosting.URL [2012/11/16 21:42:01 | 000,000,047 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\1&1 Internet - Home.URL [2012/11/13 17:43:29 | 029,949,923 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\mask.pspimage [2012/11/13 11:51:54 | 000,853,355 | ---- | C] () -- C:\Documents and Settings\~Debb~\Desktop\JACK.pspimage [2012/11/12 17:59:10 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/05/15 17:28:15 | 000,035,979 | ---- | C] () -- C:\Program Files\Photoshop CS3 Read Me.html [2012/03/26 17:45:23 | 000,483,328 | ---- | C] () -- C:\WINDOWS\System32\avformat.dll [2012/03/26 17:45:23 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\SkinPlusPlusDLL.dll [2012/03/26 17:45:23 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\avutil.dll [2012/03/26 17:45:22 | 007,177,728 | ---- | C] () -- C:\WINDOWS\System32\avcodec.dll [2012/03/26 17:45:18 | 004,819,968 | ---- | C] () -- C:\WINDOWS\System32\rtpdiamond.exe [2012/03/26 17:45:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\System32\rtfpulse.exe [2012/02/17 14:34:08 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011/11/04 12:27:42 | 000,007,128 | ---- | C] () -- C:\Documents and Settings\~Debb~\Application Data\wklnhst.dat [2011/11/04 12:14:54 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2011/07/18 15:43:26 | 000,000,023 | ---- | C] () -- C:\WINDOWS\kodakpcd.~Debb~.ini [2011/05/18 16:58:45 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\~Debb~\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2011/05/18 16:53:42 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2011/01/23 15:42:27 | 000,164,746 | ---- | C] () -- C:\WINDOWS\hpoins21.dat [2011/01/23 15:42:27 | 000,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat [2011/01/22 16:44:28 | 000,164,652 | ---- | C] () -- C:\WINDOWS\hpoins21.dat.temp [2011/01/22 16:44:28 | 000,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat.temp [2011/01/22 15:56:41 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2010/11/23 23:35:17 | 000,000,114 | ---- | C] () -- C:\Documents and Settings\~Debb~\default.pls [2010/09/18 17:27:27 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\~Debb~\.recently-used.xbel [2010/08/27 20:23:55 | 000,000,073 | ---- | C] () -- C:\Documents and Settings\~Debb~\Local Settings\Application Data\Images.fl [2010/08/25 12:53:57 | 000,084,992 | ---- | C] () -- C:\Documents and Settings\~Debb~\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/08/24 19:47:46 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\~Debb~\Ÿ9Ÿ9 ========== ZeroAccess Check ========== [2006/06/17 04:37:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2010/08/23 16:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech [2010/08/23 16:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView [2011/08/31 10:16:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Caphyon [2011/08/31 10:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ConeXware [2010/08/25 10:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM [2010/08/25 10:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail [2012/01/30 14:03:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX [2010/09/18 15:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\namesuppressed [2010/08/23 23:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Netscape Internet Service [2010/11/01 16:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PearlMountainSoft [2010/12/28 18:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator [2011/11/12 00:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photodex [2010/08/25 11:14:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PhotoMail [2010/08/24 21:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm [2012/12/10 17:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERSetup [2012/11/01 17:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent [2012/01/30 13:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Xara [2012/07/13 15:23:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{529BBEB3-0369-420C-BD9C-37553D289203} [2012/07/13 15:23:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{682FE305-7958-4875-9B95-34673E7151AD} [2012/07/13 15:24:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{738BC746-5FBD-4969-B3F1-6A065E31C7BE} [2012/07/13 16:34:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7D1F40B1-FDA9-48B3-9A00-C43B98B6061B} [2012/07/13 15:22:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8265C354-3D13-4FE5-95C7-65F277FF3041} [2012/07/13 