Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - PastyWhiteGuy

Pages: [1]
1
LandzDown Lounge / Cutting the cable cord
« on: July 12, 2018, 02:05:13 AM »
We've got Google cable and with an upcoming rate change, we're trying to find a reliable alternative, preferably one with no hidden grenades. And one with a good record of service.

I'm hoping for a robust conversation with some great thoughts and ideas for a solution.

Thanks in advance.   :)

2
Internet / FF Profile backup
« on: October 22, 2017, 11:39:09 PM »
Greetings.

I'm getting ready to upgrade to the new 64-bit version and have been cautioned that I won't be able to go back to the previous version if needed/desired as the 32-bit profile will have gone away.

I searched what my beloved wife used and found that MozBackup isn't being developed past Windows 7.

Can I get a recommendation and a safe download site please?

3
Analysis and Malware Removal / asking from tablet
« on: March 08, 2015, 12:49:54 AM »
 :sos:

Lenovo  laptop win 8.1. I can access yahoo email & google, but nothing else. Ran Malwarebytes, no help. Click on a googlesearch target and it goes nowhere, not even to Landzdown.  :(

I was notified on a restart that ther were updates available. went to CP & Windows Update. Had 2 updates, 1 for Windows Defender, one for malicious software tool. Installed those and it's not been good since. Cannot locate the two KB updates to remove them.

Help Pleaase. Can't attach as cannot access from that computer.

4
Computer Problems, Questions and Solutions! / Protecting a WinXP Machine
« on: October 13, 2014, 11:32:17 PM »
Hello all,

I have a desktop machine that has WinXP Pro at the moment, SP3.

I frankly cannot afford to load a new OS right now and want to use the machine and it needs to have net access for my purposes (VOIP).

What software do I need to use to protect it until I can upgrade?

5
Analysis and Malware Removal / Adware issue in Win8.1-Lenovo
« on: March 17, 2014, 02:00:48 AM »
New computer, week old, problem already. :(

Thanks in advance.

Click on a new screen and it brings up some kind of new tab in FF, something about "FastDailyFinds". Now it's "OnLineWebFind". Aggravating.

I've installed SpywareBlaster and MalwareBytes. Scanned with MWB and found a bunch of things from something called PlurPush. Like 130 instances, all preceded by "PUP.". Deleted.

Went to the instructions on how to post. DDS will not run. Says it's not meant to run in Compatibility Mode. Must not like 8.1.

Ran SecurityCheck:

 Results of screen317's Security Check version 0.99.80 
   x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````[/u]
 Windows Firewall Enabled! 
McAfee Anti-Virus and Anti-Spyware   
Windows Defender                     
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````[/u]
 SpywareBlaster 5.0   
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Adobe Flash Player    12.0.0.70 
 Mozilla Firefox (27.0.1)
````````Process Check: objlist.exe by Laurent````````[/u] 
 WinPatrol winpatrol.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 BillP Studios WinPatrol WinPatrol.exe 
`````````````````System Health check`````````````````[/u]
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````[/u]

6
What a mess! New computer, just purchase, just set up in a very foreign OS 8:1.

Set up late last night and to the best of my knowledge, I did not add a system password, but when the computer woke up this am, it's demanding a PW. Arrrgh.

Microsoft. com says"use your password recovery disk". So, what if said disk was never created?

HELP!!

7
Something new and less frantic.

My laptop runs Windows 7 and is wireless. My honey's machine is a desktop using XP and has a nice little Samsung ML-2510 laser printer. For a while, I could painlessly print to that printer, no problem.

Some time ago (we cannot pinpoint when) something happened. I think it may have happened when we had to play router games. At any rate, I no longer seem to have any ability to print directly to her printer. Looking on my Win7 machine, I can see permissions and one of the ones that seems to apply to me says that I don't have the ability to wake up her sleeping printer. I don't know if that's the issue or not, but I need to figure out how to gain permissions for that printer from my machine so I can wake it, I think.

I cannot figure out where there are any permissions for the machine in XP. I could find permissions for folders, but not for the printer.  :(

 :sos:

