Help for Ireland

Posted 1/6/2013 7:14 PM
#94948
User avatar

Irishguy 7 Member

Date Joined Nov 2016
Total Posts: 4
I have a popup problem in Google Chrome and I have followed the instructions in your page http://forum.bullguard.com/forum/9/Before-posting-a-log_43562.html <br/> <br/> <br/>I am attaching the files and I would appreciate any help! Many thanks <br/> <br/> <br/> <br/>HiJack this log <br/> <br/> <br/> <br/>Logfile of Trend Micro HijackThis v2.0.2 <br/>Scan saved at 19:01:40, on 06/01/2013 <br/>Platform: Unknown Windows (WinNT 6.01.3505 SP1) <br/>MSIE: Internet Explorer v9.00 (9.00.8112.16457) <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>C:\Windows\system32\taskhost.exe <br/>C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe <br/>C:\Windows\system32\Dwm.exe <br/>C:\Windows\Explorer.EXE <br/>C:\Program Files\TOSHIBA\Utilities\KeNotify.exe <br/>C:\Program Files\Toshiba TEMPRO\TemproTray.exe <br/>C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe <br/>C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe <br/>C:\Windows\System32\igfxtray.exe <br/>C:\Windows\System32\hkcmd.exe <br/>C:\Windows\System32\igfxpers.exe <br/>C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe <br/>C:\Windows\system32\igfxsrvc.exe <br/>C:\Windows\system32\taskeng.exe <br/>C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe <br/>C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe <br/>C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe <br/>C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>C:\Program Files\TOSHIBA\TECO\TEco.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe <br/>C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe <br/>C:\Program Files\Real\realplayer\Update\realsched.exe <br/>C:\Program Files\Synaptics\SynTP\SynTPHelper.exe <br/>C:\Windows\system32\igfxext.exe <br/>C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe <br/>C:\Program Files\Common Files\Java\Java Update\jusched.exe <br/>C:\PROGRA~1\AD-AWA~1\AdAware.exe <br/>C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe <br/>C:\Program Files\Windows Live\Messenger\msnmsgr.exe <br/>C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE <br/>C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe <br/>C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe <br/>C:\Program Files\Trend Micro\HijackThis\HijackThis.exe <br/>C:\Windows\system32\SearchProtocolHost.exe <br/>C:\Windows\system32\SearchFilterHost.exe <br/> <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bubbleshooter.com/ <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = <br/>R3 - URLSearchHook: (no name) - {0fc85f5d-6207-4515-a490-45a549d285c0} - (no file) <br/>O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) <br/>O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll <br/>O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll <br/>O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll <br/>O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll <br/>O2 - BHO: Search Results Toolbar - {fa63398e-322b-4833-9af3-15837ad12138} - C:\Program Files\searchresults\searchresultsDx.dll <br/>O3 - Toolbar: Search Results Toolbar - {fa63398e-322b-4833-9af3-15837ad12138} - C:\Program Files\searchresults\searchresultsDx.dll <br/>O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL <br/>O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP <br/>O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe <br/>O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe <br/>O4 - HKLM\..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe <br/>O4 - HKLM\..\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe <br/>O4 - HKLM\..\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe <br/>O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe <br/>O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe <br/>O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe <br/>O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE <br/>O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe <br/>O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe <br/>O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe <br/>O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe <br/>O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe <br/>O4 - HKLM\..\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r <br/>O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60 <br/>O4 - HKLM\..\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe <br/>O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun <br/>O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe <br/>O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice <br/>O4 - HKLM\..\Run: [autoauto] c.bat <br/>O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\realplayer\update\realsched.exe" -osboot <br/>O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" <br/>O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" <br/>O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET)] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AA473VH05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 <br/>O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background <br/>O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') <br/>O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') <br/>O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') <br/>O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') <br/>O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM') <br/>O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user') <br/>O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') <br/>O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE <br/>O4 - Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe <br/>O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 <br/>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 <br/>O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html <br/>O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll <br/>O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll <br/>O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL <br/>O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll <br/>O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics <br/>O13 - Gopher Prefix: <br/>O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab <br/>O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab <br/>O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com//activex/ractrl.cab?lmi=928 <br/>O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = surgery.local <br/>O17 - HKLM\Software\..\Telephony: DomainName = surgery.local <br/>O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = surgery.local <br/>O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = surgery.local <br/>O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL <br/>O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll <br/>O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe <br/>O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe <br/>O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe <br/>O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe <br/>O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe <br/>O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe <br/>O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <br/>O23 - Service: Support LogMeIn processes with quality assurance feedback (LMIGuardianSvc) - LogMeIn, Inc. - C:\Program Files\LogMeIn Ignition\LMIGuardianSvc.exe <br/>O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe <br/>O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe <br/>O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe <br/>O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe <br/>O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe <br/>O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe <br/>O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe <br/>O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe <br/>O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe <br/>O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe <br/>O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe <br/>O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe <br/>O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe <br/> <br/>-- <br/>End of file - 13692 bytes <br/> <br/> <br/>Malwarebytes log <br/> <br/> <br/> <br/>Malwarebytes Anti-Malware 1.70.0.1100 <br/>www.malwarebytes.org <br/> <br/>Database version: v2013.01.06.03 <br/> <br/>Windows 7 Service Pack 1 x86 NTFS <br/>Internet Explorer 9.0.8112.16421 <br/>Shay :: SHAY-TOSH [administrator] <br/> <br/>06/01/2013 16:53:32 <br/>mbam-log-2013-01-06 (16-53-32).txt <br/> <br/>Scan type: Full scan (C:\|D:\|) <br/>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM <br/>Scan options disabled: P2P <br/>Objects scanned: 368194 <br/>Time elapsed: 1 hour(s), 42 minute(s), <br/> <br/>Memory Processes Detected: 0 <br/>(No malicious items detected) <br/> <br/>Memory Modules Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Keys Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Values Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Data Items Detected: 0 <br/>(No malicious items detected) <br/> <br/>Folders Detected: 0 <br/>(No malicious items detected) <br/> <br/>Files Detected: 0 <br/>(No malicious items detected) <br/> <br/>(end) <br/> <br/> <br/> <br/> <br/> <br/> <br/>DDS Log <br/> <br/> <br/> <br/> <br/> <br/>DDS (Ver_2012-11-20.01) - NTFS_x86 <br/>Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2 <br/>Run by Shay at 18:42:08 on 2013-01-06 <br/>Microsoft Windows 7 Professional 6.1.7601.1.1252.353.1033.18.2909.1558 [GMT 0:00] <br/>. <br/>AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} <br/>AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7} <br/>SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} <br/>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A} <br/>FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC} <br/>. <br/>============== Running Processes ================ <br/>. <br/>C:\Windows\system32\wininit.exe <br/>C:\Windows\system32\lsm.exe <br/>C:\Windows\System32\spoolsv.exe <br/>C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe <br/>C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe <br/>C:\Program Files\LogMeIn Ignition\LMIGuardianSvc.exe <br/>C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe <br/>C:\Program Files\Toshiba TEMPRO\TemproSvc.exe <br/>C:\Windows\system32\TODDSrv.exe <br/>C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe <br/>C:\Program Files\TOSHIBA\TECO\TecoService.exe <br/>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE <br/>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe <br/>C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe <br/>C:\Windows\system32\taskhost.exe <br/>C:\Windows\system32\Dwm.exe <br/>C:\Windows\Explorer.EXE <br/>C:\Program Files\TOSHIBA\Utilities\KeNotify.exe <br/>C:\Program Files\Toshiba TEMPRO\TemproTray.exe <br/>C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe <br/>C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe <br/>C:\Windows\System32\igfxtray.exe <br/>C:\Windows\System32\hkcmd.exe <br/>C:\Windows\System32\igfxpers.exe <br/>C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe <br/>C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe <br/>C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe <br/>C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe <br/>C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>C:\Windows\system32\igfxsrvc.exe <br/>C:\Program Files\TOSHIBA\TECO\TEco.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe <br/>C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe <br/>C:\Windows\system32\taskeng.exe <br/>C:\Program Files\Common Files\Java\Java Update\jusched.exe <br/>C:\Program Files\Synaptics\SynTP\SynTPHelper.exe <br/>C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe <br/>C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe <br/>C:\Windows\system32\igfxext.exe <br/>C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE <br/>C:\Windows\system32\wbem\wmiprvse.exe <br/>C:\Program Files\Windows Media Player\wmpnetwk.exe <br/>C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe <br/>C:\Windows\system32\SearchIndexer.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe <br/>C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe <br/>C:\Windows\system32\DllHost.exe <br/>C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe <br/>C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe <br/>C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe <br/>C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe <br/>C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe <br/>C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe <br/>C:\Program Files\Real\realplayer\update\realsched.exe <br/>C:\Windows\system32\conhost.exe <br/>C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicator.exe <br/>C:\Windows\system32\svchost.exe -k DcomLaunch <br/>C:\Windows\system32\svchost.exe -k RPCSS <br/>C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted <br/>C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted <br/>C:\Windows\system32\svchost.exe -k netsvcs <br/>C:\Windows\system32\svchost.exe -k LocalService <br/>C:\Windows\system32\svchost.exe -k NetworkService <br/>C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork <br/>C:\Windows\system32\svchost.exe -k imgsvc <br/>C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted <br/>C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation <br/>C:\Windows\System32\svchost.exe -k LocalServicePeerNet <br/>. <br/>============== Pseudo HJT Report =============== <br/>. <br/>uStart Page = hxxp://bubbleshooter.com/ <br/>uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH <br/>uURLSearchHooks: {0fc85f5d-6207-4515-a490-45a549d285c0} - <orphaned> <br/>BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> <br/>BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll <br/>BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll <br/>BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll <br/>BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll <br/>BHO: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll <br/>BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll <br/>BHO: Search Results Toolbar: {fa63398e-322b-4833-9af3-15837ad12138} - c:\program files\searchresults\searchresultsDx.dll <br/>TB: Search Results Toolbar: {fa63398e-322b-4833-9af3-15837ad12138} - c:\program files\searchresults\searchresultsDx.dll <br/>uRun: [HP Deskjet 3070 B611 series (NET)] "c:\program files\hp\hp deskjet 3070 b611 series\bin\ScanToPCActivationApp.exe" -deviceID "CN1AA473VH05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 <br/>uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background <br/>mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL <br/>mRun: [HWSetup] "c:\program files\toshiba\utilities\HWSetup.exe" hwSetUP <br/>mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe <br/>mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe <br/>mRun: [Toshiba TEMPRO] c:\program files\toshiba tempro\TemproTray.exe <br/>mRun: [TosNC] c:\program files\toshiba\bulletinboard\TosNcCore.exe <br/>mRun: [TosReelTimeMonitor] c:\program files\toshiba\reeltime\TosReelTimeMonitor.exe <br/>mRun: [IgfxTray] c:\windows\system32\igfxtray.exe <br/>mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe <br/>mRun: [Persistence] c:\windows\system32\igfxpers.exe <br/>mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE <br/>mRun: [HSON] c:\program files\toshiba\tbs\HSON.exe <br/>mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe <br/>mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe <br/>mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe <br/>mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe <br/>mRun: [Teco] "c:\program files\toshiba\teco\Teco.exe" /r <br/>mRun: [ToshibaServiceStation] c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe /hide:60 <br/>mRun: [TosWaitSrv] c:\program files\toshiba\tphm\TosWaitSrv.exe <br/>mRun: [TWebCamera] "c:\program files\toshiba\toshiba web camera application\TWebCamera.exe" autorun <br/>mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaReminder.exe <br/>mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice <br/>mRun: [autoauto] c.bat <br/>mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot <br/>mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" <br/>mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe" <br/>mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run <br/>mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent <br/>dRun: [TOSHIBA Online Product Information] c:\program files\toshiba\toshiba online product information\topi.exe <br/>StartupFolder: c:\users\shay\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE <br/>StartupFolder: c:\users\shay\appdata\roaming\micros~1\windows\startm~1\programs\startup\trdcre~1.lnk - c:\program files\toshiba\trdcreminder\TRDCReminder.exe <br/>uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 <br/>mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 <br/>mPolicies-System: ConsentPromptBehaviorUser = dword:3 <br/>mPolicies-System: EnableLUA = dword:0 <br/>mPolicies-System: EnableUIADesktopToggle = dword:0 <br/>mPolicies-System: PromptOnSecureDesktop = dword:0 <br/>IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 <br/>IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000 <br/>IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html <br/>IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll <br/>IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll <br/>IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll <br/>IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} <br/>. <br/>INFO: HKCU has more than 50 listed domains. <br/>If you wish to scan all of them, select the 'Force scan all domains' option. <br/>. <br/>. <br/>INFO: HKLM has more than 50 listed domains. <br/> If you wish to scan all of them, select the 'Force scan all domains' option. <br/>. <br/>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab <br/>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab <br/>DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab <br/>DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab <br/>DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=928 <br/>TCP: NameServer = 192.168.1.254 <br/>TCP: Interfaces\{6E6E0797-27BF-4B08-B65F-50D57AF6D72A}\1447C616E64796360284F64756C6 : DHCPNameServer = 192.168.1.1 <br/>TCP: Interfaces\{6E6E0797-27BF-4B08-B65F-50D57AF6D72A}\847453230337 : DHCPNameServer = 192.168.1.1 <br/>TCP: Interfaces\{88E1ABD6-C842-4D8F-965A-4487CFDBBAEE} : DHCPNameServer = 192.168.1.254 <br/>TCP: Interfaces\{DBA2B404-7599-4772-A7DA-F25BB4A76994} : DHCPNameServer = 192.168.1.254 <br/>TCP: Interfaces\{DBA2B404-7599-4772-A7DA-F25BB4A76994}\1447C616E64796360284F64756C6 : DHCPNameServer = 192.168.1.1 <br/>TCP: Interfaces\{DBA2B404-7599-4772-A7DA-F25BB4A76994}\44F4D45402642554540294E4455425E4544502143434543535 : DHCPNameServer = 208.67.222.222 208.67.220.220 <br/>TCP: Interfaces\{DBA2B404-7599-4772-A7DA-F25BB4A76994}\74C656E6679656770284F64756C6 : DHCPNameServer = 10.128.128.128 <br/>TCP: Interfaces\{DBA2B404-7599-4772-A7DA-F25BB4A76994}\8445340205F627471626C6560284F6473707F647 : DHCPNameServer = 192.168.1.1 <br/>TCP: Interfaces\{DBA2B404-7599-4772-A7DA-F25BB4A76994}\847453230337 : DHCPNameServer = 192.168.1.1 <br/>TCP: Interfaces\{DBA2B404-7599-4772-A7DA-F25BB4A76994}\E4544574541425 : DHCPNameServer = 192.168.1.254 <br/>Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll <br/>Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll <br/>Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll <br/>Notify: igfxcui - igfxdev.dll <br/>SSODL: WebCheck - <orphaned> <br/>Hosts: 127.0.0.1 www.spywareinfo.com <br/>. <br/>============= SERVICES / DRIVERS =============== <br/>. <br/>R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-1-5 13560] <br/>R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2012-12-14 1236968] <br/>R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712] <br/>R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448] <br/>R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-3-24 133512] <br/>R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-3-24 810120] <br/>R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2010-3-24 96896] <br/>R2 LMIGuardianSvc;Support LogMeIn processes with quality assurance feedback;c:\program files\logmein ignition\LMIGuardianSvc.exe [2011-5-17 374160] <br/>R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2012-6-8 12856] <br/>R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2012-7-24 47640] <br/>R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-10-17 398184] <br/>R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-10-17 682344] <br/>R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2011-9-15 88576] <br/>R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-10-17 1153368] <br/>R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\toshiba tempro\TemproSvc.exe [2010-5-11 124368] <br/>R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2009-8-27 185712] <br/>R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-6-19 12920] <br/>R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-7-10 122880] <br/>R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-10-17 21104] <br/>R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2010-3-20 24064] <br/>R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-9-4 167936] <br/>R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [2010-4-26 1117800] <br/>R3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2010-3-20 51512] <br/>R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-8-3 111960] <br/>R3 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2009-8-6 685424] <br/>S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] <br/>S2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2012-9-20 3677000] <br/>S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] <br/>S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] <br/>S3 BFAIFILT;BFAIFILT;c:\windows\system32\drivers\BFAIFILT.SYS [2010-6-9 3264] <br/>S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088] <br/>S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-23 23040] <br/>S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-3-20 171520] <br/>S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187B.sys [2010-3-31 379904] <br/>S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] <br/>S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-21 52224] <br/>S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-19 1343400] <br/>. <br/>=============== Created Last 30 ================ <br/>. <br/>2013-01-06 13:06:01 -------- d-----w- c:\users\shay\appdata\local\{E173668E-72CE-411B-9CF1-2064B5801725} <br/>2013-01-05 21:58:45 -------- d-----w- c:\users\shay\appdata\local\{6797C86C-4210-4081-8469-1B4073D4DBFF} <br/>2013-01-05 14:33:41 -------- d-----w- c:\program files\CCleaner <br/>2013-01-05 08:44:11 -------- d-----w- c:\programdata\Ad-Aware Antivirus <br/>2013-01-05 08:38:40 -------- d-----w- c:\users\shay\appdata\local\{2413B51D-3DBF-4D26-B2B5-AF39D2D13487} <br/>2013-01-05 08:31:12 -------- d-----w- c:\program files\Ad-Aware Antivirus <br/>2013-01-05 08:30:31 44424 ----a-w- c:\windows\system32\sbbd.exe <br/>2013-01-05 08:30:31 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys <br/>2013-01-05 08:29:30 -------- d-----w- c:\users\shay\appdata\local\adawarebp <br/>2013-01-05 08:29:30 -------- d-----w- c:\programdata\blekko toolbars <br/>2013-01-05 08:29:26 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection <br/>2013-01-05 08:29:19 -------- d-----w- c:\program files\adawaretb <br/>2013-01-05 08:29:15 -------- d-----w- c:\program files\Toolbar Cleaner <br/>2013-01-04 21:10:31 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{a6eeb176-ce8c-43be-bfe2-697cb61a8579}\mpengine.dll <br/>2013-01-04 20:38:11 -------- d-----w- c:\users\shay\appdata\local\{CA028A43-5F55-477B-AAAB-B9A7AD2AC714} <br/>2013-01-03 19:22:10 -------- d-----w- c:\users\shay\appdata\local\{2B2BA704-DF6B-4C31-9A43-0C6B3418D467} <br/>2013-01-02 20:42:20 -------- d-----w- c:\users\shay\appdata\local\{01CFDABE-FCC8-449A-9B1F-36861669C05E} <br/>2013-01-02 07:48:41 -------- d-----w- c:\users\shay\appdata\local\{ECC14C1F-DD4B-463F-93EE-A399ABDB3AF9} <br/>2013-01-01 17:18:25 -------- d-----w- c:\users\shay\appdata\local\{F684EBB3-96EF-451D-8E44-F6ABA4FBA15F} <br/>2013-01-01 05:18:01 -------- d-----w- c:\users\shay\appdata\local\{33EE449F-57C2-49F0-BEC1-6F2E5A9DB89F} <br/>2012-12-31 17:05:06 -------- d-----w- c:\users\shay\appdata\local\{7DA3A944-6B35-482D-B78D-0A69C3672FF9} <br/>2012-12-31 13:55:25 -------- d-----w- c:\users\shay\appdata\local\{79C11CA4-FB8D-4F58-8A9E-3F772B1143B7} <br/>2012-12-31 00:36:10 -------- d-----w- c:\users\shay\appdata\local\{547E8236-AA1D-4EC7-B238-78BA1B0DEB42} <br/>2012-12-30 15:18:23 -------- d-----w- c:\users\shay\appdata\local\Programs <br/>2012-12-30 12:35:42 -------- d-----w- c:\users\shay\appdata\local\{A247606C-0604-42ED-A6DF-D30CE75A1C8D} <br/>2012-12-29 23:23:19 -------- d-----w- c:\users\shay\appdata\local\{7E8D8655-9319-4FDF-8BF3-245DFA0454E5} <br/>2012-12-29 08:40:23 -------- d-----w- c:\users\shay\appdata\local\{29D266DE-29CB-4346-A588-B4A4D24B244B} <br/>2012-12-28 20:09:23 -------- d-----w- c:\users\shay\appdata\local\{E7A56651-08AB-4EB5-ACE8-283D14DA8D86} <br/>2012-12-27 19:10:48 -------- d-----w- c:\users\shay\appdata\local\{23068A7B-9C90-4CD1-927B-53079092745E} <br/>2012-12-26 22:39:41 -------- d-----w- c:\users\shay\appdata\local\{D78274B8-F464-4688-A417-ABA46E670711} <br/>2012-12-26 09:49:54 -------- d-----w- c:\users\shay\appdata\local\{C93D4C4F-BB2E-4E21-B0FC-324969994E23} <br/>2012-12-25 21:49:29 -------- d-----w- c:\users\shay\appdata\local\{164A1125-A944-4F6D-AAC3-C894FF3F9B82} <br/>2012-12-25 09:26:29 -------- d-----w- c:\users\shay\appdata\local\{F5DF4EAB-B124-4FCD-90F9-F4D702A663AB} <br/>2012-12-24 14:50:27 -------- d-----w- c:\users\shay\appdata\local\{5361CF19-A55E-4F6A-A948-2BA19C7B1BBF} <br/>2012-12-23 20:27:59 -------- d-----w- c:\users\shay\appdata\local\{EF094FDB-31AA-40B8-880B-4E5E231C9CC5} <br/>2012-12-23 07:47:57 -------- d-----w- c:\users\shay\appdata\local\{736DBC96-174D-4C13-ACFF-FAC9F097C01E} <br/>2012-12-22 10:29:51 -------- d-----w- c:\users\shay\appdata\local\{1010F0A8-7128-4E23-BC85-93AE9F9A9666} <br/>2012-12-21 21:10:06 -------- d-----w- c:\users\shay\appdata\local\{9B9B4683-D368-41B6-A647-849AAE4EC32C} <br/>2012-12-21 06:49:28 295424 ----a-w- c:\windows\system32\atmfd.dll <br/>2012-12-21 06:49:27 34304 ----a-w- c:\windows\system32\atmlib.dll <br/>2012-12-21 06:49:07 -------- d-----w- c:\users\shay\appdata\local\{3A6658EA-45C7-47D2-8A1D-E39A361FA1C1} <br/>2012-12-20 18:19:13 -------- d-----w- c:\users\shay\appdata\local\{28E9E078-B136-4417-BF7A-6E3F43107279} <br/>2012-12-19 12:10:53 -------- d-----w- c:\users\shay\appdata\local\{7DA72B2A-8E67-4326-A77F-FE9C9ED126ED} <br/>2012-12-18 20:31:56 -------- d-----w- c:\users\shay\appdata\local\{062F348B-0CE4-48AB-B179-672D81AD792A} <br/>2012-12-17 23:23:48 -------- d-----w- c:\users\shay\appdata\local\{89BD7E56-EEC8-4DF1-AC8B-ECEC01272F02} <br/>2012-12-17 12:19:29 -------- d-----w- c:\users\shay\appdata\local\{0816280F-3FCC-4F7D-8473-D18DB6A200E1} <br/>2012-12-16 21:57:35 -------- d-----w- c:\users\shay\appdata\local\{B2801D06-0A52-4FBF-86C1-0637A02F7BC6} <br/>2012-12-16 08:09:55 -------- d-----w- c:\users\shay\appdata\local\{A2CABE21-4319-4B6F-8E9C-ABFEE6AE72BD} <br/>2012-12-15 12:55:50 -------- d-----w- c:\users\shay\appdata\local\{9263D24E-8365-410E-9A9A-FABB22D6CE95} <br/>2012-12-15 00:54:08 -------- d-----w- c:\users\shay\appdata\local\{ABB5009D-22F9-4B89-B282-65E530670CDA} <br/>2012-12-14 06:51:07 -------- d-----w- c:\users\shay\appdata\local\{8A3311E4-5BC0-4255-8719-B346434125F9} <br/>2012-12-13 18:50:31 -------- d-----w- c:\users\shay\appdata\local\{8274F4EA-ED45-4716-AE40-FCEF21D0F1F0} <br/>2012-12-12 19:03:00 -------- d-----w- c:\users\shay\appdata\local\{736722B9-EFAB-4943-85F2-D79F6A6B3A49} <br/>2012-12-12 06:20:29 376832 ----a-w- c:\windows\system32\dpnet.dll <br/>2012-12-12 06:19:51 2048 ----a-w- c:\windows\system32\tzres.dll <br/>2012-12-11 20:42:21 -------- d-----w- c:\users\shay\appdata\local\{D268AE05-C2E7-4EE0-8820-4C71C243675F} <br/>2012-12-11 07:16:37 -------- d-----w- c:\users\shay\appdata\local\{F27DCDF6-52DF-4AA0-A2AF-B61C5BEF0F66} <br/>2012-12-10 19:16:13 -------- d-----w- c:\users\shay\appdata\local\{E3246DD2-96E9-4BF4-A92C-CF516752D05E} <br/>2012-12-10 02:18:11 -------- d-----w- c:\users\shay\appdata\local\{75E760FC-DD3E-4E0E-A6E5-DD00EBFA0203} <br/>2012-12-09 11:38:45 -------- d-----w- c:\users\shay\appdata\local\{35CF7568-2D53-40EA-BE75-DD9167581880} <br/>2012-12-08 23:32:41 -------- d-----w- c:\users\shay\appdata\local\{D3EAB04A-D385-4FE9-894F-33DE3F27312B} <br/>2012-12-08 10:39:43 -------- d-----w- c:\users\shay\appdata\local\{9B6A190E-8622-4F84-AAA3-397D64E49B04} <br/>2012-12-07 20:31:30 -------- d-----w- c:\users\shay\appdata\local\{CF5A2B05-7962-4B61-A7AE-399A6081C295} <br/>. <br/>==================== Find3M ==================== <br/>. <br/>2012-12-14 16:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys <br/>2012-12-11 20:48:09 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl <br/>2012-12-11 20:48:09 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe <br/>2012-11-22 02:56:02 2345984 ----a-w- c:\windows\system32\win32k.sys <br/>2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll <br/>2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl <br/>2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll <br/>2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe <br/>2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll <br/>2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb <br/>2012-10-23 06:33:23 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll <br/>2012-10-23 06:33:12 821736 ----a-w- c:\windows\system32\npDeployJava1.dll <br/>2012-10-23 06:33:11 746984 ----a-w- c:\windows\system32\deployJava1.dll <br/>2012-10-17 19:16:47 14664 ----a-w- c:\windows\stinger.sys <br/>2012-10-16 07:39:52 561664 ----a-w- c:\windows\apppatch\AcLayers.dll <br/>2012-10-09 17:40:31 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll <br/>2012-10-09 17:40:31 193536 ----a-w- c:\windows\system32\dhcpcore6.dll <br/>. <br/>============= FINISH: 18:42:39.85 =============== <br/> <br/> <br/>Attach Log <br/> <br/> <br/> <br/>. <br/>UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. <br/>IF REQUESTED, ZIP IT UP & ATTACH IT <br/>. <br/>DDS (Ver_2012-11-20.01) <br/>. <br/>Microsoft Windows 7 Professional <br/>Boot Device: \Device\HarddiskVolume1 <br/>Install Date: 13/04/2010 17:02:01 <br/>System Uptime: 05/01/2013 15:21:17 (27 hours ago) <br/>. <br/>Motherboard: TOSHIBA | | KSWAA <br/>Processor: Intel(R) Core(TM)2 Duo CPU T6570 @ 2.10GHz | U2E1 | 1197/mhz <br/>. <br/>==== Disk Partitions ========================= <br/>. <br/>C: is FIXED (NTFS) - 233 GiB total, 154.772 GiB free. <br/>D: is FIXED (NTFS) - 232 GiB total, 227.092 GiB free. <br/>E: is CDROM () <br/>. <br/>==== Disabled Device Manager Items ============= <br/>. <br/>==== System Restore Points =================== <br/>. <br/>RP405: 04/12/2012 21:27:17 - Windows Update <br/>RP406: 12/12/2012 06:12:52 - Windows Update <br/>RP407: 13/12/2012 03:00:29 - Windows Update <br/>RP408: 18/12/2012 20:44:22 - Windows Update <br/>RP409: 21/12/2012 06:48:39 - Windows Update <br/>RP410: 25/12/2012 12:12:32 - Windows Update <br/>RP411: 29/12/2012 04:42:21 - Windows Update <br/>RP412: 01/01/2013 11:47:23 - Windows Update <br/>RP413: 04/01/2013 21:09:38 - Windows Update <br/>. <br/>==== Installed Programs ====================== <br/>. <br/> Update for Microsoft Office 2007 (KB2508958) <br/>Acrobat.com <br/>Ad-Aware Antivirus <br/>Ad-Aware Browsing Protection <br/>Adobe AIR <br/>Adobe Flash Player 11 ActiveX <br/>Adobe Reader 9.5.2 <br/>Amazon.co.uk <br/>Audacity 2.0 <br/>AVS Audio Converter version 6.2 <br/>AVS Update Manager 1.0 <br/>Big Red Book Accounts v4 <br/>Camera Support Core Library <br/>Camera Window DS <br/>Camera Window DVC <br/>Camera Window MC <br/>Canon Camera Support Core Library <br/>Canon Camera WIA Driver <br/>Canon Camera Window DS for ZoomBrowser EX <br/>Canon Camera Window DVC for ZoomBrowser EX <br/>Canon Camera Window for ZoomBrowser EX <br/>Canon EOS Kiss_N REBEL_XT 350D WIA Driver <br/>Canon Internet Library for ZoomBrowser EX <br/>Canon PhotoRecord <br/>Canon RAW Image Task for ZoomBrowser EX <br/>Canon RemoteCapture Task for ZoomBrowser EX <br/>Canon Utilities Digital Photo Professional 1.6 <br/>Canon Utilities EOS Capture 1.3 <br/>Canon Utilities PhotoStitch 3.1 <br/>Canon ZoomBrowser EX <br/>CCleaner <br/>D3DX10 <br/>Easy MP3 Cutter 2.9 <br/>eBay <br/>EOS Capture 1.3 <br/>ESET NOD32 Antivirus <br/>Free Word Excel Password Wizard <br/>FreeTorrentViewer <br/>Google Chrome <br/>Google Earth <br/>Google Update Helper <br/>Hofmann 7.3 <br/>HP Deskjet 3070 B611 series Basic Device Software <br/>HP Deskjet 3070 B611 series Help <br/>HTC BMP USB Driver <br/>HTC Driver Installer <br/>HTC Sync <br/>Intel(R) Graphics Media Accelerator Driver <br/>Intel® Matrix Storage Manager <br/>Internet Library <br/>Java 7 Update 9 <br/>Java Auto Updater <br/>Java(TM) 6 Update 31 <br/>Junk Mail filter update <br/>LogMeIn <br/>LogMeIn Ignition <br/>Malwarebytes Anti-Malware version 1.70.0.1100 <br/>Microsoft .NET Framework 1.1 <br/>Microsoft .NET Framework 1.1 Security Update (KB953297) <br/>Microsoft .NET Framework 4 Client Profile <br/>Microsoft Application Error Reporting <br/>Microsoft Office 2007 Service Pack 3 (SP3) <br/>Microsoft Office Excel MUI (English) 2007 <br/>Microsoft Office File Validation Add-In <br/>Microsoft Office Home and Student 2007 <br/>Microsoft Office OneNote MUI (English) 2007 <br/>Microsoft Office PowerPoint MUI (English) 2007 <br/>Microsoft Office Proof (English) 2007 <br/>Microsoft Office Proof (French) 2007 <br/>Microsoft Office Proof (Spanish) 2007 <br/>Microsoft Office Proofing (English) 2007 <br/>Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) <br/>Microsoft Office Shared MUI (English) 2007 <br/>Microsoft Office Shared Setup Metadata MUI (English) 2007 <br/>Microsoft Office Suite Activation Assistant <br/>Microsoft Office Word MUI (English) 2007 <br/>Microsoft Silverlight <br/>Microsoft SQL Server 2005 Compact Edition [ENU] <br/>Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 <br/>Microsoft Visual C++ 2005 Redistributable <br/>Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 <br/>MSVCRT <br/>MSXML 4.0 SP3 Parser <br/>MSXML 4.0 SP3 Parser (KB2721691) <br/>MSXML 4.0 SP3 Parser (KB973685) <br/>OGA Notifier 2.0.0048.0 <br/>PhotoStitch <br/>Picasa 3 <br/>PlayReady PC Runtime x86 <br/>RAW Image Task 2.0 <br/>RealNetworks - Microsoft Visual C++ 2008 Runtime <br/>RealPlayer <br/>Realtek 8136 8168 8169 Ethernet Driver <br/>Realtek High Definition Audio Driver <br/>Realtek USB 2.0 Card Reader <br/>Realtek WLAN Driver <br/>RealUpgrade 1.1 <br/>RemoteCapture Task 1.1 <br/>Search Results Toolbar <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) <br/>Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition <br/>Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition <br/>Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition <br/>Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition <br/>Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition <br/>Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition <br/>Skype Toolbars <br/>Skype(TM) Launcher <br/>Skype™ 5.10 <br/>Spybot - Search & Destroy <br/>Synaptics Pointing Device Driver <br/>Thesaurus 2010 Payroll Standard Version <br/>TOSHIBA Assist <br/>TOSHIBA Bulletin Board <br/>TOSHIBA ConfigFree <br/>TOSHIBA Disc Creator <br/>TOSHIBA DVD PLAYER <br/>TOSHIBA eco Utility <br/>TOSHIBA Extended Tiles for Windows Mobility Center <br/>TOSHIBA Face Recognition <br/>TOSHIBA Flash Cards Support Utility <br/>TOSHIBA Hardware Setup <br/>TOSHIBA HDD/SSD Alert <br/>Toshiba Manuals <br/>Toshiba Online Product Information <br/>TOSHIBA PC Health Monitor <br/>Toshiba Photo Service - powered by myphotobook <br/>TOSHIBA Recovery Media Creator <br/>TOSHIBA Recovery Media Creator Reminder <br/>TOSHIBA ReelTime <br/>TOSHIBA SD Memory Utilities <br/>TOSHIBA Service Station <br/>TOSHIBA Supervisor Password <br/>Toshiba TEMPRO <br/>TOSHIBA Value Added Package <br/>TOSHIBA Web Camera Application <br/>TRORMCLauncher <br/>TrueCrypt <br/>Update for 2007 Microsoft Office System (KB967642) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2468871) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2533523) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2600217) <br/>Update for Microsoft Office 2007 Help for Common Features (KB963673) <br/>Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition <br/>Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition <br/>Update for Microsoft Office Excel 2007 Help (KB963678) <br/>Update for Microsoft Office OneNote 2007 Help (KB963670) <br/>Update for Microsoft Office Powerpoint 2007 Help (KB963669) <br/>Update for Microsoft Office Script Editor Help (KB963671) <br/>Update for Microsoft Office Word 2007 Help (KB963665) <br/>Utility Common Driver <br/>VLC media player 1.1.0 <br/>WavePad Sound Editor <br/>Windows Live Communications Platform <br/>Windows Live Essentials <br/>Windows Live ID Sign-in Assistant <br/>Windows Live Installer <br/>Windows Live Mail <br/>Windows Live Messenger <br/>Windows Live MIME IFilter <br/>Windows Live Movie Maker <br/>Windows Live Photo Common <br/>Windows Live Photo Gallery <br/>Windows Live PIMT Platform <br/>Windows Live SOXE <br/>Windows Live SOXE Definitions <br/>Windows Live Sync <br/>Windows Live UX Platform <br/>Windows Live UX Platform Language Pack <br/>Windows Live Writer <br/>Windows Live Writer Resources <br/>Windows Media Player Firefox Plugin <br/>WinRAR archiver <br/>Word Password Recovery Master 3.5 <br/>Yahoo! Messenger <br/>YouTube Downloader 2.7.2 <br/>. <br/>==== Event Viewer Messages From Past Week ======== <br/>. <br/>06/01/2013 17:07:48, Error: NETLOGON [5719] - This computer was not able to set up a secure session with a domain controller in domain SURGERY due to the following: There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain. <br/>06/01/2013 16:56:58, Error: Microsoft-Windows-GroupPolicy [1129] - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator. <br/>06/01/2013 16:07:44, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. <br/>06/01/2013 03:17:59, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service. <br/>05/01/2013 15:23:26, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. <br/>05/01/2013 15:22:46, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. <br/>05/01/2013 15:22:46, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. <br/>05/01/2013 15:18:52, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service. <br/>05/01/2013 15:13:00, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s). <br/>05/01/2013 11:38:37, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. <br/>05/01/2013 09:24:57, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service. <br/>03/01/2013 06:22:34, Error: Microsoft-Windows-GroupPolicy [1007] - The processing of Group Policy failed. Windows could not determine the site associated for this computer, which is required for Group Policy processing. <br/>. <br/>==== End Of File ===========================
Posted 1/8/2013 8:36 PM
#94956
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hello Irishguy 7 :smile: <br/> <br/> <br/> <br/> <br/>Looks like you have 2 active antivirus running. <br/> <br/> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt" lang=EN-GB><?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p> </o:p> <br/> <br/><SPAN style="mso-ansi-language: EN-GB" lang=EN-GB>[3]Running two antivirus products on the same computer can degrade performance and cause system instability.[/3]<SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt" lang=EN-GB> <br/>I´ll therefore suggest you remove Ad-Aware Antivirus or NOD32 Antivirus <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt" lang=EN-GB> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt" lang=EN-GB> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt" lang=EN-GB> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt" lang=EN-GB><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt" lang=EN-GB>Please download Adwcleaner. <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt" lang=EN-GB><b><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN-GB">[3]<SPAN style="mso-spacerun: yes"> <br/><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN-GB; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial" lang=EN-GB> <br/><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN-GB" lang=EN-GB><SPAN style="mso-spacerun: yes"> <SPAN style="COLOR: windowtext; TEXT-DECORATION: none; text-underline: none">http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner[/3][/url]<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN-GB" lang=EN-GB><o:p> </o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN-GB; mso-bidi-font-family: 'Times New Roman'" lang=EN-GB><o:p> </o:p> <br/> <br/><UL style="MARGIN-TOP: 0cm" type=disc> <br/><LI style="LINE-HEIGHT: 13.5pt; MARGIN: 0cm 0cm 0pt; BACKGROUND: white; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN-GB; mso-bidi-font-size: 13.0pt; mso-bidi-font-family: Arial" lang=EN-GB>Double click on<SPAN class=apple-converted-space> AdwCleaner.exe<SPAN class=apple-converted-space> to run the tool.<SPAN class=apple-converted-space> <br/>***Note: Windows <?xml:namespace prefix = st1 ns = "urn:schemas-microsoft-com:office:smarttags" /><st1:place w:st="on">Vista</st1:place> and Windows 7 users:<SPAN class=apple-converted-space> <br/>Right click in the<SPAN class=apple-converted-space> adwCleaner.exe<SPAN class=apple-converted-space> and select<SPAN class=apple-converted-space> – Run as admin<SPAN class=apple-converted-space> <o:p></o:p></LI></UL> <br/><UL style="MARGIN-TOP: 0cm" type=disc> <br/><LI style="LINE-HEIGHT: 13.5pt; MARGIN: 0cm 0cm 0pt; BACKGROUND: white; mso-list: l1 level1 lfo2; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Tahoma; mso-bidi-font-size: 13.0pt; mso-bidi-font-family: Arial">Click<SPAN class=apple-converted-space> Delete.<SPAN class=apple-converted-space> <o:p></o:p></LI> <br/><LI style="LINE-HEIGHT: 13.5pt; MARGIN: 0cm 0cm 0pt; BACKGROUND: white; mso-list: l1 level1 lfo2; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN-GB; mso-bidi-font-size: 13.0pt; mso-bidi-font-family: Arial" lang=EN-GB>Everything<SPAN class=apple-converted-space> that was found will be deleted.<SPAN class=apple-converted-space> <o:p></o:p></LI> <br/><LI style="LINE-HEIGHT: 13.5pt; MARGIN: 0cm 0cm 0pt; BACKGROUND: white; mso-list: l1 level1 lfo2; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN-GB; mso-bidi-font-size: 13.0pt; mso-bidi-font-family: Arial" lang=EN-GB>Save any open files and approve the reboot. A text file will open after the restart</LI></UL> <br/><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN-GB; mso-bidi-font-size: 13.0pt; mso-bidi-font-family: Arial" lang=EN-GB> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN-GB; mso-bidi-font-size: 13.0pt; mso-bidi-font-family: Arial" lang=EN-GB> <br/><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN-GB; mso-bidi-font-size: 13.0pt; mso-bidi-font-family: Arial" lang=EN-GB> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: black; FONT-SIZE: 10pt; mso-ansi-language: EN" lang=EN>We need to get a comprehensive report of what is present in your system.<BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break"><o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; mso-ansi-language: EN" lang=EN><o:p> </o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: black; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>Download <SPAN style="mso-bidi-font-weight: bold">OTL by OldTimer, saving it to your desktop: <SPAN style="FONT-FAMILY: Tahoma; COLOR: black; FONT-SIZE: 10pt"><a target="_blank" href="http://oldtimer.geekstogo.com/OTL.exe"><SPAN style="COLOR: black; mso-ansi-language: EN-GB" lang=EN-GB>[2]netsvcs<o:p></o:p>[/2]</PRE> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>activex<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>msconfig<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>%SYSTEMDRIVE%\*.