New
#11
You are missing some important registry keys
You can download the keys from here
Windows Firewall damaged by 'Windows 7 antivirus 2012'
You are missing some important registry keys
You can download the keys from here
Windows Firewall damaged by 'Windows 7 antivirus 2012'
Sorry for the delay, here's another log taking place after downloading and running some of the keys off of the webpage you directed me to (Most of what the log says was missing from there).
Program started at: 09/13/2012 03:34:18 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
Checking for Windows services to stop.
* No malware services found to stop.
Checking for processes to terminate.
* C:\Program Files\Java\jre6\bin\jusched.exe (PID: 3772) [FI]
1 proccess terminated!
Checking Registry for malware related settings.
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks.
* Windows Defender Disabled
[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
Checking Windows Service Integrity:
* Background Intelligent Transfer Service (BITS) is not Running.
Startup Type set to: Automatic (Delayed Start)
* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic (Delayed Start)
* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)
* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)
* AppMgmt [Missing Service]
* CscService [Missing Service]
* iphlpsvc [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]
* WinDefend => %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [Incorrect ServiceDLL]
Searching for Missing Digital Signatures:
* No issues found.
Program finished at: 09/13/2012 03:35:06 PM
Execution time: 0 hours(s), 0 minute(s), and 47 seconds(s)
Are you sure?
Cause that "[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001" kinda seems a bit....ominous. Also, that bProtector addon is still in my firefox manager. It says its disabled, but I can't seem to be able to remove it at all...
Edit: No redirect it seems on IE, but Google Chrome is still doing it. Thanks again for all your help.
Last edited by ShenmueAdvocate; 14 Sep 2012 at 22:29. Reason: Need to put in more info
Nothing wrong with the registry entry
Download and run OTL
Download http://oldtimer.geekstogo.com/OTL.exe by Old Timer and save it to your Desktop.
- Double click on OTL.exe to run it.
- Under Output, ensure that Minimal Output is selected.
- Under Extra Registry section, select Use SafeList.
- Click the Scan All Users checkbox.
- Click on Run Scan at the top left hand corner.
- When done, two Notepad files will open.
- OTL.txt <-- Will be opened and the that I need posted back here
- Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
- Please post the contents of OTL.txt in your next reply.
Code:OTL logfile created on: 9/15/2012 11:37:11 PM - Run 1 OTL by OldTimer - Version 3.2.61.5 Folder = C:\Users\Paul\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.75 Gb Total Physical Memory | 1.71 Gb Available Physical Memory | 45.53% Memory free 7.49 Gb Paging File | 4.13 Gb Available in Paging File | 55.11% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 444.92 Gb Total Space | 197.70 Gb Free Space | 44.44% Space Free | Partition Type: NTFS Drive D: | 20.55 Gb Total Space | 2.99 Gb Free Space | 14.55% Space Free | Partition Type: NTFS Drive E: | 99.02 Mb Total Space | 90.88 Mb Free Space | 91.78% Space Free | Partition Type: FAT32 Computer Name: PAUL-LAPTOP | User Name: Paul | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\Paul\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe (Giraffic) PRC - C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe (Giraffic) PRC - C:\Program Files (x86)\Norton Security Suite\Engine\6.3.0.14\ccsvchst.exe (Symantec Corporation) PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.) PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) PRC - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.) PRC - C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe (DeviceVM, Inc.) PRC - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.) PRC - C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Acresso Corporation) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - c:\ProgramData\bProtectorForWindows\2.2.453.59\protector.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll () MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll () MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll () ========== Services (SafeList) ========== SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpywareare\SASCORE64.EXE (SUPERAntiSpyware.com) SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.) SRV:64bit: - (AESTFilters) -- C:\Program Files\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation) SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (DpHost) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.) SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard) SRV:64bit: - (HPWMISVC) -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe () SRV:64bit: - (vcsFPService) -- C:\Windows\SysNative\vcsFPService.exe (Validity Sensors, Inc.) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (Giraffic) -- C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe (Giraffic) SRV - (N360) -- C:\Program Files (x86)\Norton Security Suite\Engine\6.3.0.14\ccSvcHst.exe (Symantec Corporation) SRV - (Desura Install Service) -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe (Desura Pty Ltd) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.) SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company) SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.) SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (DvmMDES) -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe (DeviceVM, Inc.) SRV - (CinemaNow Service) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.) SRV - (vcsFPService) -- C:\Windows\SysWOW64\vcsFPService.exe (Validity Sensors, Inc.) SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation) DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (Power Software Ltd) DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\srtspx64.sys (Symantec Corporation) DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\srtsp64.sys (Symantec Corporation) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.) DRV:64bit: - (ccSet_N360) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\ccsetx64.sys (Symantec Corporation) DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\symefa64.sys (Symantec Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\symnets.sys (Symantec Corporation) DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\ironx64.sys (Symantec Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\symds64.sys (Symantec Corporation) DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpywareare\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpywareare\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company) DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (DVMIO) -- C:\Windows\SysNative\drivers\dvmio.sys (DeviceVM, Inc.) DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120915.008\ex64.sys (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120915.008\eng64.sys (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120914.001\IDSviA64.sys (Symantec Corporation) DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120905.001\BHDrvx64.sys (Symantec Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1 IE - HKLM\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {9E457C61-464F-4C1F-A525-7B2572FE752F} IE - HKLM\..\SearchScopes\{9E457C61-464F-4C1F-A525-7B2572FE752F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKLM\..\SearchScopes\{D9556055-A346-4290-BACA-44DA16A78FD1}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1802773089-3845710631-1931485571-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1 IE - HKU\S-1-5-21-1802773089-3845710631-1931485571-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-1802773089-3845710631-1931485571-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://xfinity.comcast.net/ [binary data] IE - HKU\S-1-5-21-1802773089-3845710631-1931485571-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1 IE - HKU\S-1-5-21-1802773089-3845710631-1931485571-1000\..\SearchScopes,DefaultScope = {9E457C61-464F-4C1F-A525-7B2572FE752F} IE - HKU\S-1-5-21-1802773089-3845710631-1931485571-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Veoh Web Player Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "Veoh Web Player Customized Web Search" FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2653012&SearchSource=13" FF - prefs.js..extensions.enabledAddons: nvnorqcxhh@nvnorqcxhh.org:2.5 FF - prefs.js..extensions.enabledAddons: tineye@ideeinc.com:1.1 FF - prefs.js..extensions.enabledAddons: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.18 FF - prefs.js..extensions.enabledAddons: {cd90bf73-20f6-44ef-993d-bb920303bd2e}:3.15.1.0 FF - prefs.js..extensions.enabledAddons: {E4091D66-127C-11DB-903A-DE80D2EFDFE8}:1.6.5.5 FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:1.0 FF - prefs.js..extensions.enabledAddons: {ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}:0.3.8.1 FF - prefs.js..extensions.enabledAddons: scriptish@erikvold.com:0.1.7 FF - prefs.js..extensions.enabledAddons: {0153E448-190B-4987-BDE1-F256CADA672F}:15.0.6 FF - prefs.js..extensions.enabledAddons: {bb6bc1bb-f824-4702-90cd-35e2fb24f25d}:1.5.1.1 FF - prefs.js..extensions.enabledAddons: cookiemgr@jayapal.com:4.5 FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15 FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.5.5 FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=2&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.11.1\npHDPlg.dll () FF - HKCU\Software\MozillaPlugins\BYOND: C:\Program Files (x86)\BYOND\bin\npbyond.dll (BYOND) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\ [2012/08/25 13:11:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\ [2012/09/14 15:20:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2012/08/25 13:08:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/08/25 13:08:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/08/25 13:11:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/08/25 13:11:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/08/25 13:11:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 01:14:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/07 01:14:30 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\bProtectorForWindows\2.2.453.59\FirefoxExtension [2012/09/02 20:14:33 | 000,000,000 | ---D | M] [2012/01/08 18:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Extensions [2012/09/14 20:16:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions [2012/08/25 12:18:08 | 000,000,000 | ---D | M] (XFINITY Toolbar) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions\{4b9bcce8-a70b-402a-a7e1-db96831ee26f} [2012/09/01 14:26:25 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2012/08/25 13:11:37 | 000,000,000 | ---D | M] (Veoh Web Player Community Toolbar) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e} [2012/01/08 19:01:04 | 