8
somewhere about the time I updated to FF22, I started to experience frequent "visits" by pop-ups, new FF windows opening, new FF tabs opening. I believe that I also was requested to update Flash at that time and then again a couple of more times since then. There have been warnings that my FF (currently 23.0.1) was out of date. I did update when it was suggested. No help on the "visitors" front. I ran Malwarebytes this morning and it removed 60 or 66 objects (I saved the log). Thanks in advance for your help.
========================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16502  BrowserJavaVersion: 10.25.2
Run by Deanszf at 13:26:31 on 2013-08-29
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3546.2049 [GMT -5:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Nuance\dgnsvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\DllHost.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: SelectionLinks: {1C8501DD-5580-48AB-B25C-6D5DBE835A6A} - c:\program files\oapps\SelectionLinks.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton internet security\engine\20.4.0.40\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton internet security\engine\20.4.0.40\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\20.4.0.40\coieplg.dll
uRun: [ISUSPM] c:\programdata\flexnet\connect\11\ISUSPM.exe -scheduler
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [DNS7reminder] "c:\program files\nuance\naturallyspeaking11\ereg\ereg.exe" -r "c:\programdata\nuance\naturallyspeaking11\Ereg.ini"
mRun: [SSDMonitor] c:\program files\symantec\norton utilities 16\smonitor\SSDMonitor.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
TCP: NameServer = 209.18.47.61 209.18.47.62 192.168.1.1 209.18.47.61 209.18.47.62
TCP: Interfaces\{88B0FCA9-AB75-498D-9147-A9C119EBAEE3} : DHCPNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 209.18.47.61 209.18.47.62
TCP: Interfaces\{88B0FCA9-AB75-498D-9147-A9C119EBAEE3}\34F4D464F4254502230353 : DHCPNameServer = 64.65.196.6 64.65.208.6 8.8.8.8
TCP: Interfaces\{88B0FCA9-AB75-498D-9147-A9C119EBAEE3}\355485950244F4C4058494E4 : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{88B0FCA9-AB75-498D-9147-A9C119EBAEE3}\C696E6B6379737 : DHCPNameServer = 75.75.76.76 75.75.75.75
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\deanszf\appdata\roaming\mozilla\firefox\profiles\1pq0i6wu.default\
FF - prefs.js: browser.startup.homepage - hxxp://zionfire.com/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/?d=4dc3949e&i=23&tp=ab&nt=1&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files\musicnotes\npmusicn.dll
FF - plugin: c:\program files\musicnotes\NPSibelius.dll
FF - plugin: c:\program files\tracker software\pdf viewer\npPDFXCviewNPPlugin.dll
FF - plugin: c:\users\deanszf\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
FF - ExtSQL: 2013-07-16 20:47; {D7749E94-5FAD-4836-91B0-9FAA427A34F3}; c:\users\deanszf\appdata\roaming\mozilla\firefox\profiles\1pq0i6wu.default\extensions\{D7749E94-5FAD-4836-91B0-9FAA427A34F3}
FF - ExtSQL: 2013-07-20 23:11; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\deanszf\appdata\roaming\mozilla\firefox\profiles\1pq0i6wu.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - ExtSQL: 2013-08-04 01:32; plugin@getwebcake.com; c:\users\deanszf\appdata\roaming\mozilla\firefox\profiles\1pq0i6wu.default\extensions\plugin@getwebcake.com
.
---- FIREFOX POLICIES ----
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);user_pref('extensions.blocklist.enabled', false);FF - user.js: extentions.webcake.installId - 0e70866e-aa3b-40ce-b982-955a58e0f8dd
FF - user.js: extentions.webcake.defaultEnableAppsList - layers/banner,layers/inline,layers/search,layers/shopping,newOffers/wc
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1404000.028\symds.sys [2013-6-13 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1404000.028\symefa.sys [2013-6-13 934488]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.3.1.22\definitions\bashdefs\20130715.001\BHDrvx86.sys [2013-7-16 1002072]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1404000.028\ccsetx86.sys [2013-6-13 134744]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.3.1.22\definitions\ipsdefs\20130828.001\IDSvix86.sys [2013-8-29 392792]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1404000.028\ironx86.sys [2013-6-13 175264]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\nis\1404000.028\symnets.sys [2013-6-13 339544]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 DragonSvc;Dragon Service;c:\program files\common files\nuance\dgnsvc.exe [2011-6-5 296808]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-7-17 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-7-17 701512]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\20.4.0.40\ccsvchst.exe [2013-6-13 144368]
R2 NU16StartManagerSvc;Norton Utilities 16 Start Manager Service;c:\program files\symantec\norton utilities 16\smonitor\StartManSvc.exe [2013-5-1 792608]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-8-29 108120]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-7-17 22856]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-21 162408]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 DiskDoctorService;Norton Disk Doctor Service;c:\program files\symantec\norton utilities 16\tools\disk doctor\DiskDoctorSrv.exe [2013-5-1 1147424]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-2-17 14848]
S3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\drivers\ser2pl.sys [2013-2-22 134144]
S3 SpeedDiskService;Norton SpeedDisk Service;c:\program files\symantec\norton utilities 16\tools\speeddisk\SpeedDiskSrv.exe [2013-5-1 1160224]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-2-17 49664]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-12-27 1343400]
.
=============== Created Last 30 ================
.
2013-08-29 17:13:53   1620992   ----a-w-   c:\windows\system32\WMVDECOD.DLL
2013-08-29 17:13:51   175104   ----a-w-   c:\windows\system32\wintrust.dll
2013-08-29 17:13:51   140288   ----a-w-   c:\windows\system32\cryptsvc.dll
2013-08-29 17:13:51   1166848   ----a-w-   c:\windows\system32\crypt32.dll
2013-08-29 17:13:51   103936   ----a-w-   c:\windows\system32\cryptnet.dll
2013-08-29 17:11:48   3913664   ----a-w-   c:\windows\system32\ntoskrnl.exe
2013-08-29 17:11:47   3968960   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2013-08-29 17:11:46   1289096   ----a-w-   c:\windows\system32\ntdll.dll
2013-08-29 17:11:40   652800   ----a-w-   c:\windows\system32\rpcrt4.dll
2013-08-29 17:11:39   1293760   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2013-08-29 17:11:36   2048   ----a-w-   c:\windows\system32\tzres.dll
2013-08-29 17:10:26   31232   ----a-w-   c:\windows\system32\drivers\tssecsrv.sys
2013-08-11 12:17:07   --------   d-----w-   c:\users\deanszf\appdata\roaming\Movdap
2013-08-11 12:17:06   --------   d-----w-   c:\program files\Movdap
2013-08-04 06:32:34   --------   d-----w-   c:\users\deanszf\appdata\roaming\Web Cake
2013-08-04 00:21:31   --------   d-----w-   c:\users\deanszf\appdata\local\CrashDumps
.
==================== Find3M  ====================
.
2013-08-21 16:21:59   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-21 16:21:59   692104   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-07-25 02:32:35   1800704   ----a-w-   c:\windows\system32\jscript9.dll
2013-07-25 02:26:10   1129472   ----a-w-   c:\windows\system32\wininet.dll
2013-07-25 02:25:30   1427968   ----a-w-   c:\windows\system32\inetcpl.cpl
2013-07-25 02:23:59   142848   ----a-w-   c:\windows\system32\ieUnatt.exe
2013-07-25 02:23:58   420864   ----a-w-   c:\windows\system32\vbscript.dll
2013-07-25 02:22:35   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2013-07-19 20:50:21   94632   ----a-w-   c:\windows\system32\WindowsAccessBridge.dll
2013-07-19 20:50:20   867240   ----a-w-   c:\windows\system32\npdeployJava1.dll
2013-07-19 20:50:20   789416   ----a-w-   c:\windows\system32\deployJava1.dll
2013-06-17 23:13:15   142496   ----a-w-   c:\windows\system32\drivers\SYMEVENT.SYS
2013-06-05 03:05:09   2347520   ----a-w-   c:\windows\system32\win32k.sys
2013-06-04 04:53:07   509440   ----a-w-   c:\windows\system32\qedit.dll
.
============= FINISH: 13:27:11.64 ===============