<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>%PROGRAMFILES%\*.exe<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>%LOCALAPPDATA%\*.exe<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>%windir%\Installer\*.*<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>%windir%\system32\tasks\*.*<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>%systemroot%\Fonts\*.exe<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>%systemroot%\*. /mp /s<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>/md5start<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>consrv.dll<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>explorer.exe<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>winlogon.exe<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>regedit.exe<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>Userinit.exe<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>svchost.exe<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>MRESP50.SYS<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>CBPSp50.sys<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>/md5stop<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>C:\Windows\assembly\tmp\U\*.* /s<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>%Temp%\smtmp\1\*.*<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>%Temp%\smtmp\2\*.*<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>%Temp%\smtmp\3\*.*<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>%Temp%\smtmp\4\*.*<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>>C:\commands.txt echo list vol /raw /hide /c<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>/wait<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>/wait<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>type c:\diskreport.txt /c<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>/wait<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>erase c:\commands.txt /hide /c<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>/wait<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>erase c:\diskreport.txt /hide /c<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; COLOR: #4c6573; FONT-SIZE: 10pt">CREATERESTOREPOINT<o:p></o:p> <br/> <br/><UL type=disc> <br/><LI style="LINE-HEIGHT: 13.5pt; MARGIN: 0cm 15pt 0pt 0cm; BACKGROUND: white; mso-list: l0 level1 lfo2; tab-stops: list 36.0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto" class=MsoNormal><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt"><o:p> </o:p></LI> <br/><LI style="LINE-HEIGHT: 16.8pt; MARGIN: 0cm 0cm 0pt; BACKGROUND: #e7eaef; COLOR: black; mso-list: l0 level1 lfo2; tab-stops: list 36.0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto" class=MsoNormal><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>Click the <SPAN class=bbcu1>Quick Scan button. Do not change any settings unless otherwise told to do so. <SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt">The scan wont take long.<o:p></o:p></LI></UL> <br/><UL type=disc> <br/><UL type=disc> <br/><LI style="LINE-HEIGHT: 16.8pt; MARGIN: 0cm 0cm 0pt; BACKGROUND: #e7eaef; COLOR: black; mso-list: l0 level2 lfo3; tab-stops: list 72.0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto" class=MsoNormal><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>When the scan completes, it will open two notepad windows. <SPAN style="FONT-FAMILY: Tahoma; FONT-WEIGHT: normal; mso-bidi-font-weight: bold">OTL.Txt and <SPAN style="FONT-FAMILY: Tahoma; FONT-WEIGHT: normal; mso-bidi-font-weight: bold">Extras.Txt. These are saved in the same location as OTL.<o:p></o:p></LI> <br/><LI style="LINE-HEIGHT: 16.8pt; MARGIN: 0cm 0cm 0pt; BACKGROUND: #e7eaef; COLOR: black; mso-list: l0 level2 lfo3; tab-stops: list 72.0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto" class=MsoNormal><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt">Post both logs<o:p></o:p></LI></UL></UL></b>

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 1/8/2013 9:55 PM
#94958
User avatar

Irishguy 7 Member

Date Joined Nov 2016
Total Posts: 4
Thank you for your help. I am posting the files generated by OTL.exe <br/> <br/> <br/>OTL logfile created on: 1/8/2013 9:27:27 PM - Run 1 <br/>OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shay\Desktop <br/> Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation <br/>Internet Explorer (Version = 9.0.8112.16421) <br/>Locale: 00000409 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy <br/> <br/>2.84 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 59.14% Memory free <br/>5.68 Gb Paging File | 4.33 Gb Available in Paging File | 76.19% Paging File free <br/>Paging file location(s): ?:\pagefile.sys [binary data] <br/> <br/>%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files <br/>Drive C: | 232.88 Gb Total Space | 156.98 Gb Free Space | 67.41% Space Free | Partition Type: NTFS <br/>Drive D: | 232.49 Gb Total Space | 227.09 Gb Free Space | 97.68% Space Free | Partition Type: NTFS <br/> <br/>Computer Name: SHAY-TOSH | User Name: Shay | Logged in as Administrator. <br/>Boot Mode: Normal | Scan Mode: All users | Quick Scan <br/>Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days <br/> <br/>[color=#E56717]========== Processes (SafeList) ==========[/color] <br/> <br/>PRC - [2013/01/08 21:22:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Shay\Desktop\OTL.exe <br/>PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe <br/>PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe <br/>PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe <br/>PRC - [2012/12/05 01:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe <br/>PRC - [2011/11/27 21:41:39 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\realplayer\Update\realsched.exe <br/>PRC - [2011/09/15 12:06:04 | 000,088,576 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe <br/>PRC - [2011/05/17 13:11:04 | 000,374,160 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn Ignition\LMIGuardianSvc.exe <br/>PRC - [2011/03/30 18:46:06 | 001,721,192 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe <br/>PRC - [2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe <br/>PRC - [2010/11/20 12:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe <br/>PRC - [2010/05/11 08:41:08 | 001,050,072 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproTray.exe <br/>PRC - [2010/05/11 08:40:52 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe <br/>PRC - [2010/03/24 19:31:50 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe <br/>PRC - [2010/03/24 19:31:00 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe <br/>PRC - [2009/08/27 13:37:10 | 000,185,712 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe <br/>PRC - [2009/08/26 18:00:06 | 001,324,384 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TEco.exe <br/>PRC - [2009/08/17 10:48:46 | 001,294,136 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe <br/>PRC - [2009/08/17 10:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe <br/>PRC - [2009/08/13 12:31:24 | 000,521,528 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe <br/>PRC - [2009/08/10 19:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe <br/>PRC - [2009/08/06 17:05:18 | 000,583,024 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe <br/>PRC - [2009/08/06 17:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe <br/>PRC - [2009/08/06 14:02:02 | 000,029,528 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe <br/>PRC - [2009/08/06 12:06:58 | 000,466,792 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe <br/>PRC - [2009/08/05 14:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe <br/>PRC - [2009/08/05 14:18:08 | 000,476,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe <br/>PRC - [2009/08/05 14:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe <br/>PRC - [2009/08/03 17:16:50 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe <br/>PRC - [2009/08/03 17:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe <br/>PRC - [2009/07/28 20:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe <br/>PRC - [2009/07/28 14:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe <br/>PRC - [2009/07/13 15:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe <br/>PRC - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe <br/>PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe <br/>PRC - [2009/01/13 20:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe <br/> <br/> <br/>[color=#E56717]========== Modules (No Company Name) ==========[/color] <br/> <br/>MOD - [2012/12/05 01:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll <br/>MOD - [2012/12/05 01:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll <br/>MOD - [2012/12/05 01:14:29 | 000,587,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\libglesv2.dll <br/>MOD - [2012/12/05 01:14:28 | 000,124,520 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\libegl.dll <br/>MOD - [2012/12/05 01:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avutil-51.dll <br/>MOD - [2012/12/05 01:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avformat-54.dll <br/>MOD - [2012/12/05 01:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll <br/>MOD - [2012/11/24 20:52:57 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\4a29fb5e489e57ccc97b19ca70db94a8\Microsoft.VisualBasic.ni.dll <br/>MOD - [2012/11/18 07:40:29 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll <br/>MOD - [2012/11/18 07:39:52 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll <br/>MOD - [2012/11/18 07:39:05 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll <br/>MOD - [2012/11/18 07:38:47 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll <br/>MOD - [2012/11/18 07:38:43 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll <br/>MOD - [2012/11/18 07:38:16 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll <br/>MOD - [2012/11/18 07:37:59 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll <br/>MOD - [2012/11/18 07:37:54 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll <br/>MOD - [2012/11/18 07:37:52 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll <br/>MOD - [2012/11/18 07:37:13 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll <br/>MOD - [2012/07/31 01:08:04 | 000,016,872 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll <br/>MOD - [2010/04/17 12:29:01 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll <br/>MOD - [2010/03/15 10:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll <br/>MOD - [2009/08/03 17:17:24 | 000,079,192 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll <br/>MOD - [2009/07/29 15:35:38 | 000,014,648 | ---- | M] () -- C:\Program Files\TOSHIBA\TBS\NotifyTBS.dll <br/>MOD - [2009/07/16 15:27:48 | 000,052,536 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll <br/>MOD - [2009/07/16 15:27:44 | 007,263,544 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll <br/>MOD - [2009/06/22 14:38:40 | 000,015,160 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll <br/>MOD - [2009/03/12 19:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll <br/>MOD - [2006/10/07 11:57:04 | 000,053,248 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll <br/> <br/> <br/>[color=#E56717]========== Services (SafeList) ==========[/color] <br/> <br/>SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService) <br/>SRV - [2013/01/08 20:44:15 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) <br/>SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) <br/>SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) <br/>SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) <br/>SRV - [2012/07/05 17:09:38 | 000,136,616 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint) <br/>SRV - [2012/06/08 11:06:24 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn) <br/>SRV - [2011/09/15 12:06:04 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) <br/>SRV - [2011/05/17 13:11:04 | 000,374,160 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Ignition\LMIGuardianSvc.exe -- (LMIGuardianSvc) <br/>SRV - [2010/05/19 04:44:24 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) <br/>SRV - [2010/05/11 08:40:52 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) <br/>SRV - [2010/03/24 19:39:48 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) <br/>SRV - [2010/03/24 19:31:50 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) <br/>SRV - [2009/08/27 13:37:10 | 000,185,712 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service) <br/>SRV - [2009/08/17 10:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) <br/>SRV - [2009/08/10 19:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService) <br/>SRV - [2009/08/06 17:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv) <br/>SRV - [2009/08/05 14:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) <br/>SRV - [2009/08/03 17:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service) <br/>SRV - [2009/07/28 14:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) <br/>SRV - [2009/07/14 01:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) <br/>SRV - [2009/07/14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) <br/>SRV - [2009/07/14 01:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) <br/>SRV - [2009/07/14 01:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) <br/>SRV - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) <br/> <br/> <br/>[color=#E56717]========== Driver Services (SafeList) ==========[/color] <br/> <br/>DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID) <br/>DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR) <br/>DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard) <br/>DRV - [2013/01/05 08:30:31 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\gfibto.sys -- (gfibto) <br/>DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) <br/>DRV - [2012/09/20 21:25:52 | 000,231,760 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt) <br/>DRV - [2012/07/05 17:10:02 | 000,083,392 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP) <br/>DRV - [2012/06/08 11:06:24 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) <br/>DRV - [2012/06/08 11:06:24 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo) <br/>DRV - [2011/06/20 16:07:08 | 001,117,800 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se) <br/>DRV - [2011/03/18 23:59:16 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss) <br/>DRV - [2010/11/20 12:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) <br/>DRV - [2010/11/20 12:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) <br/>DRV - [2010/11/20 12:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) <br/>DRV - [2010/11/20 10:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) <br/>DRV - [2010/11/20 09:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) <br/>DRV - [2010/11/20 09:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) <br/>DRV - [2010/06/23 10:24:58 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot) <br/>DRV - [2010/03/31 10:13:28 | 000,379,904 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtl8187B.sys -- (RTL8187B) <br/>DRV - [2010/03/24 19:33:56 | 000,096,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) <br/>DRV - [2010/03/24 19:31:06 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) <br/>DRV - [2010/03/24 19:23:54 | 000,133,512 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) <br/>DRV - [2009/10/26 23:54:24 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32) <br/>DRV - [2009/07/30 20:02:34 | 000,036,208 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter) <br/>DRV - [2009/07/30 17:45:22 | 000,171,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR) <br/>DRV - [2009/07/30 16:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) <br/>DRV - [2009/07/24 15:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32) <br/>DRV - [2009/07/14 15:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ) <br/>DRV - [2009/07/14 00:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice) <br/>DRV - [2009/07/13 23:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) <br/>DRV - [2009/07/13 22:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) <br/>DRV - [2009/07/13 22:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr) <br/>DRV - [2009/07/10 06:44:52 | 000,122,880 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) <br/>DRV - [2009/06/22 17:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect) <br/>DRV - [2009/06/19 19:31:08 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL) <br/>DRV - [2004/07/13 12:49:02 | 000,003,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BFAIFILT.SYS -- (BFAIFILT) <br/> <br/> <br/>[color=#E56717]========== Standard Registry (SafeList) ==========[/color] <br/> <br/> <br/>[color=#E56717]========== Internet Explorer ==========[/color] <br/> <br/>IE - HKLM\..