000,000,000 | ---D | M] ("ImageHost Grabber") -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions\{E4091D66-127C-11DB-903A-DE80D2EFDFE8} [2012/09/07 19:32:15 | 000,000,000 | ---D | M] (Advanced Cookie Manager) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions\cookiemgr@jayapal.com [2012/09/14 20:16:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions\staged [1832/11/29 00:22:58 | 000,004,804 | ---- | M] () (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions\nvnorqcxhh@nvnorqcxhh.org.xpi [2012/08/31 14:21:27 | 000,226,493 | ---- | M] () (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions\scriptish@erikvold.com.xpi [2012/01/08 19:01:04 | 000,008,001 | ---- | M] () (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions\tineye@ideeinc.com.xpi [2012/09/14 15:21:58 | 000,527,915 | ---- | M] () (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012/08/14 13:54:07 | 000,061,403 | ---- | M] () (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2012/09/12 23:23:16 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012/08/24 15:06:43 | 000,270,021 | ---- | M] () (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012/06/17 21:06:58 | 000,041,372 | ---- | M] () (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions\{ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}.xpi [2012/09/14 20:16:45 | 000,270,876 | ---- | M] () (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\extensions\staged\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012/01/18 20:44:24 | 000,000,933 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\9ksz9ca1.default\searchplugins\conduit.xml [2012/09/07 01:14:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/08/25 13:11:34 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2012/09/07 01:14:33 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2008/07/08 17:07:06 | 000,040,960 | ---- | M] (BYOND) -- C:\Program Files (x86)\mozilla firefox\plugins\npbyond.dll [2012/08/07 16:12:00 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2012/08/31 14:20:27 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/08/31 14:20:26 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - homepage: http://www.google.com CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://www.google.com CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: Hulu Desktop (Enabled) = C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.11.1\npHDPlg.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: YouTube = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Babylon Toolbar = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.8\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ CHR - Extension: Norton Identity Protection = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.5.11_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: 4chan Plus = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj\2.5.5_0\ CHR - Extension: Gmail = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012/09/07 20:05:44 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\6.3.0.14\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\6.3.0.14\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\6.3.0.14\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1802773089-3845710631-1931485571-1000\..\Toolbar\WebBrowser: (Veoh Web Player Toolbar) - {CD90BF73-20F6-44EF-993D-BB920303BD2E} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company) O4:64bit: - HKLM..\Run: [HPToneControl] C:\Program Files\Hewlett-Packard\HPToneControl\HPToneCtl.exe (Hewlett-Packard ) O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe () O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1802773089-3845710631-1931485571-1000..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com) O4 - HKU\S-1-5-21-1802773089-3845710631-1931485571-1000..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Acresso Corporation) O4 - HKU\S-1-5-21-1802773089-3845710631-1931485571-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpywareare\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4 - HKU\S-1-5-21-1802773089-3845710631-1931485571-1000..\Run: [VeohPlugin] C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-1802773089-3845710631-1931485571-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Reg Error: Value error.) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 10.6.2) O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab (SysInfo Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7AD56671-E2B0-4646-BFC0-35BFE3CCB808}: DhcpNameServer = 75.75.75.75 75.75.76.76 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (c:\progra~3\bprote~1\22453~1.59\protec~1.dll) - c:\ProgramData\bProtectorForWindows\2.2.453.59\protector.