and

 Results of screen317's Security Check version 0.99.73 
 Windows 7 Service Pack 1 x86 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````[/u]
 Windows Firewall Enabled! 
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````[/u]
 SpywareBlaster 5.0   
 Malwarebytes Anti-Malware version 1.75.0.1300 
 AVG PC Tuneup 2011 
 Java 7 Update 25 
 Adobe Flash Player    11.8.800.94 
 Adobe Reader 10.1.7 Adobe Reader out of Date! 
 Mozilla Firefox (Firefox,. Firefox out of Date! 
````````Process Check: objlist.exe by Laurent````````[/u] 
 Norton ccSvcHst.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````[/u]
 Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````[/u]




9
Security Software Programs / Win7, protection strategy desired
« on: February 20, 2012, 07:38:47 PM »
I'm currently running Win7, SP2 on my laptop and have been using AVG2012, the free edition for the moment. I feel as though I am at a minimum under-protected and most days I feel both at risk and severely slowed down because of AVG issues.

I'm totally looking for opinions for options, but I really want to know the "why" of the choices, not just the what.

I'm not really a gamer, only the occasional cross-word or Sudoku or an MS single user puzzle. Mostly, I research whatever it is I'm studying at the moment.

I run FireFox 10 and Live Messenger all the time. I find that typing even a simple post like this gets delayed every few seconds by a pause of 3 to 10 seconds. I blame it on AVG, but have no evidence.

I'm considering going back to my familiar comfort zone of Norton/Symantec for anti-vi, but wondering if I also need mal-ware watchers or whatever other sorts of "watchers". Again, looking for supported statements, not just faves.

Thanks in advance.

10
Analysis and Malware Removal / Win7Pro, 2-14 Update problems
« on: February 20, 2012, 02:24:45 AM »
I'm thrilled to be back in the presence of greatness. I so appreciate the many volunteers who have assisted here and at AdAware and elsewhere. The help that I've received before from AdAware and HiJackThis and  has saved my bacon more than once. So, thanks in advance and KUDOS to y'all. :Hammys pint:

I have Win7Pro, SP1. It was a fresh install in January 2011, completely updated at that time. MS Office 2003 was loaded next, again with all updates. Then AVG was added. That was upgraded to AVG2012 earlier this month.

When the 2/14 update was made available, it did not completely finalize the update. On 2/15 and 2/16, the updater asked if I wanted to restart. I did restart each time and both times it did not complete the update. On 2/17, the updater did not ask, it just restarted the machine. Since that time, I've not been able to run ANYTHING in normal windows mode. I am currently able to run only in Safe Mode w/networking. Everything in normal mode freezes before loading or in mid-action.

I did not in any way edit the various txt files and think that I've provided all requested info.

After all of this is over, I am seriously considering ditching AVG as my anti-virus and going back to Symantec/Norton AV. I'd love to hear your thoughts. (should that be a separate topic?? :confused: )

CHECKUP:

 Results of screen317's Security Check version 0.99.31 
 Windows 7 Service Pack 1 x86 (UAC is enabled) 
 Internet Explorer 9 
``````````````````````````````
Antivirus/Firewall Check:

 Windows Security Center service is not running! This report may not be accurate!
 Windows Firewall Enabled! 
 AVG 2012     
 AVG PC Tuneup 2011   
 MuseScore 1.1 MuseScore score typesetter 
 WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

 SUPERAntiSpyware     
 AVG PC Tuneup 2011 
 Java(TM) 6 Update 20 
 Java(TM) 6 Update 29 
 Java version out of date!
 Adobe Flash Player    11.1.102.55 
 Adobe Reader X (10.1.2)
 Mozilla Firefox (Firefox,.. Firefox out of Date! 
````````````````````````````````
Process Check: 
objlist.exe by Laurent

``````````End of Log````````````

LOG.TXT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Deanszf at 2012-02-19 21:36:34
Microsoft Windows 7 Professional  Service Pack 1
System drive C: has 251 GB (82%) free of 305 GB
Total RAM: 3546 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:37:11 PM, on 2/19/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Deanszf\Downloads\RSIT.exe
C:\Program Files\trend micro\Deanszf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini"
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files\Common Files\Nuance\dgnsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

--
End of file - 5817 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Deanszf\AppData\Roaming\Mozilla\Firefox\Profiles\1pq0i6wu.default