15:23:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83F263BF-0076-4C4C-93DC-A3EA0CEB7184} [2012/07/13 15:22:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{AB404F93-CDCE-40D9-8D4E-8606C84D368C} [2012/07/01 19:48:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{C3B35EBF-B1F6-4DE1-9682-ED71913E187B} [2012/07/13 15:23:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{DD44E1C4-AD22-4508-8355-744AA998F06D} [2012/07/13 15:22:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{E6AF2639-F710-4F5B-8830-95A396FB523F} [2012/07/13 15:24:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{EC2F7042-ADE8-4F04-9A7E-2316AD6311E2} [2012/02/19 12:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{FD7CAB3E-E895-4E98-9D68-A307CC601204} [2010/08/23 16:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Leadertech [2010/08/23 16:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView [2010/08/23 16:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UpdatusUser\Application Data\Leadertech [2010/08/23 16:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UpdatusUser\Application Data\SampleView [2012/08/24 12:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\AlawarEntertainment [2012/09/14 16:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\Alien Skin [2011/08/27 16:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\ARulerForWindows [2010/11/01 13:39:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\Avery [2011/08/26 15:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\ColorCop [2010/12/14 21:26:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\CoreFTP [2010/08/23 21:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\DisplayTune [2011/10/29 17:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\doctor [2011/10/11 15:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\ElevatedDiagnostics [2010/10/23 17:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\Hi [2010/09/18 17:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\inkscape [2010/12/19 13:57:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\Jasc [2010/08/23 16:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\Leadertech [2011/04/02 19:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\LG Electronics [2012/01/30 14:03:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\MAGIX [2011/11/02 17:20:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\Netscape [2010/09/23 17:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\Opera [2010/11/01 16:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\PearlMountainSoft [2011/11/02 17:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\Photodex [2010/08/23 16:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\SampleView [2011/11/03 13:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\Thinstall [2010/11/29 20:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\Tific [2012/08/16 17:07:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\VSO [2011/07/18 16:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\Walgreens [2012/11/01 17:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\~Debb~\Application Data\WildTangent ========== Purity Check ========== < End of report > ################################################### Extras.txt: OTL Extras logfile created on: 12/13/2012 10:46:54 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\~Debb~\Desktop Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.25 Gb Total Physical Memory | 2.29 Gb Available Physical Memory | 70.55% Memory free 5.08 Gb Paging File | 4.33 Gb Available in Paging File | 85.18% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 927.21 Gb Total Space | 894.66 Gb Free Space | 96.49% Space Free | Partition Type: NTFS Drive D: | 4.29 Gb Total Space | 1.74 Gb Free Space | 40.50% Space Free | Partition Type: FAT32 Drive N: | 465.75 Gb Total Space | 259.50 Gb Free Space | 55.72% Space Free | Partition Type: NTFS Computer Name: XXXXX | User Name: ~Debb~ | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-1500982738-3618749481-1802049845-1007\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "5353:UDP" = 5353:UDP:*:Enabled:Bonjour Port 5353 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL "C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\IncrediMail\Bin\IncMail.exe" = C:\Program Files\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.) "C:\Program Files\IncrediMail\Bin\ImApp.exe" = C:\Program Files\IncrediMail\Bin\ImApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.) "C:\Program Files\IncrediMail\Bin\ImpCnt.exe" = C:\Program Files\IncrediMail\Bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.) "C:\Program Files\IncrediMail\Bin\ImLc.exe" = C:\Program Files\IncrediMail\Bin\ImLc.