\SearchScopes,DefaultScope = <br/>IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url=name=@firewallapi.dll,-28539]name=@firewallapi.dll,-28539[/url] | <br/>"{E12F00FB-2886-463E-B923-C5AD34D6AD2C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | <br/>"{F47B10C2-9963-48A9-BDF7-54C8ECD64971}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | <br/>"{FB8251C3-7DCA-4896-99BC-1F2918637533}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | <br/> <br/>[color=#E56717]========== Vista Active Application Exception List ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] <br/>"{01FD536A-9732-46BC-BB08-948CE8C579AF}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{03B6DC36-12D2-46A3-A712-991766520099}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | <br/>"{0757E686-B3BC-40EE-BB48-26A33BE28E5E}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{07F6C57E-5C95-4AEF-A0EA-D3FFBC5A31F1}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{114A6106-FDD9-44A0-9D59-B7DD669A6654}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{133CA992-1E01-434B-A030-92CD556E54E3}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{15D61F1F-83FA-43EE-8027-BA32C48B890F}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{183A0FDC-856D-4FF3-B978-F45F8F1D110A}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{1AD585E1-F325-4485-93AD-4E67B097BD63}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | <br/>"{1B2411EE-E925-4E91-BD71-99E9214E5258}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{1B58E380-F3C4-4256-820C-C007C36FB07C}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{1CC421C2-C224-4441-A8F3-DA5789287F3D}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{1CC7070E-848F-454D-9445-0301DF1C1504}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{1CDE4B6C-7F59-4C8A-9FC7-9A926403CD4C}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{1D7107A7-AD4B-416C-AA34-5675632DB43B}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{1DEC5660-C34D-4787-9AD8-56D9C308C78F}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{1EB09738-6666-4F94-A810-D2DEB253D08B}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{1EE4FA8A-2CD9-4D74-87BF-03172E671255}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{1F2E7A59-D486-43A9-A12E-DBB84E420E3F}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{208C4F1B-3864-4415-BA04-1A46B94CC57F}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{20B204ED-1CBD-4949-943F-8F21653DA0A8}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{23E56754-E4A3-4E06-899D-5E6862B3F7F9}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{2427A9D6-B3EA-410E-B5CA-AF81C7880BB3}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | <br/>"{258F34B3-64BB-4FF5-9872-5F881002FD04}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{26235CA2-155A-4FB7-9980-F28C37641D30}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | <br/>"{2691B4F4-598B-4E8F-ABA5-BC5FDDE690D0}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{2C3FF3B9-3306-45A5-9BAB-77EEF13157FC}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{2C7837DE-6380-42A1-AD4D-2985F2B48F2F}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{2CA0A0A3-DB07-42E4-9C31-31864391D829}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{2E215F5B-7692-4B06-9B96-8ECA4A7AE08C}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{2EA1D506-0D9A-4352-9D62-BED61A3A8243}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{2F542333-0C79-4DB3-BEAE-E7C5A35A4BD2}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{317613A4-46F7-4A7C-9998-0A20C58676B2}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{31C829BA-03BF-463B-BAAE-FB7B2FDA9B34}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | <br/>"{323F324C-F21F-4A70-A754-E47408FD6CE9}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{325FEEC2-C435-4055-8D8F-7009FF77C0E9}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{328CB14F-C201-4778-A38C-5464B5444D4B}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{33EA097F-658D-4822-9103-5FF35E08352C}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{3444D969-9150-44C4-91EF-7C3ED35D8AB9}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{35046EC7-DBD8-4DFB-A355-70F1EDC3E9EE}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | <br/>"{3548F5F5-FFF7-48DF-93D9-6343D699558F}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{3582E52F-DD57-4B3A-87A5-739BD7C094DA}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{3999E5EC-FDDB-4276-839F-8E8244398A61}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{3A654EF0-BD9C-4EBC-9D22-4EB250F61B11}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{3AD9FE89-D5F8-4901-BEBB-1BD3594B26D0}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | <br/>"{3B98B403-81B2-49AB-B16D-93B9EDA804B3}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{3B98D6DE-CF93-4CA8-A644-B6903A906225}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{3D4272EF-A606-484E-B976-3AD40F7DA2B4}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{3F777D12-8A59-4506-A88E-8A7B524A3FD8}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{40D2E95A-84B2-4528-B83B-A6A3C464CB15}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{417450DC-9FD1-4599-BA54-7591156F921C}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{42B28D1F-6E1F-4D76-86D8-0FCD236600B3}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{441E14B6-9CBF-498B-B517-F4CDDAEB9782}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{44C93374-DDBD-4130-AC3F-C5F82FDDC077}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{494D9E92-CFBE-4B44-87E2-A151044CFD36}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{4B2C9D8D-67D2-4BC5-9CCD-0B0807C67F9D}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{4C9B42FC-BEBC-4564-80A7-198C01DA2741}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{4F7D9C3B-2D00-4AB4-B544-FA3BA2993400}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{539E9B63-E04E-45D2-8444-286588E0CA9B}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{53E38EFD-6D8F-4B5C-88BD-A17FD0F317AB}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{5400E35D-A0D0-4C1E-8040-6F847EA9FC82}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{5580D5B1-6A57-4407-878B-6D7003EEF10A}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{55C1B382-5F59-422B-BAFE-A79C9A864309}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{5853C36A-2A6E-4264-9354-F83F856CD296}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{5A75B3E2-CAA8-4E9D-95A4-D8F46BB59F84}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{5A8BF274-093A-4DA0-B976-72A064B8431A}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | <br/>"{5EAFB1ED-FA1C-40F0-8FC7-8729D68037D9}" = protocol=1 | dir=in | [url=name=@firewallapi.dll,-28543]name=@firewallapi.dll,-28543[/url] | <br/>"{6078B204-0CBA-4674-8CF8-BE3502C51D10}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{610A7200-3C1C-4EE1-8338-31A22A1F0C2F}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{6153D313-A63F-46F4-98FD-BA05488456DD}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{639E8D61-C4EA-4430-ABA2-8D66E5120A7D}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{6845AD6A-D4DE-4EA7-8EFF-DCD320C02AA8}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | <br/>"{68C42A92-6C1D-473E-98E2-CF361989AD1D}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | <br/>"{6969C53E-9756-4451-9BBA-E7AFBBCD1027}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{6C0FF956-6777-4E03-91F9-2A88623C5566}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{6E5D37EC-0CDF-406E-8178-39381599BDFB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | <br/>"{6F1A3581-EB67-46C1-AA51-DB9B91477C8E}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{71A10788-6954-46D6-BB51-542DA1CAC661}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{7219A70D-97D6-4F99-A255-8F1E54F2F641}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{77AB6AC1-4E28-49EB-859C-2073C3D09FAA}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{78463CE7-A8FD-4A20-AC03-38A1CF4ECA4D}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{7AD6A99A-6BEE-4954-BD13-A4FA3F0BA7FF}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{7B69938D-B473-47E0-8187-A75521E71E0F}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{7C6F4E95-5BB0-4A6D-854F-688405A212E7}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{7FF930C2-4360-4CAC-B66D-67A7C0A53C4E}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{81B4D3B7-1242-4A1C-853C-40C7088F94A9}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{85085BC1-DF26-494D-9250-09659643D2F6}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{8847B6E3-F7C1-42FB-B0A9-82519B24429C}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{88CB35CB-BC56-48C5-9657-17F3421289C7}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{89F11BB9-066B-4B91-BE3A-6BFC2E257A1B}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | <br/>"{8B7D9EBE-5847-4D85-8E6F-C056526845C1}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{8BF2FBB5-6518-4608-980F-495081DCA12D}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{8BF64D44-53BD-42C1-869B-0B41F68A4B98}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{8D0F220E-C0A0-41C9-A3A6-B42DF4753BF2}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{8D9ECB8D-2DA5-4E8C-8525-E828A4C72322}" = protocol=1 | dir=out | [url=name=@firewallapi.dll,-28544]name=@firewallapi.dll,-28544[/url] | <br/>"{8EE705A1-4B77-43CF-821F-B71E6813581F}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{90FA5794-863B-4DBE-A05E-BF3D42968AB2}" = protocol=58 | dir=in | [url=name=@firewallapi.dll,-28545]name=@firewallapi.dll,-28545[/url] | <br/>"{916AE8C2-C684-48E8-BCA7-32A79519D14B}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{917A937B-C205-4779-A03F-202278BD4B8D}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{9241B31E-9564-4C3F-B04B-07C40A9B1FA2}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{95DF3F06-A430-46CA-A0CF-7E308B7D77D9}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{990AEEF3-68A0-49E1-BAA9-B655DDA9C13A}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{99FB38EF-1D11-46F0-8413-27DA9C8C4490}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{9AA65126-F40C-4642-8ADF-662E1B33032A}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{9C347FD3-32B8-43E0-BCF2-A214C393383A}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{9D09CA15-F97E-4CF9-89C0-2382443485B6}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{A05DFCF2-4607-4D60-AA55-E08941A38F7C}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{A0A72F13-8885-4338-AD0F-9D4CFEB33D2E}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{A1309C64-1BC7-4757-AB11-593BB39952F8}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{A1F7BB55-E72A-46E5-AED2-B40333D8014C}" = protocol=6 | dir=in | app=c:\program files\searchresults\dtuser.exe | <br/>"{A29AA51C-9896-4E20-A186-DA7A51BEF3D8}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{A50E5D61-DABE-49E5-804F-BA27142C23A2}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{A595E4DB-A961-4350-8547-B81461E1A568}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{A5FBD9B8-AA65-41AF-B121-138E8AA7CE2B}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{A609D763-183E-4B52-A106-A5EA3F62122E}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{A610899D-F3FE-48B8-9F77-0920FCEBFBB2}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{A763B54B-B070-4FEA-AE88-A02387560069}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{A86FD5D6-E887-4256-94C1-0C3FF17AF394}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{A898D290-2012-40A8-BEBB-612CD74128E8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | <br/>"{A92D8D95-FA17-4F6F-8067-A8B79848F69C}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{AA52C0E8-32DF-42FB-B7F0-57A8FB1BD254}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{AB4738BC-EB60-46F2-BD68-59110901064C}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{AB74A990-F2F8-4A88-A0B2-DA87DC8C7333}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{AD1AF65D-1437-4B51-863D-32D71116D198}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{AD6D9140-742B-4A20-88C0-BDD0745BF842}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{AD9F6197-9E7F-4C42-AF51-11E36E7D6BC3}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{ADDDC524-412F-49C9-BE5F-768B04B25F7D}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{ADF57BAB-DF95-4426-9F4A-BCC895E22B43}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{AFA22F12-B9AA-4EF9-AD9F-ACDAB25BF215}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{B04C4ADB-242E-48D6-B9A3-BB65726BE364}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{B1D290B5-A07B-48C1-9CE6-7CD6448400F6}" = dir=in | app=c:\program files\hp\hp deskjet 3070 b611 series\bin\devicesetup.exe | <br/>"{B3509134-AFB3-4D83-8AA7-B8BAA0203AE5}" = protocol=17 | dir=in | app=c:\program files\searchresults\dtuser.exe | <br/>"{B8A60D3D-3985-4C3E-8ABE-9703656B1C1B}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{B98E4CC7-C241-4EE3-9610-0B00ED986B84}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{BE4FAD68-A582-42D6-A464-4ACCEAA5D178}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{C0F44723-BCB8-472F-A544-2C32F3BC8FD0}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{C240609B-5EAB-49E6-85E7-4A35DA0A75C7}" = dir=in | app=c:\program files\hp\hp deskjet 3070 b611 series\bin\hpnetworkcommunicator.exe | <br/>"{C37BF209-69A5-4BF6-9731-4A3C50B6C0B3}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{C589BD93-3FB0-4A17-8F5F-ED4011370EAC}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{C66C353B-8628-4F18-A451-5123BB5F2842}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{C7D365A9-58B4-4F73-997F-491E704CDB2C}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{C9B10B7F-3EE2-405E-A347-EB5061B72BE3}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{CCB2B425-E48B-40BD-B7A1-8FCA8382E90C}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{CCCFC6B3-7B28-43FC-BF3E-44266490F31B}" = protocol=58 | dir=out | [url=name=@firewallapi.dll,-28546]name=@firewallapi.dll,-28546[/url] | <br/>"{CE049A67-F730-41C3-9A22-33C0FB15AEF5}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{CE4FA780-F595-4E63-9645-5848C9FB64B3}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{CE85481C-FE52-4FA6-B3F8-DE716A74C728}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{D2145606-0580-43C4-ABC8-390C6FCE4D80}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | <br/>"{D3B6FEA3-EE00-4B10-A855-3F09C03FA67E}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{D4877C60-D7C0-48DF-B6C0-26EFA6C6A3CE}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{D5B4E463-A1B8-46A2-80DA-135C6F5F3128}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{D5F48CEB-1FD6-4197-946A-EA903A25BBB8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | <br/>"{D7789641-4FDA-4BA1-9E5E-F810B635EAE9}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | <br/>"{D7D5EB1B-B491-44BD-ABC1-7ACF6E434681}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{D8FDA109-7985-450E-9412-AD693836EF0D}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{D9709303-9218-46B1-B909-9EC432B13C86}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{DA1A75B7-D99D-4356-940B-70C10829F783}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{DB06A44B-35C4-45C8-90B0-B588D14EADB1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | <br/>"{DB3DC97D-72F1-435B-9896-F912DFF9B17F}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{DBBFF490-CFF7-4901-B442-17BC50E63EF0}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{DC1E8867-F10D-4046-8F37-CC56DBE0DD98}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{DC273605-DA66-4E6A-AD39-611D3EE749E9}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{DE97EDAD-A47F-4DCF-9117-83F9C05A77D9}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{DF5A4537-4813-41AC-B36D-D097929BCC7F}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{DFC6DDAB-0505-4552-AFBF-BEEFD12BD3E5}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{E153A445-0887-41E6-8B3A-52FE2F176143}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{E251E566-E2BA-410A-B67A-23F8C38BBC07}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{E4BD6E8E-B42F-48BB-AD13-51B14DFDB74A}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{E5C69D31-6A25-4126-8D9B-6F7ECA266CAE}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{E73AC30F-90F7-4A82-9D12-5F6AC57A026B}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{E91D2832-5576-4F26-B650-8E6C05A3CC54}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{EA048B8C-B2DE-44CD-9E15-B67212ED16A5}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{ED782863-3DED-4AB6-920B-42312D6BCE04}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{EE237F97-D02C-416E-814B-EAA14A294ECD}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{F23BA6A6-3D3E-43A4-9586-5428DE816D2F}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{F3894DFA-AE2B-4393-9244-9263E2B0B9DA}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{F401F0D3-F27F-4E4A-A0A7-4797B4911F3D}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{F4BEA9B1-A11F-4F64-B3BA-22B4D79FEDC6}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{F5F91524-BB6C-434C-ADD2-C54616A7FC4F}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{F5FE373F-238D-4D14-BDA1-9EDFC943260A}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{F6CC927C-B9D8-48D6-BA5A-65D81D0C27ED}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{F6E6167C-1B92-4B6F-AB27-B9344D51288C}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{F7A9EF25-FC83-430A-A666-1AF070B2A817}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{F8226932-11E7-4B19-B55B-8C14803E3FCA}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{F92ADEA2-46A2-4139-B588-1FC5B49C5826}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | <br/>"{FC6BFCAC-2683-4676-B99A-EC445BDF8E77}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{FD4B9DC7-C801-4126-85F1-143FB2BB1063}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"{FDF8FE52-3641-4250-9CFC-3B271BA11F71}" = dir=in | app=c:\program files\skype\phone\skype.exe | <br/>"TCP Query User{0999D5A9-2AF8-47C2-BB2E-AF7F7BBDF71C}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | <br/>"TCP Query User{0FF2D284-DCD6-436D-8E52-F603DAF28D23}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | <br/>"TCP Query User{511E190D-155B-4EAD-BD11-ECE65ACCB7C0}C:\program files\freetorrentviewer\freetorrentviewer.exe" = protocol=6 | dir=in | app=c:\program files\freetorrentviewer\freetorrentviewer.exe | <br/>"TCP Query User{65F0DA6E-7EB5-42AA-AC69-9D71154C6A76}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | <br/>"TCP Query User{684E7C50-248F-46BA-8B7C-0AD9908DFEB9}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe | <br/>"TCP Query User{691F82F6-202A-4C8A-AC8D-EE3836C391AA}C:\users\surgery\appdata\local\temp\lmic88d.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\users\surgery\appdata\local\temp\lmic88d.tmp\lmi_rescue.exe | <br/>"TCP Query User{69F8BD00-9A74-41B1-B7E6-3779FE165B28}C:\users\shay\appdata\local\temp\ixp000.tmp\smpcsetup.exe" = protocol=6 | dir=in | app=c:\users\shay\appdata\local\temp\ixp000.tmp\smpcsetup.exe | <br/>"TCP Query User{A25FAAA6-5771-429B-8D07-754BFDDB6646}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | <br/>"TCP Query User{A4F9DD5B-AFAB-4EC2-9B8F-B01AEA3FD619}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | <br/>"TCP Query User{B978353F-DAD5-43EF-9EF2-587707C19FAC}C:\program files\freetorrentviewer\freetorrentviewer.exe" = protocol=6 | dir=in | app=c:\program files\freetorrentviewer\freetorrentviewer.exe | <br/>"TCP Query User{BFF3079C-D7B8-442A-9BB2-139CC752D0AB}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe | <br/>"TCP Query User{C2D8CAF5-A854-441A-8DF6-735817D22D64}C:\users\shay\appdata\local\temp\ixp000.tmp\smwinvnc.exe" = protocol=6 | dir=in | app=c:\users\shay\appdata\local\temp\ixp000.tmp\smwinvnc.exe | <br/>"TCP Query User{FEDDEFC7-01C9-4514-A47A-D98B3A1F5053}C:\users\surgery\appdata\local\temp\lmie4f2.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\users\surgery\appdata\local\temp\lmie4f2.tmp\lmi_rescue.exe | <br/>"UDP Query User{0816121B-B559-47EE-8082-1CAD86AE02E0}C:\program files\freetorrentviewer\freetorrentviewer.exe" = protocol=17 | dir=in | app=c:\program files\freetorrentviewer\freetorrentviewer.exe | <br/>"UDP Query User{0E47D888-2D37-4F29-A21C-77E06C54C30F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | <br/>"UDP Query User{1E344974-87F2-43DB-BC1B-EC9F76092793}C:\users\surgery\appdata\local\temp\lmie4f2.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\users\surgery\appdata\local\temp\lmie4f2.tmp\lmi_rescue.exe | <br/>"UDP Query User{249C4F0F-D68C-4E68-9DEF-2F908CDF8722}C:\users\surgery\appdata\local\temp\lmic88d.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\users\surgery\appdata\local\temp\lmic88d.tmp\lmi_rescue.exe | <br/>"UDP Query User{2EE0BE7A-BC3C-40B2-B7FC-AC1EAE4194FF}C:\program files\freetorrentviewer\freetorrentviewer.exe" = protocol=17 | dir=in | app=c:\program files\freetorrentviewer\freetorrentviewer.exe | <br/>"UDP Query User{4EF93B22-DA60-42C2-BECD-E1BB79A0918B}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | <br/>"UDP Query User{5B5BCEAD-07CC-44F1-BF77-65C8DEBFC459}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | <br/>"UDP Query User{5D4AE46B-E840-4066-A791-097B4B4916A7}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe | <br/>"UDP Query User{73A99B12-CBA4-4386-9CA0-FE76D2489F04}C:\users\shay\appdata\local\temp\ixp000.tmp\smpcsetup.exe" = protocol=17 | dir=in | app=c:\users\shay\appdata\local\temp\ixp000.tmp\smpcsetup.exe | <br/>"UDP Query User{93861F13-F458-4E2E-B6A7-92C92116C882}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | <br/>"UDP Query User{CCF0B4EF-CB7F-44EB-A545-A82A40E71D74}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | <br/>"UDP Query User{D2BB52BE-0CC0-492D-A306-E126749C28CC}C:\users\shay\appdata\local\temp\ixp000.tmp\smwinvnc.exe" = protocol=17 | dir=in | app=c:\users\shay\appdata\local\temp\ixp000.tmp\smwinvnc.exe | <br/>"UDP Query User{F94AEEEA-0910-4E81-A945-58D46C8C4545}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe | <br/> <br/>[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] <br/>"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 <br/>"{0823A2E3-69DD-A37A-7CD9-1CBEB037545C}" = Toshiba Photo Service - powered by myphotobook <br/>"{08B857DF-E6F9-4283-853A-4F329CC09A4F}" = ESET NOD32 Antivirus <br/>"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer <br/>"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver <br/>"{1261B07E-88EB-42ED-B356-3D921EE91D90}" = Canon Utilities Digital Photo Professional 1.6 <br/>"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver <br/>"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist <br/>"{16480125-0428-4097-9A2A-74464004D169}" = EOS Capture 1.3 <br/>"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser <br/>"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker <br/>"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.7.2 <br/>"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update <br/>"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions <br/>"{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = PhotoStitch <br/>"{22461A1C-BD68-4D90-9897-1DB146D55ECB}" = LogMeIn <br/>"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information <br/>"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10 <br/>"{26D8DF7E-DBF8-43A6-8D42-F37497CE603D}" = Skype(TM) Launcher <br/>"{28291BD5-92D2-4685-82DC-CCA925C53CCA}" = RemoteCapture Task 1.1 <br/>"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com <br/>"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 <br/>"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger <br/>"{2EB44B16-05EF-42FD-9300-A85CDEF60864}" = Free Word Excel Password Wizard <br/>"{2F81FBFC-9A37-431F-9050-14B55485DF5A}" = Internet Library <br/>"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver <br/>"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery <br/>"{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}" = Canon Camera WIA Driver <br/>"{342126B2-10D5-409E-884B-245347A497E1}" = TOSHIBA Bulletin Board <br/>"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery <br/>"{3929824B-9502-4A02-B3F6-B9D2CD0CE617}" = Hofmann 7.3 <br/>"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile <br/>"{42451051-52B5-4D74-920A-BB49861D7253}" = TOSHIBA ReelTime <br/>"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR <br/>"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater <br/>"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password <br/>"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup <br/>"{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility <br/>"{5662C158-CA24-4228-BF6C-596FADA08682}" = Camera Support Core Library <br/>"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack <br/>"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth <br/>"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator <br/>"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application <br/>"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center <br/>"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility <br/>"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE <br/>"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin <br/>"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER <br/>"{6D17E13B-FEBE-4E5F-B99A-AAF33794BC2F}" = Big Red Book Accounts v4 <br/>"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer <br/>"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable <br/>"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable <br/>"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 <br/>"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder <br/>"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime <br/>"{7B847C9D-6758-45E6-B598-3BD8F43EAE9E}" = Camera Window DS <br/>"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform <br/>"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync <br/>"{862983D7-FA08-493E-A9ED-6B7859E069D3}" = Canon PhotoRecord <br/>"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 <br/>"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver <br/>"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight <br/>"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT <br/>"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 <br/>"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) <br/>"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 <br/>"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) <br/>"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 <br/>"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) <br/>"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 <br/>"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) <br/>"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 <br/>"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) <br/>"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 <br/>"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) <br/>"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 <br/>"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 <br/>"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) <br/>"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 <br/>"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) <br/>"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 <br/>"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) <br/>"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In <br/>"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager <br/>"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals <br/>"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 <br/>"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) <br/>"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker <br/>"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting <br/>"{96040872-110D-4D38-AAF4-CAD66F340E21}" = LogMeIn Ignition <br/>"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader <br/>"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 <br/>"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 <br/>"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver <br/>"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail <br/>"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor <br/>"{9F20CE56-3828-432D-A3C5-3EC6A2ED93C6}" = HP Deskjet 3070 B611 series Help <br/>"{A0F34E4E-25F0-4B68-AE8F-EF0C15CB1FED}" = RAW Image Task 2.0 <br/>"{A70D14C6-FF2C-4B8E-A643-7E74EC607614}" = Camera Window DVC <br/>"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer <br/>"{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}" = Amazon.co.uk <br/>"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper <br/>"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common <br/>"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer <br/>"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer <br/>"{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}" = HTC Sync <br/>"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station <br/>"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2 <br/>"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter <br/>"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 <br/>"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy <br/>"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator <br/>"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars <br/>"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon ZoomBrowser EX <br/>"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant <br/>"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail <br/>"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition <br/>"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 <br/>"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 <br/>"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform <br/>"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert <br/>"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common <br/>"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform <br/>"{DBB7021A-3437-446F-ACE5-7261644A972C}" = Toshiba TEMPRO <br/>"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources <br/>"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 <br/>"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant <br/>"{E51E24A4-B1E2-4B51-9217-F3FD6F4334D2}" = HP Deskjet 3070 B611 series Basic Device Software <br/>"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger <br/>"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher <br/>"{E73534D5-CC93-4C63-9072-5A9734255C74}" = Camera Window MC <br/>"{E83BA61A-5D77-4DD5-9C92-A3447F11E27D}" = eBay <br/>"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities <br/>"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 <br/>"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] <br/>"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver <br/>"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree <br/>"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials <br/>"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package <br/>"Adobe AIR" = Adobe AIR <br/>"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX <br/>"Audacity_is1" = Audacity 2.0 <br/>"AVS Audio Converter 6.2_is1" = AVS Audio Converter version 6.2 <br/>"AVS Update Manager_is1" = AVS Update Manager 1.0 <br/>"CCleaner" = CCleaner <br/>"Easy MP3 Cutter_is1" = Easy MP3 Cutter 2.9 <br/>"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Toshiba Photo Service - powered by myphotobook <br/>"FreeTorrentViewer" = FreeTorrentViewer <br/>"Google Chrome" = Google Chrome <br/>"HDMI" = Intel(R) Graphics Media Accelerator Driver <br/>"HijackThis" = HijackThis 2.0.2 <br/>"HOMESTUDENTR" = Microsoft Office Home and Student 2007 <br/>"InstallShield_{1261B07E-88EB-42ED-B356-3D921EE91D90}" = Canon Utilities Digital Photo Professional 1.6 <br/>"InstallShield_{16480125-0428-4097-9A2A-74464004D169}" = Canon Utilities EOS Capture 1.3 <br/>"InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = Canon Utilities PhotoStitch 3.1 <br/>"InstallShield_{28291BD5-92D2-4685-82DC-CCA925C53CCA}" = Canon RemoteCapture Task for ZoomBrowser EX <br/>"InstallShield_{2F81FBFC-9A37-431F-9050-14B55485DF5A}" = Canon Internet Library for ZoomBrowser EX <br/>"InstallShield_{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}" = Canon EOS Kiss_N REBEL_XT 350D WIA Driver <br/>"InstallShield_{342126B2-10D5-409E-884B-245347A497E1}" = TOSHIBA Bulletin Board <br/>"InstallShield_{42451051-52B5-4D74-920A-BB49861D7253}" = TOSHIBA ReelTime <br/>"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password <br/>"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup <br/>"InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility <br/>"InstallShield_{5662C158-CA24-4228-BF6C-596FADA08682}" = Canon Camera Support Core Library <br/>"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center <br/>"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility <br/>"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder <br/>"InstallShield_{7B847C9D-6758-45E6-B598-3BD8F43EAE9E}" = Canon Camera Window DS for ZoomBrowser EX <br/>"InstallShield_{A0F34E4E-25F0-4B68-AE8F-EF0C15CB1FED}" = Canon RAW Image Task for ZoomBrowser EX <br/>"InstallShield_{A70D14C6-FF2C-4B8E-A643-7E74EC607614}" = Canon Camera Window DVC for ZoomBrowser EX <br/>"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition <br/>"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert <br/>"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher <br/>"InstallShield_{E73534D5-CC93-4C63-9072-5A9734255C74}" = Canon Camera Window for ZoomBrowser EX <br/>"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package <br/>"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100 <br/>"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 <br/>"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile <br/>"Picasa 3" = Picasa 3 <br/>"RealPlayer 15.0" = RealPlayer <br/>"SynTPDeinstKey" = Synaptics Pointing Device Driver <br/>"Thesaurus 2010 Payroll" = Thesaurus 2010 Payroll Standard Version <br/>"TrueCrypt" = TrueCrypt <br/>"VLC media player" = VLC media player 1.1.0 <br/>"WavePad" = WavePad Sound Editor <br/>"WinLiveSuite" = Windows Live Essentials <br/>"WinRAR archiver" = WinRAR archiver <br/>"Word Password Recovery Master_is1" = Word Password Recovery Master 3.5 <br/>"Yahoo! Messenger" = Yahoo! Messenger <br/> <br/>[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] <br/> <br/>[HKEY_USERS\S-1-5-21-1379762275-1066828835-1910331368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] <br/> <br/>[color=#E56717]========== Last 20 Event Log Errors ==========[/color] <br/> <br/>[ Application Events ] <br/>Error - 9/14/2011 3:01:55 AM | Computer Name = Shay-TOSH.surgery.local | Source = MsiInstaller | ID = 11314 <br/>Description = <br/> <br/>Error - 9/24/2011 1:10:12 PM | Computer Name = Shay-TOSH.surgery.local | Source = Application Error | ID = 1000 <br/>Description = Faulting application name: chrome.exe, version: 14.0.835.186, time <br/> stamp: 0x4e77dea9 Faulting module name: ntdll.dll, version: 6.1.7601.17514, time <br/> stamp: 0x4ce7b96e Exception code: 0xc0000374 Fault offset: 0x000c37b7 Faulting process <br/> id: 0x2774 Faulting application start time: 0x01cc7adc86a2d1b4 Faulting application <br/> path: C:\Program Files\Google\Chrome\Application\chrome.exe Faulting module path: <br/> C:\Windows\SYSTEM32\ntdll.dll Report Id: 0ff7d31e-e6d0-11e0-a762-705ab68673d7 <br/> <br/>Error - 10/11/2011 3:24:28 PM | Computer Name = Shay-TOSH.surgery.local | Source = Software Protection Platform Service | ID = 8200 <br/>Description = License acquisition failure details. hr=0x8004FE2C <br/> <br/>Error - 10/11/2011 3:24:28 PM | Computer Name = Shay-TOSH.surgery.local | Source = Software Protection Platform Service | ID = 8208 <br/>Description = Acquisition of genuine ticket failed (hr=0x8004FE2C) for template <br/>Id 66c92734-d682-4d71-983e-d6ec3f16059f <br/> <br/>Error - 10/14/2011 11:20:54 PM | Computer Name = Shay-TOSH.surgery.local | Source = Application Hang | ID = 1002 <br/>Description = The program chrome.exe version 14.0.835.202 stopped interacting with <br/> Windows and was closed. To see if more information about the problem is available, <br/> check the problem history in the Action Center control panel. Process ID: 78c Start <br/> Time: 01cc8adc952ce206 Termination Time: 0 Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe <br/> <br/>Report <br/> Id: <br/> <br/>Error - 11/4/2011 8:13:41 PM | Computer Name = Shay-TOSH.surgery.local | Source = Application Hang | ID = 1002 <br/>Description = The program msnmsgr.exe version 15.4.3538.513 stopped interacting <br/>with Windows and was closed. To see if more information about the problem is available, <br/> check the problem history in the Action Center control panel. Process ID: c14 Start <br/> Time: 01cc9ac6a28fccd9 Termination Time: 0 Application Path: C:\Program Files\Windows <br/> Live\Messenger\msnmsgr.exe Report Id: fa3fdd75-0742-11e1-9ef6-705ab68673d7 <br/> <br/>Error - 11/12/2011 2:19:52 PM | Computer Name = Shay-TOSH.surgery.local | Source = Application Error | ID = 1000 <br/>Description = Faulting application name: wlcomm.exe, version: 15.4.3538.513, time <br/> stamp: 0x4dcda787 Faulting module name: PresenceIM.dll_unloaded, version: 0.0.0.0, <br/> time stamp: 0x4dcdb16e Exception code: 0xc0000005 Fault offset: 0x69a315d0 Faulting <br/> process id: 0x14fc Faulting application start time: 0x01cca161eec5c36e Faulting application <br/> path: C:\Program Files\Windows Live\Contacts\wlcomm.exe Faulting module path: PresenceIM.dll <br/>Report <br/> Id: e98b6c16-0d5a-11e1-9372-705ab68673d7 <br/> <br/>Error - 11/12/2011 7:12:42 PM | Computer Name = Shay-TOSH.surgery.local | Source = MsiInstaller | ID = 11606 <br/>Description = <br/> <br/>Error - 11/12/2011 7:12:42 PM | Computer Name = Shay-TOSH.surgery.local | Source = MsiInstaller | ID = 11606 <br/>Description = <br/> <br/>Error - 11/13/2011 6:22:30 PM | Computer Name = Shay-TOSH.surgery.local | Source = Application Hang | ID = 1002 <br/>Description = The program chrome.exe version 15.0.874.120 stopped interacting with <br/> Windows and was closed. To see if more information about the problem is available, <br/> check the problem history in the Action Center control panel. Process ID: 9ec Start <br/> Time: 01cca22b34069080 Termination Time: 16 Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe <br/> <br/>Report <br/> Id: <br/> <br/>[ System Events ] <br/>Error - 1/6/2013 7:11:32 PM | Computer Name = Shay-TOSH.surgery.local | Source = NETLOGON | ID = 5719 <br/>Description = This computer was not able to set up a secure session with a domain <br/>controller <br/> in domain SURGERY due to the following: %%1311 This may lead to authentication problems. <br/> Make sure that this computer is connected to the network. If the problem persists, <br/>please <br/> contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller <br/> for the specified domain, it sets up the secure session to the primary domain controller <br/> emulator in the specified domain. Otherwise, this computer sets up the secure session <br/> to any domain controller in the specified domain. <br/> <br/>Error - 1/7/2013 3:40:24 AM | Computer Name = Shay-TOSH.surgery.local | Source = NETLOGON | ID = 5719 <br/>Description = This computer was not able to set up a secure session with a domain <br/>controller <br/> in domain SURGERY due to the following: %%1311 This may lead to authentication problems. <br/> Make sure that this computer is connected to the network. If the problem persists, <br/>please <br/> contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller <br/> for the specified domain, it sets up the secure session to the primary domain controller <br/> emulator in the specified domain. Otherwise, this computer sets up the secure session <br/> to any domain controller in the specified domain. <br/> <br/>Error - 1/7/2013 2:34:51 PM | Computer Name = Shay-TOSH.surgery.local | Source = NETLOGON | ID = 5719 <br/>Description = This computer was not able to set up a secure session with a domain <br/>controller <br/> in domain SURGERY due to the following: %%1311 This may lead to authentication problems. <br/> Make sure that this computer is connected to the network. If the problem persists, <br/>please <br/> contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller <br/> for the specified domain, it sets up the secure session to the primary domain controller <br/> emulator in the specified domain. Otherwise, this computer sets up the secure session <br/> to any domain controller in the specified domain. <br/> <br/>Error - 1/7/2013 2:34:52 PM | Computer Name = Shay-TOSH.surgery.local | Source = DCOM | ID = 10010 <br/>Description = <br/> <br/>Error - 1/7/2013 4:24:12 PM | Computer Name = Shay-TOSH.surgery.local | Source = Microsoft-Windows-GroupPolicy | ID = 1129 <br/>Description = The processing of Group Policy failed because of lack of network connectivity <br/> to a domain controller. This may be a transient condition. A success message would <br/> be generated once the machine gets connected to the domain controller and Group <br/> Policy has succesfully processed. If you do not see a success message for several <br/> hours, then contact your administrator. <br/> <br/>Error - 1/8/2013 4:41:58 PM | Computer Name = Shay-TOSH.surgery.local | Source = NETLOGON | ID = 5719 <br/>Description = This computer was not able to set up a secure session with a domain <br/>controller <br/> in domain SURGERY due to the following: %%1311 This may lead to authentication problems. <br/> Make sure that this computer is connected to the network. If the problem persists, <br/>please <br/> contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller <br/> for the specified domain, it sets up the secure session to the primary domain controller <br/> emulator in the specified domain. Otherwise, this computer sets up the secure session <br/> to any domain controller in the specified domain. <br/> <br/>Error - 1/8/2013 4:42:43 PM | Computer Name = Shay-TOSH.surgery.local | Source = Microsoft-Windows-GroupPolicy | ID = 1129 <br/>Description = The processing of Group Policy failed because of lack of network connectivity <br/> to a domain controller. This may be a transient condition. A success message would <br/> be generated once the machine gets connected to the domain controller and Group <br/> Policy has succesfully processed. If you do not see a success message for several <br/> hours, then contact your administrator. <br/> <br/>Error - 1/8/2013 5:19:31 PM | Computer Name = Shay-TOSH.surgery.local | Source = NETLOGON | ID = 5719 <br/>Description = This computer was not able to set up a secure session with a domain <br/>controller <br/> in domain SURGERY due to the following: %%1311 This may lead to authentication problems. <br/> Make sure that this computer is connected to the network. If the problem persists, <br/>please <br/> contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller <br/> for the specified domain, it sets up the secure session to the primary domain controller <br/> emulator in the specified domain. Otherwise, this computer sets up the secure session <br/> to any domain controller in the specified domain. <br/> <br/>Error - 1/8/2013 5:20:13 PM | Computer Name = Shay-TOSH.surgery.local | Source = Microsoft-Windows-GroupPolicy | ID = 1129 <br/>Description = The processing of Group Policy failed because of lack of network connectivity <br/> to a domain controller. This may be a transient condition. A success message would <br/> be generated once the machine gets connected to the domain controller and Group <br/> Policy has succesfully processed. If you do not see a success message for several <br/> hours, then contact your administrator. <br/> <br/>Error - 1/8/2013 5:21:07 PM | Computer Name = Shay-TOSH.surgery.local | Source = DCOM | ID = 10016 <br/>Description = <br/> <br/> <br/>< End of report >