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "http://zionfire.com/"
prefs.js - "extensions.enabledItems" -  "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10, {578e7caa-210f-4967-a0d3-88fe5b59a39f}:0.8.5, {C0CB8BA3-6C1B-47e8-A6AB-1FAB889562D9}:0.6.0.10, {1C7CCF7A-ECB8-4CE5-B5D1-A4FA477A7242}:0.3.6, {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.5, {5546F97E-11A5-46b0-9082-32AD74AAA920}:0.6.3, rehostimage@engy.us:1.5.3, {3EC9C995-8072-4fc0-953E-4F30620D17F3}:2.0.0.4, {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110704, {ada4b710-8346-4b82-8199-5de2b400a6ae}:1.9.9.4.3, {89f8dde0-010a-11da-8cd6-0800200c9a66}:1.0.1, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, amznUWL2@amazon.com:1.7, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, savedpasswordeditor@daniel.dawson:2.2.5, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1829, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"
prefs.js - "keyword.URL" -  "http://search.avg.com/?d=4dc3949e&i=23&tp=ab&nt=1&q="

"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer]
"Description"=Musicnotes Viewer Plugin
"Path"=C:\Program Files\Musicnotes\npmusicn.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Sibelius.com/Scorch Plugin]
"Description"=Sibelius Scorch Plugin
"Path"=C:\Program Files\Musicnotes\npsibelius.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFFICE.DLL
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
avg_igeared.xml
bing.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml

C:\Users\Deanszf\AppData\Roaming\Mozilla\Firefox\Profiles\1pq0i6wu.default\extensions\
{1C7CCF7A-ECB8-4CE5-B5D1-A4FA477A7242}
{3EC9C995-8072-4fc0-953E-4F30620D17F3}
{5546F97E-11A5-46b0-9082-32AD74AAA920}
{578e7caa-210f-4967-a0d3-88fe5b59a39f}
{89f8dde0-010a-11da-8cd6-0800200c9a66}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{ada4b710-8346-4b82-8199-5de2b400a6ae}
{C0CB8BA3-6C1B-47e8-A6AB-1FAB889562D9}
{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-01-24 2416480]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2010-04-05 288040]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
""= []
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"DNS7reminder"=C:\Program Files\Nuance\NaturallySpeaking11\Ereg\Ereg.exe [2010-10-27 328992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2011-06-05 222496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"msacm.trspch"=tssoft32.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.pspgru"=pspgru.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-02-19 21:36:34 ----D---- C:\rsit
2012-02-19 21:36:34 ----D---- C:\Program Files\trend micro
2012-02-17 22:14:52 ----N---- C:\bootsqm.dat
2012-02-17 09:52:03 ----A---- C:\Windows\system32\mshtmled.dll
2012-02-17 09:52:02 ----A---- C:\Windows\system32\jscript.dll
2012-02-17 09:52:02 ----A---- C:\Windows\system32\iertutil.dll
2012-02-17 09:52:01 ----A---- C:\Windows\system32\jsproxy.dll
2012-02-17 09:52:01 ----A---- C:\Windows\system32\jscript9.dll
2012-02-17 09:52:00 ----A---- C:\Windows\system32\wininet.dll
2012-02-17 09:52:00 ----A---- C:\Windows\system32\url.dll
2012-02-17 09:52:00 ----A---- C:\Windows\system32\ieui.dll
2012-02-17 09:51:58 ----A---- C:\Windows\system32\mshtml.dll
2012-02-17 09:51:57 ----A---- C:\Windows\system32\urlmon.dll
2012-02-17 09:51:57 ----A---- C:\Windows\system32\ieframe.dll
2012-02-16 00:49:42 ----D---- C:\Program Files\ReflexiveArcade
2012-02-15 11:11:23 ----A---- C:\Windows\ntbtlog.txt
2012-02-14 21:50:02 ----A---- C:\Windows\system32\msvcrt.dll
2012-02-14 21:50:00 ----A---- C:\Windows\system32\shell32.dll
2012-02-14 21:50:00 ----A---- C:\Windows\system32\ntshrui.dll
2012-02-14 21:49:59 ----A---- C:\Windows\system32\win32k.sys
2012-02-05 07:23:49 ----D---- C:\Program Files\MSXML 4.0
2012-02-04 23:20:49 ----A---- C:\Users\Deanszf\AppData\Roaming\SAS7_000.DAT
2012-02-04 23:01:30 ----D---- C:\Users\Deanszf\AppData\Roaming\Nuance
2012-02-04 13:06:06 ----D---- C:\Users\Deanszf\AppData\Roaming\FLEXnet
2012-02-04 13:04:24 ----D---- C:\Program Files\Common Files\IVA
2012-02-04 13:04:02 ----D---- C:\Program Files\Common Files\Nuance
2012-02-04 12:59:36 ----D---- C:\ProgramData\Nuance
2012-02-04 12:59:36 ----D---- C:\Program Files\Nuance
2012-01-26 22:21:01 ----D---- C:\ProgramData\FLEXnet
2012-01-26 22:20:25 ----D---- C:\Program Files\Common Files\Macrovision Shared
2012-01-26 22:20:07 ----RA---- C:\Windows\system32\AdobePDFUI.dll