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.) "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard) "C:\Program Files\IncrediMail\Bin\ImPackr.exe" = C:\Program Files\IncrediMail\Bin\ImPackr.exe:*:Enabled:IncrediMail -- () "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software "{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer "{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox "{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1 "{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway "{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService "{18DB3375-0649-4EA3-959A-44F1ACD278BA}" = IncrediMail "{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}" = Xara 3D Maker 7 "{1C52C859-8E8E-4E69-9608-C923644AC1E0}" = LG PC Suite III "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Solution "{2086A549-ED96-4dc9-BBE3-0538AB29ABEC}" = PSP Thumbnail Handler "{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2 "{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls "{235BBFC6-D863-4066-A01A-3BD504C31033}" = Nero 7 Ultra Edition "{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9 "{27ECB379-B140-43C3-BAD5-36C034B5A996}" = Intel® Quick Resume Technology Drivers "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX "{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant "{3a6f8a27-fa78-48a4-bbd1-399b000bcc9a}" = C8100_Help "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D1B20A6-E31D-4BB5-BC5C-DDD3B0D91728}" = Intel Audio Studio 2.0 "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0 "{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AC55A61-BA20-4DF5-ABFF-8F4819E0C875}" = Digital Media Reader "{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout "{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery "{549B6B58-0881-4D0F-BFF1-5A345944BF76}" = PowerArchiver 2012 "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{59996900-0E6C-45B7-8C39-C64CB98462E4}" = Microsoft Web Platform Installer 2.0 "{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp "{5BDEA9E0-E55B-45A7-93F7-6B8F68F851E5}" = Topaz InFocus "{6054F774-FEF0-46C6-9311-EC97FC576FC5}" = USB Wireless Keyboard Driver "{60D32CDC-E3BE-4578-BA10-29322307CDDC}" = Logitech Gaming Software 5.10 "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2 "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker "{770D3BDC-19D7-49D0-B60B-C5BB77553FBB}" = Topaz Fusion Express 2 "{788A0222-5690-4212-AA9C-C48FD0E1C9AE}" = Photo Notifier and Animation Creator "{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3 "{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan "{8117EA22-035F-4880-86AE-AC7C4F1FA3E2}" = Topaz ReMask 3 "{83483790-4C9A-4ea0-9076-EFB0FB58674B}" = 3D Starry Night Lake Scene "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software "{85E00941-FDFF-4796-A3B8-3ACC766FFCA5}" = Topaz Clean 3 "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1" = VSO Image Resizer 4.0.0.54 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A1EBF29-7CF8-471E-B90B-95FF36AC8248}" = Topaz Simplify 3 "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager "{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client "{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9E146BA1-26DD-4C3B-9F0F-90F2E3CEC9D2}" = Topaz DeJpeg 4 "{9E82D1DB-3AFB-4D18-A221-081F1B4B4789}" = Topaz DeNoise 5 "{9FDC7042-CB9F-4336-A14C-DF10F53762E2}" = Topaz Adjust 4 "{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel "{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT "{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter "{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC134D03-97F1-45B9-B32A-52E885AFA895}" = Mobile Phone Suite Easy Synchronization "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4) "{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.81 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.81 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.28 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0604 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.18.