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{1cafc1e4-692d-11e0-bc7f-de96aef51999}\Shell - "" = AutoRun O33 - MountPoints2\{1cafc1e4-692d-11e0-bc7f-de96aef51999}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Setup\rsrc\Autorun.exe O33 - MountPoints2\G\Shell\dinstall\command - "" = G:\Directx\dxsetup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/09/15 23:35:27 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Paul\Desktop\OTL.exe [2012/09/12 19:52:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys [2012/09/12 19:52:17 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2012/09/11 16:42:55 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2012/09/11 16:42:55 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2012/09/09 17:50:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{CC337E9C-D5D9-4ECC-A1DC-96567513BD55} [2012/09/07 21:14:40 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012/09/07 20:28:54 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012/09/07 19:26:30 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\subinacl.exe [2012/09/07 19:21:50 | 000,000,000 | ---D | C] -- C:\RegBackup [2012/09/07 01:14:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012/09/07 00:00:35 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{8CAFB278-7DD9-4F3C-98E2-E8BF089B48BF} [2012/09/06 20:49:23 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{7A1B9101-C6EC-4EAC-9803-D9E841A82FE5} [2012/09/06 12:31:08 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2012/09/06 12:11:01 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs [2012/09/06 12:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com [2012/09/06 12:10:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com [2012/09/05 15:17:32 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\rkill [2012/09/04 23:50:03 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\RK_Quarantine [2012/09/04 19:43:17 | 001,614,240 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Paul\Desktop\rkill.com [2012/09/04 15:31:42 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\SUPERAntiSpyware.com [2012/09/04 15:31:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2012/09/04 15:30:56 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2012/09/03 20:18:39 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{0B7E608C-BDBE-463D-A860-D9233F2B9AB3} [2012/09/02 20:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService [2012/09/02 20:14:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins [2012/09/02 20:14:33 | 000,000,000 | ---D | C] -- C:\ProgramData\bProtectorForWindows [2012/09/02 17:51:14 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{392FE6A1-4AFE-4B68-AEED-C92055639108} [2012/08/31 23:33:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012/08/31 23:33:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012/08/31 23:33:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2012/08/27 02:55:22 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{88F86773-0600-43CF-AB73-A7073B829526} [2012/08/26 20:46:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HiJackThisSucka [2012/08/26 20:46:15 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2012/08/25 23:51:20 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{1B11365C-D7B2-4191-96FA-2A402DCB92BB} [2012/08/25 19:16:28 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpywareare [2012/08/25 14:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools [2012/08/25 14:12:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\TestApp [2012/08/25 12:18:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SFT [2012/08/25 12:18:28 | 000,000,000 | ---D | C] -- C:\ProgramData\GID [2012/08/25 12:18:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\xfin_portal [2012/08/25 12:18:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Constant Guard Protection Suite1 [2012/08/25 12:06:24 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\iolo [2012/08/25 12:06:24 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo [2012/08/24 22:22:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2012/08/24 22:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2012/08/24 22:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Files [2012/08/24 21:53:51 | 000,126,312 | R--- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2012/08/24 21:53:51 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll [2012/08/24 21:51:32 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 [2012/08/24 20:00:19 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Malwarebytes [2012/08/24 20:00:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/08/22 15:11:59 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012/08/22 15:11:33 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2012/08/19 14:25:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{648FECFE-8D0B-411D-814A-104142A0A815} [2012/08/18 18:40:10 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{0E063B9C-71BB-4600-9B86-516073FDFF61} [2012/08/17 18:13:06 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{798B9EDE-2195-4E4F-B3A1-5170DC022172} [2012/08/17 18:12:46 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{D557A6A8-0BF7-4F34-A154-BFD6CA9F2BFF} ========== Files - Modified Within 30 Days ========== File not found -- C:\Windows\SysNative\ [2012/09/15 23:35:28 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Paul\Desktop\OTL.exe [2012/09/15 23:15:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/09/15 15:29:14 | 000,779,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/09/15 15:29:14 | 000,660,546 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/09/15 15:29:14 | 000,121,442 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/09/15 15:26:44 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/09/15 15:26:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/09/14 15:29:37 | 000,023,248 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/09/14 15:29:37 | 000,023,248 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/09/14 15:19:45 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys [2012/09/12 22:54:20 | 001,890,943 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\Cat.DB [2012/09/08 17:21:36 | 000,010,036 | ---- | M] () -- C:\Users\Paul\Documents\cc_20120908_172105.reg [2012/09/07 21:14:48 | 