======List of files/folders modified in the last 1 month======

2012-02-19 21:37:07 ----D---- C:\Windows\Temp
2012-02-19 21:36:34 ----RD---- C:\Program Files
2012-02-19 14:49:09 ----D---- C:\Windows\system32\config
2012-02-19 14:49:01 ----D---- C:\Windows\system32\drivers\AVG
2012-02-18 00:11:20 ----D---- C:\Windows\Microsoft.NET
2012-02-18 00:06:42 ----D---- C:\Windows\system32\catroot2
2012-02-18 00:06:26 ----D---- C:\Windows\Minidump
2012-02-18 00:06:21 ----D---- C:\Windows
2012-02-17 23:23:01 ----D---- C:\Windows\Prefetch
2012-02-17 23:16:21 ----D---- C:\Program Files\Mozilla Firefox
2012-02-17 21:49:57 ----RSD---- C:\Windows\assembly
2012-02-17 21:47:35 ----D---- C:\ProgramData\MFAData
2012-02-17 21:43:31 ----D---- C:\Windows\winsxs
2012-02-17 21:41:50 ----SHD---- C:\System Volume Information
2012-02-17 21:38:32 ----D---- C:\Windows\System32
2012-02-17 21:38:30 ----D---- C:\Windows\system32\migration
2012-02-17 21:38:28 ----D---- C:\Program Files\Internet Explorer
2012-02-16 10:27:27 ----SHD---- C:\Windows\Installer
2012-02-16 10:26:35 ----D---- C:\Program Files\Microsoft Silverlight
2012-02-15 10:35:01 ----D---- C:\BB
2012-02-15 10:26:38 ----A---- C:\Windows\system32\MRT.exe
2012-02-15 10:23:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-02-15 10:23:09 ----D---- C:\Windows\inf
2012-02-15 10:21:35 ----D---- C:\Windows\system32\catroot
2012-02-15 10:20:52 ----A---- C:\Windows\win.ini
2012-02-11 00:55:12 ----AD---- C:\ProgramData\TEMP
2012-02-04 13:05:57 ----D---- C:\Windows\Speech
2012-02-04 13:04:24 ----D---- C:\Program Files\Common Files
2012-02-04 12:59:36 ----HD---- C:\ProgramData
2012-01-29 05:10:42 ----N---- C:\Windows\system32\MpSigStub.exe
2012-01-27 10:38:35 ----D---- C:\Users\Deanszf\AppData\Roaming\Adobe
2012-01-26 22:20:26 ----D---- C:\ProgramData\Adobe
2012-01-26 22:20:26 ----D---- C:\Program Files\Common Files\Adobe
2012-01-26 22:20:17 ----D---- C:\Windows\system32\DriverStore
2012-01-26 22:18:15 ----RSD---- C:\Windows\Fonts
2012-01-26 22:17:11 ----D---- C:\Program Files\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-06-15 461080]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 48128]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x86; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-04-15 252536]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-07 2506232]
R3 vpcbus;Virtual PC Host Bus Service; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 172416]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-08-08 40016]
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 296064]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-13 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-13 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-13 53312]
S3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
S3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
S3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-13 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-13 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-13 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vpcusb;USB Virtualization Connector Service; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 78336]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-13 20992]
S2 DragonSvc;Dragon Service; C:\Program Files\Common Files\Nuance\dgnsvc.exe [2011-06-05 296808]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-13 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-01-26 651720]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-27 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-13 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-13 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-13 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-27 1343400]

-----------------EOF-----------------

INFO.TXT

info.txt logfile of random's system information tool 1.09 2012-02-19 21:37:13

======Uninstall list======

Adobe Acrobat  9 Standard - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-BA7E-000000000004}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe -maintain plugin
Adobe Reader X (10.1.2)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001}
Adobe Shockwave Player 11.6-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Amazon MP3 Downloader 1.0.12-->C:\Program Files\Amazon\MP3 Downloader\Uninstall.exe
AmpliTube X-GEAR-->C:\Program Files\InstallShield Installation Information\{21E77392-C30A-4AA2-8CA7-5728316939D6}\setup.exe

-runfromtemp -l0x0009 uninstall -removeonly
Apple Application Support-->MsiExec.exe /I{A83279FD-CA4B-4206-9535-90974DE76654}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
AVG 2012-->"C:\Program Files\AVG\AVG2012\avgmfapx.exe" /AppMode=SETUP /Uninstall
AVG 2012-->MsiExec.exe /I{083E0D59-B6B4-4570-AA0A-37F5B4526CF5}
AVG 2012-->MsiExec.exe /I{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}
AVG PC Tuneup 2011-->"C:\Program Files\AVG\AVG PC Tuneup 2011\unins000.exe"
Band-in-a-Box Server-->"C:\bb\BBHelper\unins000.exe"
Calorie Balance Tracker 4.0.8-->C:\Program Files\Calorie Balance Tracker\uninst.exe
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
CoyoteWT 1.1-->"C:\Program Files\Coyote\CoyoteWT\unins000.exe"
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Dell Touchpad-->C:\Program Files\DellTPad\Uninstap.exe ADDREMOVE
Dragon NaturallySpeaking 11-->MsiExec.exe /I{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}
Intel(R) Rapid Storage Technology-->C:\Program Files\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020F0}
Java(TM) 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe

/repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-

E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Mozilla Firefox 10.0.2 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MuseScore 1.1 MuseScore score typesetter-->C:\Program Files\MuseScore\Uninstall.exe
Musicnotes Software Suite 1.5.5-->"C:\Program Files\Musicnotes\unins000.exe"
openlp.org 1.2.8-->"C:\Program Files\openlp.org\unins000.exe"
OpenOffice.org 3.2-->MsiExec.exe /I{5A13987D-55F4-4271-A40E-76AC9B1B38FD}
PDF-Viewer-->"C:\Program Files\Tracker Software\PDF Viewer\unins000.exe"
PG Music DirectX Plugins 2.0.0.0-->"C:\Program Files\PowerTracks DirectX Plugins\unins000.exe"
QuickTime-->MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C}
RealTracks Shots and Holds 1-->"C:\bb\uninstall\unins006.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework

\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework

\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework

\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework

\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework

\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework

\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework

\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Sibelius Scorch (Firefox, Opera, Netscape only)-->MsiExec.exe /I{10ABE49D-343A-463E-9753-C4C5A05ECEF9}
SmartFTP Client 4.0 Setup Files (remove only)-->C:\Program Files\SmartFTP Client 4.0 Setup Files\uninst-sftp.exe
SmartFTP Client-->MsiExec.exe /X{A78DC0F4-E093-4715-9843-06053F43A8C3}
SONAR X1 Essential-->"C:\Program Files\Cakewalk\SONAR X1 Essential\unins000.exe"
SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
TSP_CODEC-->C:\Program Files\Bytescribe\TSP_CODEC\Uninst.exe /pid:{A90C03D6-08E1-4C59-B93B-6919A6C0AC19} /asd
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache

\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache

\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking-->MsiExec.exe /I{4A5A427F-BA39-4BF0-9999-9A47FBE60C9F}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Messenger-->MsiExec.exe /X{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}
Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows XP Mode-->MsiExec.exe /X{1374CC63-B520-4f3f-98E8-E9020BF01CFF}

======System event log======

Computer Name: DeanZF-PC
Event Code: 11
Message: The driver detected a controller error on \Device\Ide\IdePort0.
Record Number: 96308
Source Name: atapi
Time Written: 20110809151906.089182-000
Event Type: Error
User:

Computer Name: DeanZF-PC
Event Code: 11
Message: The driver detected a controller error on \Device\Ide\IdePort0.
Record Number: 96307
Source Name: atapi
Time Written: 20110809151906.089182-000
Event Type: Error
User:

Computer Name: DeanZF-PC
Event Code: 11
Message: The driver detected a controller error on \Device\Ide\IdePort0.
Record Number: 96306
Source Name: atapi
Time Written: 20110809151906.089182-000
Event Type: Error
User:

Computer Name: DeanZF-PC
Event Code: 11
Message: The driver detected a controller error on \Device\Ide\IdePort0.
Record Number: 96305
Source Name: atapi
Time Written: 20110809151906.089182-000
Event Type: Error
User:

Computer Name: DeanZF-PC
Event Code: 7026
Message: The following boot-start or system-start driver(s) failed to load:
discache
Record Number: 96296
Source Name: Service Control Manager
Time Written: 20110809151853.999161-000
Event Type: Error
User:

=====Application event log=====

Computer Name: Deanszf-PC
Event Code: 11935
Message: Product: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 -- Error 1935.An error occurred during the

installation of assembly

'Microsoft.VC90.ATL,version="9.0.30729.4148",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="x86",type="win32"'.

Please refer to Help and Support for more information. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem,

function: Commit, component: {A75F2217-AD54-3EA6-AE14-F255F8660531}
Record Number: 227
Source Name: MsiInstaller
Time Written: 20101227163108.000000-000
Event Type: Error
User: DEANZF-PC\Deanszf

Computer Name: Deanszf-PC
Event Code: 1015
Message: Failed to connect to server. Error: 0x800401F0
Record Number: 222
Source Name: MsiInstaller
Time Written: 20101227163052.000000-000
Event Type: Warning
User: DEANZF-PC\Deanszf

Computer Name: Deanszf-PC
Event Code: 1015
Message: Failed to connect to server. Error: 0x800401F0
Record Number: 217
Source Name: MsiInstaller
Time Written: 20101227162550.000000-000
Event Type: Warning
User: DEANZF-PC\Deanszf

Computer Name: Deanszf-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded

now. The applications or services that hold your registry file may not function properly afterwards. 

 DETAIL -
 1 user registry handles leaked from \Registry\User\S-1-5-21-562926445-1954571338-4195596783-1000:
Process 420 (\Device

\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-562926445-1954571338-4195596783-1000

Record Number: 197
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101227161849.033673-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Deanszf-PC
Event Code: 1008
Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}.

Record Number: 121
Source Name: Microsoft-Windows-Search
Time Written: 20101228041450.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: DeanZF-PC
Event Code: 1100
Message: The event logging service has shut down.
Record Number: 13502
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110424122354.959443-000
Event Type: Audit Success
User:

Computer Name: DeanZF-PC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
   Security ID:      S-1-5-18
   Account Name:      SYSTEM
   Account Domain:      NT AUTHORITY
   Logon ID:      0x3e7

Privileges:      SeAssignPrimaryTokenPrivilege
         SeTcbPrivilege
         SeSecurityPrivilege
         SeTakeOwnershipPrivilege
         SeLoadDriverPrivilege
         SeBackupPrivilege
         SeRestorePrivilege
         SeDebugPrivilege
         SeAuditPrivilege
         SeSystemEnvironmentPrivilege
         SeImpersonatePrivilege
Record Number: 13501
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110424122347.892630-000
Event Type: Audit Success
User:

Computer Name: DeanZF-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
   Security ID:      S-1-5-18
   Account Name:      DEANZF-PC$
   Account Domain:      WORKGROUP
   Logon ID:      0x3e7

Logon Type:         5

New Logon:
   Security ID:      S-1-5-18
   Account Name:      SYSTEM
   Account Domain:      NT AUTHORITY
   Logon ID:      0x3e7
   Logon GUID:      {00000000-0000-0000-0000-000000000000}

Process Information:
   Process ID:      0x274
   Process Name:      C:\Windows\System32\services.exe

Network Information:
   Workstation Name:   
   Source Network Address:   -
   Source Port:      -

Detailed Authentication Information:
   Logon Process:      Advapi 
   Authentication Package:   Negotiate
   Transited Services:   -
   Package Name (NTLM only):   -
   Key Length:      0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such

as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be

left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
   - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
   - Transited services indicate which intermediate services have participated in this logon request.
   - Package name indicates which sub-protocol was used among the NTLM protocols.
   - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 13500
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110424122347.892630-000
Event Type: Audit Success
User:

Computer Name: DeanZF-PC
Event Code: 4647
Message: User initiated logoff:

Subject:
   Security ID:      S-1-5-21-562926445-1954571338-4195596783-1000
   Account Name:      Deanszf
   Account Domain:      DEANZF-PC
   Logon ID:      0x14d71

This event is generated when a logoff is initiated. No further user-initiated activity can occur. This event can be

interpreted as a logoff event.
Record Number: 13499
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110424122347.128229-000
Event Type: Audit Success
User:

Computer Name: DeanZF-PC
Event Code: 5061
Message: Cryptographic operation.