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply "{b9be267c-e096-4cce-a4fd-f24eec004938}" = PS_AIO_02_ProductContext "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III "{C3F0CF4C-0A8C-42F1-A585-2EF7886D6039}" = KODAK Share Button App "{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min "{C921D7C4-24D7-4210-AEE9-DFC5DDC78428}" = Topaz Detail 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CB54ABA8-D67F-47AD-A76C-2631BADA9FE5}" = Microsoft Works Suite Add-in for Microsoft Word "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg "{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch "{D85AB83D-CD2D-44D0-9DA3-E16294DE81D2}" = Intel Audio Studio 2.0 "{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component "{DCF4C336-18DB-449B-9238-821B7F28B614}_is1" = Uninstall A Ruler for Windows "{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1 "{DDAC27F9-8293-465f-A4B0-011F1D38BBA1}" = RoxioShim "{DE1AF137-C455-494A-A817-EFE44BCCFDEE}" = Works Upgrade "{E0303B6A-C675-4102-95DA-C013625BFA99}" = GTA San Andreas "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01 "{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 "{E6C48B74-26ED-4EF8-A04C-42AFDE5E1CA3}" = Intel® PRO Network Connections "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{EF3F9770-CA7B-4c5d-8A98-49AB97216546}" = C8100 "{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint "{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy "{F4955758-B754-471D-9091-7CE2C3D9E9AA}" = EzTune "{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel "{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers "{FCFEC0B9-6999-4BD2-85D1-4ED21070704E}" = Intel® Viiv™ "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "AI RoboForm" = AI RoboForm (All Users) "All ATI Software" = ATI - Software Uninstall Utility "AudioLabel" = AudioLabel "AV Bros. Page Curl Pro 2.2" = AV Bros. Page Curl Pro 2.2 (Remove Only) "AVBrosPageCurl" = AV Bros. Page Curl 1.2 (Remove Only) "AVBrosPuzzlePro12" = AV Bros. Puzzle Pro 1.2 (Remove Only) "CalendarPal" = CalendarPal "Canon MOV Encoder" = Canon MOV Encoder "Core FTP LE 2.1" = Core FTP LE 2.1 "Coupon Printer for Windows5.0.0.2" = Coupon Printer for Windows "ESET Online Scanner" = ESET Online Scanner v3 "Eye Candy 3" = Eye Candy 3 "Eye Candy 4000" = Eye Candy 4000 Demo "EyeCandy5Impact" = Alien Skin Eye Candy 5 Impact "EyeCandy5Nature" = Alien Skin Eye Candy 5 Nature "EyeCandy5Textures" = Alien Skin Eye Candy 5 Textures "Filters Unlimited_is1" = Filters Unlimited 2.0.3 "gtw_logo" = gtw_logo "Harry's Filters" = Harry's Filters "Harry's Filters_is1" = Harry's Filters 3.01 "HP Imaging Device Functions" = HP Imaging Device Functions 10.0 "HP Photosmart Essential" = HP Photosmart Essential 2.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0 "HPExtendedCapabilities" = HP Customer Participation Program 10.0 "HPOCR" = OCR Software by I.R.I.S. 10.0 "HTMLKit_is1" = HTML-Kit "ie8" = Windows Internet Explorer 8 "IncrediMail" = IncrediMail 2.0 "Inkscape" = Inkscape 0.47 "InstallShield_{4AC55A61-BA20-4DF5-ABFF-8F4819E0C875}" = Digital Media Reader "Intel® Quick Resume Technology" = Intel® Quick Resume Technology Drivers "Kylix Ringtone Maker 3.0_is1" = Kylix Ringtone Maker 3.0 "LastPass" = LastPass (uninstall only) "MAGIX_MSI_Xara3D7" = Xara 3D Maker 7 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft Security Client" = Microsoft Security Essentials "Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MVApplication1" = Memorex exPressit Label Design Studio "PatchBeam" = PatchBeam "Permanent Press plug-in for Adobe Photoshop and ~4DEC09C6_is1" = Permanent Press 1.02. "Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator "Photodex Presenter" = Photodex Presenter "PhotoMail" = PhotoMail Maker "PlaidLite_5QM" = namesuppressed Plaid Lite "PowerArchiver 2012 13.00.26" = PowerArchiver 2012 "ProShow Gold" = ProShow Gold "RealPlayer 6.0" = RealPlayer Basic "Shop for HP Supplies" = Shop for HP Supplies "Smileycons_is1" = Smileycons 6.0.1 "StreetPlugin" = Learn2 Player (Uninstall Only) "SystemRequirementsLab" = System Requirements Lab "Topaz Adjust 4" = Topaz Adjust 4 "Topaz Adjust 5" = Topaz Adjust 5 "Topaz Clean 3" = Topaz Clean 3 "Topaz DeJpeg 4" = Topaz DeJpeg 4 "Topaz DeNoise 5" = Topaz DeNoise 5 "Topaz Detail 2" = Topaz Detail 2 "Topaz Fusion Express 2" = Topaz Fusion Express 2 "Topaz InFocus" = Topaz InFocus "Topaz ReMask 3" = Topaz ReMask 3 "Topaz Simplify 3" = Topaz Simplify 3 "Vizros Plug-ins 4.1" = Vizros Plug-ins 4.1 "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Works2005Setup" = Microsoft Works 2005 Setup Launcher "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 12/12/2012 5:40:54 PM | Computer Name = XXXXX | Source = Application Error | ID = 1000 Description = Faulting application mhotkey.exe, version 3.0.0.9, faulting module mhotkey.exe, version 3.0.0.9, fault address 0x000099a1. Error - 12/12/2012 5:41:43 PM | Computer Name = XXXXX | Source = STacSV | ID = 268435455 Description = Error - 12/12/2012 5:51:15 PM | Computer Name = XXXXX | Source = Application Error | ID = 1000 Description = Faulting application mhotkey.exe, version 3.0.0.9, faulting module mhotkey.exe, version 3.0.0.9, fault address 0x000099a1. Error - 12/12/2012 5:52:02 PM | Computer Name = XXXXX | Source = STacSV | ID = 268435455 Description = Error - 12/12/2012 6:18:57 PM | Computer Name = XXXXX | Source = Application Error | ID = 1000 Description = Faulting application mhotkey.exe, version 3.0.0.9, faulting module mhotkey.exe, version 3.0.0.9, fault address 0x000099a1. Error - 12/12/2012 6:19:18 PM | Computer Name = XXXXX | Source = STacSV | ID = 268435455 Description = Error - 12/13/2012 10:29:17 AM | Computer Name = XXXXX | Source = STacSV | ID = 268435455 Description = Error - 12/13/2012 10:29:28 AM | Computer Name = XXXXX | Source = Application Error | ID = 1000 Description = Faulting application mhotkey.exe, version 3.0.0.9, faulting module mhotkey.exe, version 3.0.0.9, fault address 0x000099a1. Error - 12/13/2012 11:17:35 AM | Computer Name = XXXXX | Source = Application Error | ID = 1000 Description = Faulting application mhotkey.exe, version 3.0.0.9, faulting module mhotkey.exe, version 3.0.0.9, fault address 0x000099a1. Error - 12/13/2012 11:18:20 AM | Computer Name = XXXXX | Source = STacSV | ID = 268435455 Description = [ System Events ] Error - 12/12/2012 5:43:05 PM | Computer Name = XXXXX | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 12/12/2012 5:43:05 PM | Computer Name = XXXXX | Source = Service Control Manager | ID = 7034 Description = The SigmaTel Audio Service service terminated unexpectedly. It has done this 1 time(s). Error - 12/12/2012 5:53:24 PM | Computer Name = XXXXX | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 12/12/2012 5:53:24 PM | Computer Name = XXXXX | Source = Service Control Manager | ID = 7034 Description = The SigmaTel Audio Service service terminated unexpectedly. It has done this 1 time(s). Error - 12/12/2012 6:19:15 PM | Computer Name = XXXXX | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 12/12/2012 6:19:26 PM | Computer Name = XXXXX | Source = Service Control Manager | ID = 7034 Description = The SigmaTel Audio Service service terminated unexpectedly. It has done this 1 time(s). Error - 12/13/2012 10:28:26 AM | Computer Name = XXXXX | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 12/13/2012 10:29:17 AM | Computer Name = XXXXX | Source = Service Control Manager | ID = 7034 Description = The SigmaTel Audio Service service terminated unexpectedly. It has done this 1 time(s). Error - 12/13/2012 11:18:07 AM | Computer Name = XXXXX | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 12/13/2012 11:18:20 AM | Computer Name = XXXXX | Source = Service Control Manager | ID = 7034 Description = The SigmaTel Audio Service service terminated unexpectedly. It has done this 1 time(s). < End of report >
  11. I have a problem. I went into Add/Remove programs and uninstalled SuperAntiSpyware. It showed me a screen that it was removed but it still was in the list so I clicked it again to remove it. It told me it wasn't there and asked me if I wanted to remove it from the list so I did. I restarted computer and the dang thing is still showing in my system tray. I right clicked it to Exit, went back to Add/Remove but it is not listed there. I went to Programs Files and the folder is there. I tried to delete it but it says I don't have permission to do that and I am the Administrator. I have XP Pro. What do I need to do to rid myself of this thing? Thanks.
  12. I'd like to say thank you for all your patient help trying to get to the root of my redirect attempts. Although we did not find a cause and Adblock Plus has stopped those redirect attempts I sure do appreciate all the hours that was spent trying to get to the root of this ever hiding proplem! You are a very patient person and that is very compforting to those of us that don't understand all the terms etc that go along with malware infestations. THANK YOU for working with me - I wo...

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.