000,355,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/09/07 21:12:20 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2012/09/07 20:05:44 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/09/07 20:03:36 | 000,779,306 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/09/07 19:24:46 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-PAUL-LAPTOP-Microsoft-Windows-7-Home-Premium-(64-bit).dat [2012/09/06 12:10:54 | 000,002,291 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk [2012/09/04 23:17:13 | 001,378,816 | ---- | M] () -- C:\Users\Paul\Desktop\RogueKiller.exe [2012/09/04 19:43:21 | 001,614,240 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Paul\Desktop\rkill.com [2012/09/04 18:17:31 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012/09/04 15:31:02 | 000,001,835 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2012/09/02 20:16:28 | 000,002,237 | ---- | M] () -- C:\Users\Paul\Application Data\Microsoft\Internet Explorer\Quick Launch\Veoh Web Player Beta.lnk [2012/09/02 20:16:28 | 000,002,215 | ---- | M] () -- C:\Users\Paul\Desktop\Veoh Web Player.lnk [2012/09/02 13:16:35 | 003,707,174 | ---- | M] () -- C:\Users\Paul\Documents\bookmark.htm [2012/09/02 00:55:18 | 000,007,598 | ---- | M] () -- C:\Users\Paul\AppData\Local\Resmon.ResmonCfg [2012/08/31 23:33:34 | 000,001,262 | ---- | M] () -- C:\Users\Paul\Desktop\Spybot - Search & Destroy.lnk [2012/08/29 17:38:03 | 000,000,590 | ---- | M] () -- C:\Users\Paul\Documents\Radio Playlist.xspf [2012/08/26 20:46:15 | 000,003,003 | ---- | M] () -- C:\Users\Paul\Desktop\HiJackThis.lnk [2012/08/26 20:39:09 | 000,000,983 | ---- | M] () -- C:\Users\Paul\Desktop\PeaZip.lnk [2012/08/25 13:41:21 | 000,002,431 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk [2012/08/25 13:36:36 | 000,008,942 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\VT20120731.038 [2012/08/24 21:53:41 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2012/08/24 21:53:41 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2012/08/24 21:53:41 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2012/08/22 15:11:25 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll [2012/08/22 15:11:25 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2012/08/22 15:11:25 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012/08/22 15:11:25 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012/08/22 15:11:25 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012/08/22 15:11:25 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2012/08/22 14:12:40 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2012/08/22 14:12:33 | 000,288,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2012/08/22 12:24:17 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/08/22 12:24:17 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/08/21 18:46:29 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForPaul.job [2012/08/20 16:14:52 | 000,006,904 | ---- | M] () -- C:\Users\Paul\Documents\cc_20120820_161437.reg [2012/08/20 14:47:52 | 000,000,222 | ---- | M] () -- C:\Users\Paul\Desktop\Superbrothers Sword & Sworcery EP.url ========== Files Created - No Company Name ========== File not found -- C:\Windows\SysNative\ [2012/09/08 17:21:09 | 000,010,036 | ---- | C] () -- C:\Users\Paul\Documents\cc_20120908_172105.reg [2012/09/07 20:01:01 | 000,303,616 | ---- | C] ( ) -- C:\SetACL.exe [2012/09/07 19:24:46 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-PAUL-LAPTOP-Microsoft-Windows-7-Home-Premium-(64-bit).dat [2012/09/06 12:10:53 | 000,002,291 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk [2012/09/04 23:17:12 | 001,378,816 | ---- | C] () -- C:\Users\Paul\Desktop\RogueKiller.exe [2012/09/04 15:31:02 | 000,001,835 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2012/09/02 20:16:28 | 000,002,237 | ---- | C] () -- C:\Users\Paul\Application Data\Microsoft\Internet Explorer\Quick Launch\Veoh Web Player Beta.lnk [2012/09/02 13:12:41 | 003,707,174 | ---- | C] () -- C:\Users\Paul\Documents\bookmark.htm [2012/08/31 23:33:34 | 000,001,262 | ---- | C] () -- C:\Users\Paul\Desktop\Spybot - Search & Destroy.lnk [2012/08/29 17:38:02 | 000,000,590 | ---- | C] () -- C:\Users\Paul\Documents\Radio Playlist.xspf [2012/08/26 20:46:15 | 000,003,003 | ---- | C] () -- C:\Users\Paul\Desktop\HiJackThis.lnk [2012/08/20 16:14:46 | 000,006,904 | ---- | C] () -- C:\Users\Paul\Documents\cc_20120820_161437.reg [2012/08/20 14:47:52 | 000,000,222 | ---- | C] () -- C:\Users\Paul\Desktop\Superbrothers Sword & Sworcery EP.url [2012/08/16 01:54:46 | 000,000,350 | ---- | C] () -- C:\Windows\d3xp.ini [2012/05/27 21:45:38 | 000,000,343 | ---- | C] () -- C:\Windows\doom3.ini [2012/01/02 16:11:37 | 000,779,306 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/12/25 00:04:57 | 000,000,032 | R--- | C] () -- C:\Users\Paul\hash.dat [2011/11/03 13:46:40 | 000,007,598 | ---- | C] () -- C:\Users\Paul\AppData\Local\Resmon.ResmonCfg [2011/06/06 20:48:12 | 000,000,036 | ---- | C] () -- C:\Users\Paul\.org.eclipse.epp.usagedata.recording.userId [2011/05/19 13:08:45 | 000,001,940 | ---- | C] () -- C:\Users\Paul\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini < End of report >
Hey, do you want me to upload the extra file here too now? Or should I use the OldTimer program again? Had a system crash on start-up out of no where yesterday, even though the computer turned off properly. Still worried. Also, would I be able to get rid of bProtector if I just delete the program data folder?
Last edited by ShenmueAdvocate; 25 Sep 2012 at 20:01. Reason: Forgot this piece of info