Subject:
   Security ID:      S-1-5-18
   Account Name:      DEANZF-PC$
   Account Domain:      WORKGROUP
   Logon ID:      0x3e7

Cryptographic Parameters:
   Provider Name:   Microsoft Software Key Storage Provider
   Algorithm Name:   RSA
   Key Name:   {61D33043-3C50-44BA-B0C9-2E41916C11D9}
   Key Type:   Machine key.

Cryptographic Operation:
   Operation:   Open Key.
   Return Code:   0x0
Record Number: 13498
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110424120919.794847-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%

\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared;C:\Program Files

\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"SAFEBOOT_OPTION"=NETWORK

-----------------EOF-----------------

DDS.TXT

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_29
Run by Deanszf at 21:48:20 on 2012-02-19
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3546.2648 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Deanszf\Desktop\SecurityCheck.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\notepad.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex

\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared

\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe

\acrobat\activex\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex

\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex

\AcroIEFavClient.dll
uRun: [ISUSPM] c:\programdata\flexnet\connect\11\ISUSPM.exe -scheduler
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [<NO NAME>]
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [DNS7reminder] "c:\program files\nuance\naturallyspeaking11\ereg\ereg.exe" -r "c:\programdata\nuance

\naturallyspeaking11\Ereg.ini"
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex

\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex

\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:

\progra~1\micros~3\office11\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 209.18.47.61 209.18.47.62
TCP: Interfaces\{88B0FCA9-AB75-498D-9147-A9C119EBAEE3} : DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 209.18.47.61

209.18.47.62
TCP: Interfaces\{88B0FCA9-AB75-498D-9147-A9C119EBAEE3}\137373630425164696F6 : DhcpNameServer = 192.168.10.1
TCP: Interfaces\{88B0FCA9-AB75-498D-9147-A9C119EBAEE3}\46C696E6B6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{88B0FCA9-AB75-498D-9147-A9C119EBAEE3}\A55627F677962756 : DhcpNameServer = 208.67.222.222 208.67.220.220

4.2.2.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\deanszf\appdata\roaming\mozilla\firefox\profiles\1pq0i6wu.default\
FF - prefs.js: browser.startup.homepage - hxxp://zionfire.com/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/?d=4dc3949e&i=23&tp=ab&nt=1&q=
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff4.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff5.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff6.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff7.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\musicnotes\npmusicn.dll
FF - plugin: c:\program files\musicnotes\NPSibelius.dll
FF - plugin: c:\program files\tracker software\pdf viewer\npPDFXCviewNPPlugin.dll
FF - plugin: c:\users\deanszf\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28

315392]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework

\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 DragonSvc;Dragon Service;c:\program files\common files\nuance\dgnsvc.exe [2011-6-5 296808]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-1 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-12-27 1343400]
.
=============== Created Last 30 ================
.
2012-02-20 03:36:34   --------   d-----w-   c:\program files\trend micro
2012-02-19 21:15:19   56200   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{2fff8926-c54e-

46f0-aca8-9cc638100564}\offreg.dll
2012-02-19 21:09:53   6273872   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\backup

\mpengine.dll
2012-02-19 21:09:50   6557240   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{2fff8926-c54e-

46f0-aca8-9cc638100564}\mpengine.dll
2012-02-19 02:40:34   --------   d-----w-   c:\users\deanszf\appdata\local\{9A008C79-8297-40D2-9BBE-35CB52C62ACF}
2012-02-19 02:40:24   --------   d-----w-   c:\users\deanszf\appdata\local\{0BAC75BA-AFB3-419B-B69C-D65AA572F2C6}
2012-02-17 16:32:50   --------   d-----w-   c:\users\deanszf\appdata\local\{2DAA52A8-3BF7-4FA2-A37B-673C060DCF0A}
2012-02-17 16:32:40   --------   d-----w-   c:\users\deanszf\appdata\local\{91320E5E-ED1A-4686-8A1A-A8A75C585027}
2012-02-17 15:52:03   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2012-02-17 15:52:02   141112   ----a-w-   c:\program files\internet explorer\sqmapi.dll
2012-02-17 15:52:01   194048   ----a-w-   c:\program files\internet explorer\IEShims.dll
2012-02-17 15:52:01   1798656   ----a-w-   c:\windows\system32\jscript9.dll
2012-02-17 15:52:00   1127424   ----a-w-   c:\windows\system32\wininet.dll
2012-02-17 15:51:59   678912   ----a-w-   c:\program files\internet explorer\iedvtool.dll
2012-02-17 15:51:57   1427456   ----a-w-   c:\windows\system32\inetcpl.cpl
2012-02-17 04:32:28   --------   d-----w-   c:\users\deanszf\appdata\local\{4FE8F7BE-E7C8-418A-9528-B642EDF5CA4A}
2012-02-17 04:32:17   --------   d-----w-   c:\users\deanszf\appdata\local\{5688EF1B-39FF-4E31-981D-6D5655C9572F}
2012-02-16 16:31:52   --------   d-----w-   c:\users\deanszf\appdata\local\{C0B608E7-6E68-4D2B-9EC9-FDFFB8BE625C}
2012-02-16 16:31:41   --------   d-----w-   c:\users\deanszf\appdata\local\{E080D129-29D5-4906-9768-074A8517572D}
2012-02-16 06:49:42   --------   d-----w-   c:\program files\ReflexiveArcade
2012-02-16 04:31:29   --------   d-----w-   c:\users\deanszf\appdata\local\{C9ABE47B-344B-4939-925C-80E2AE53E0FE}
2012-02-16 04:31:19   --------   d-----w-   c:\users\deanszf\appdata\local\{6DED878D-6B94-455B-B10F-314AB9D9FC84}
2012-02-15 16:30:54   --------   d-----w-   c:\users\deanszf\appdata\local\{226B2AE3-EAB8-4F69-AAEB-7F13E0738529}
2012-02-15 16:29:19   --------   d-----w-   c:\users\deanszf\appdata\local\{716398BB-9B42-4FE4-A3EE-7FD957E5A25F}
2012-02-15 04:28:20   --------   d-----w-   c:\users\deanszf\appdata\local\{03DBED07-5C1E-4249-80D8-108A0CE157F4}
2012-02-15 04:28:09   --------   d-----w-   c:\users\deanszf\appdata\local\{7105EA50-A77D-42DE-AF15-BA6E88FA4E90}
2012-02-15 03:50:09   478720   ----a-w-   c:\windows\system32\timedate.cpl
2012-02-15 03:50:02   690688   ----a-w-   c:\windows\system32\msvcrt.dll
2012-02-15 03:50:00   442880   ----a-w-   c:\windows\system32\ntshrui.dll
2012-02-15 03:49:59   2343424   ----a-w-   c:\windows\system32\win32k.sys
2012-02-14 16:27:58   --------   d-----w-   c:\users\deanszf\appdata\local\{11E6C629-11A4-4B71-9134-FECB131C6CCE}
2012-02-14 16:27:48   --------   d-----w-   c:\users\deanszf\appdata\local\{82324B76-9B02-45DC-B4F1-758575C8AA39}
2012-02-14 04:09:00   --------   d-----w-   c:\users\deanszf\appdata\local\{40ED77DC-5424-43A3-800A-C80781B2F3B1}
2012-02-14 04:08:49   --------   d-----w-   c:\users\deanszf\appdata\local\{8B5486AD-B954-4980-875E-943BFF940A40}
2012-02-13 16:08:37   --------   d-----w-   c:\users\deanszf\appdata\local\{7E749C52-CF4A-426C-83E2-666AEC98CBE2}
2012-02-13 16:08:27   --------   d-----w-   c:\users\deanszf\appdata\local\{68384653-BE9E-489D-AEC3-BCE1F0606756}
2012-02-13 03:32:38   --------   d-----w-   c:\users\deanszf\appdata\local\{860CCECD-0F13-4E27-A689-D5AEE3CE8571}
2012-02-13 03:32:28   --------   d-----w-   c:\users\deanszf\appdata\local\{73483A00-7842-4DF2-ADA0-E215803F380F}
2012-02-12 21:23:11   --------   d-----w-   c:\users\deanszf\appdata\local\{205A25EF-D324-455F-839E-CE99955148A6}
2012-02-12 06:13:58   --------   d-----w-   c:\users\deanszf\appdata\local\{158E515B-3028-4C64-9D35-655942816E4E}
2012-02-12 06:13:47   --------   d-----w-   c:\users\deanszf\appdata\local\{7732C155-BF5F-43B0-A0F2-B32FFD379ED7}
2012-02-11 18:07:26   --------   d-----w-   c:\users\deanszf\appdata\local\{7F766E60-4AA0-44A1-BB2A-11E8906E7A3C}
2012-02-11 18:07:18   --------   d-----w-   c:\users\deanszf\appdata\local\{2A5CF97F-5484-425F-B069-C28F0DC35EC9}
2012-02-11 05:08:30   --------   d-----w-   c:\users\deanszf\appdata\local\{F1BFB50F-C501-4722-BB91-3E8D5B580475}
2012-02-11 05:08:16   --------   d-----w-   c:\users\deanszf\appdata\local\{468A8932-74C7-4989-8B44-7D1DFE04D71C}
2012-02-10 05:08:36   --------   d-----w-   c:\users\deanszf\appdata\local\{F61D4277-0833-414B-B0BA-F7B413BDFCE0}
2012-02-10 05:08:26   --------   d-----w-   c:\users\deanszf\appdata\local\{746C6CF3-5D20-47EC-A5AE-915980DBF886}
2012-02-09 17:08:15   --------   d-----w-   c:\users\deanszf\appdata\local\{7EA29C6B-C3F2-405E-AF32-0014E60E6C21}
2012-02-09 17:08:04   --------   d-----w-   c:\users\deanszf\appdata\local\{CF566871-8471-4729-8ED9-B7BE3CB9702A}
2012-02-09 05:07:53   --------   d-----w-   c:\users\deanszf\appdata\local\{754679F0-EA6E-4338-8F16-B30FB5A9934F}
2012-02-09 05:07:42   --------   d-----w-   c:\users\deanszf\appdata\local\{2F04CBEF-2771-47B5-9727-636B240D78F5}
2012-02-08 17:07:31   --------   d-----w-   c:\users\deanszf\appdata\local\{0D883FBE-3C7B-48D9-BC2E-191A4FFA95AE}
2012-02-08 17:07:22   --------   d-----w-   c:\users\deanszf\appdata\local\{79661749-E5B7-451E-B318-9F8C943F7EFD}
2012-02-08 03:39:44   --------   d-----w-   c:\users\deanszf\appdata\local\{2E575AFC-E332-46E2-A8C0-E4E1D5F6156C}
2012-02-08 03:39:34   --------   d-----w-   c:\users\de

Pages: [1]