Posted 1/9/2013 9:45 AM
#94959
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
It seems that your hosts file is invaded by someone suspicious addresses, which can very easily be the cause of problems <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; FONT-WEIGHT: normal; mso-ansi-language: EN; mso-bidi-font-weight: bold" lang=EN>We need to run an OTL Fix<SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; mso-ansi-language: EN" lang=EN><BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break"><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; mso-ansi-language: EN; mso-fareast-font-family: 'Arial Unicode MS'" lang=EN><?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p> <br/> <br/><UL type=disc> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto" class=MsoNormal><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; mso-ansi-language: EN" lang=EN>Please reopen OTL on your desktop.<o:p></o:p> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto" class=MsoNormal><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; FONT-WEIGHT: normal; mso-ansi-language: EN; mso-bidi-font-weight: bold" lang=EN>Copy<SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; mso-ansi-language: EN" lang=EN> and <SPAN style="FONT-FAMILY: Tahoma; FONT-WEIGHT: normal; mso-bidi-font-weight: bold">Paste the following in bold into the<SPAN style="mso-spacerun: yes"> Custom Scan textbox. <o:p></o:p></LI></UL><SPAN class=pln><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore"><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 18pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>:<SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>OTL <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 8pt; mso-ansi-language: EN-GB" lang=EN-GB>O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.<SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN><o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 18pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 8pt; mso-ansi-language: EN-GB" lang=EN-GB>O2 - BHO: (Search Results Toolbar) - {fa63398e-322b-4833-9af3-15837ad12138} - C:\Program Files\searchresults\searchresultsDx.dll File not found <br/> <br/>O3 - HKLM\..\Toolbar: (Search Results Toolbar) - {fa63398e-322b-4833-9af3-15837ad12138} - C:\Program Files\searchresults\searchresultsDx.dll File not found <br/> <br/>O3 - HKU\S-1-5-21-1379762275-1066828835-1910331368-1000\..\Toolbar\WebBrowser: (no name) - {0FC85F5D-6207-4515-A490-45A549D285C0} - No CLSID value found. <br/> <br/>O3 - HKU\S-1-5-21-1379762275-1066828835-1910331368-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. <br/> <br/>O4 - HKLM..\Run: [autoauto] C:\Windows\System32\c.bat ()<SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 8pt; mso-ansi-language: EN-GB" lang=EN-GB>O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} <SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 8pt"><SPAN style="FONT-FAMILY: 'Courier New'; mso-ansi-language: EN-GB" lang=EN-GB>[color=#006597>http://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab</FONT>[/url]<SPAN] (Reg Error: Value error.) <br/> <br/>O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} <SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 8pt"><SPAN style="FONT-FAMILY: 'Courier New'; mso-ansi-language: EN-GB" lang=EN-GB><FONT color=#006597>http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab[/color][/url]<SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 8pt; mso-ansi-language: EN-GB" lang=EN-GB> (Reg Error: Key error.)<SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN><o:p></o:p>[/b]</PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 18pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 8pt; mso-ansi-language: EN-GB" lang=EN-GB>ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error. <br/> <br/>[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] <br/> <br/></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 18pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>:<SPAN class=typ><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>Files<SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 18pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>ipconfig <SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>/<SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>flushdns <SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>/<SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>c <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 18pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>:<SPAN class=typ><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>Commands<SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 18pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>[<SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>purity<SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>]<SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 18pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>[<SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>resethosts<SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>]<SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 18pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>[<SPAN class=typ><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>CreateRestorePoint<SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>]<SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 18pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>[<SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>emptytemp<SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>]<SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN><SPAN style="mso-spacerun: yes"> [<SPAN class=pln><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>EMPTYFLASH<SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN>]<o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN><o:p> </o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pun><SPAN style="FONT-FAMILY: Tahoma; mso-ansi-language: EN" lang=EN><o:p></o:p><SPAN style="FONT-FAMILY: Arial; FONT-SIZE: 9pt; mso-ansi-language: EN-GB" lang=EN-GB>[color=red>To]</o:p>[/color]</PRE> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt" lang=EN-GB><o:p> </o:p> <br/> <br/><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB><o:p> </o:p> <br/> <br/><UL type=disc> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto" class=MsoNormal><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; FONT-WEIGHT: normal; mso-ansi-language: EN; mso-bidi-font-weight: bold" lang=EN>Push<SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; mso-ansi-language: EN" lang=EN><SPAN style="mso-spacerun: yes"> Run Fix Button<o:p></o:p> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto" class=MsoNormal><SPAN style="FONT-FAMILY: Tahoma; COLOR: red; FONT-SIZE: 10pt; FONT-WEIGHT: normal; mso-ansi-language: EN; mso-bidi-font-weight: bold" lang=EN>OTL may ask to reboot the machine. Please do so if asked.<SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; mso-ansi-language: EN" lang=EN><o:p></o:p> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto" class=MsoNormal><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; FONT-WEIGHT: normal; mso-ansi-language: EN; mso-bidi-font-weight: bold" lang=EN>Click<SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; mso-ansi-language: EN" lang=EN> OK.<o:p></o:p> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto" class=MsoNormal><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; mso-ansi-language: EN" lang=EN>A report will open. <SPAN style="FONT-FAMILY: Tahoma; FONT-WEIGHT: normal; mso-bidi-font-weight: bold">Copy and <SPAN style="FONT-FAMILY: Tahoma; FONT-WEIGHT: normal; mso-bidi-font-weight: bold">Paste that report in your next reply.<o:p></o:p> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto" class=MsoNormal><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; mso-ansi-language: EN" lang=EN>If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.</LI></UL> <br/><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; mso-ansi-language: EN" lang=EN> <br/><SPAN style="FONT-FAMILY: Tahoma; FONT-SIZE: 10pt; mso-ansi-language: EN" lang=EN> <br/><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB>Please download Combofix from: http://download.bleepingcomputer.com/sUBs/ComboFix.exe <br/> <br/><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB> <br/> <br/><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB><SPAN style="mso-spacerun: yes"> And save to the desktop.<o:p></o:p> <br/> <br/><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB><o:p> </o:p> <br/> <br/><SPAN style="FONT-FAMILY: Arial; FONT-SIZE: 9pt; mso-ansi-language: EN-GB" lang=EN-GB>After the download is complete, perform the following tasks before using the ComboFix tool to scan your PC: <br/>Exit all windows that are currently open on your computer.<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Arial; FONT-SIZE: 9pt; mso-ansi-language: EN-GB" lang=EN-GB>To prevent interference, temporarily disable your antivirus, antispyware, firewall and other security tools that may be running on your computer.<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt" lang=EN-GB><o:p> </o:p> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN; mso-bidi-font-size: 11.0pt" lang=EN> <o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB" lang=EN-GB>Double-click on the combofix icon found on your desktop. <o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB" lang=EN-GB> <o:p></o:p> <br/> <br/><B style="mso-bidi-font-weight: normal"><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt" lang=EN-GB>Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall. </B> <br/> <br/><B style="mso-bidi-font-weight: normal"><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt" lang=EN-GB>In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.<o:p></o:p></B> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt" lang=EN-GB> <br/><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB><SPAN style="mso-spacerun: yes"> When finished, it will produce a logfile located at C:\combofix.txt.<SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB><o:p></o:p> <br/> <br/><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB> <SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB><o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt" lang=EN-GB> <br/><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB>Post the contents of that log in your next reply <o:p></o:p> <br/> <br/><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB><o:p> </o:p> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN; mso-bidi-font-size: 12.0pt" lang=EN>The logs will be reasonably large so you may have to divide them into sections and make several posts to post them. <br/><BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break"><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB><o:p></o:p> <br/> <br/><o:p></o:p>

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 1/9/2013 8:08 PM
#94961
User avatar

Irishguy 7 Member

Date Joined Nov 2016
Total Posts: 4
Thank you, I enclose the 2 logs <br/>All processes killed <br/>========== OTL ========== <br/>Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully. <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found. <br/>Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fa63398e-322b-4833-9af3-15837ad12138}\ deleted successfully. <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fa63398e-322b-4833-9af3-15837ad12138}\ deleted successfully. <br/>Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{fa63398e-322b-4833-9af3-15837ad12138} deleted successfully. <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fa63398e-322b-4833-9af3-15837ad12138}\ not found. <br/>Registry value HKEY_USERS\S-1-5-21-1379762275-1066828835-1910331368-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0FC85F5D-6207-4515-A490-45A549D285C0} deleted successfully. <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FC85F5D-6207-4515-A490-45A549D285C0}\ not found. <br/>Registry value HKEY_USERS\S-1-5-21-1379762275-1066828835-1910331368-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully. <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found. <br/>Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\autoauto deleted successfully. <br/>C:\Windows\System32\c.bat moved successfully. <br/>Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. <br/>Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. <br/>Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} <br/>C:\Windows\Downloaded Program Files\gp.inf not found. <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\ deleted successfully. <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\ deleted successfully. <br/>Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\ not found. <br/>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\ not found. <br/>C:\Windows\msdownld.tmp folder deleted successfully. <br/>========== FILES ========== <br/>[color=#A23BEC]< ipconfig /flushdns /c >[/color] <br/>Windows IP Configuration <br/>Successfully flushed the DNS Resolver Cache. <br/>C:\Users\Shay\Desktop\cmd.bat deleted successfully. <br/>C:\Users\Shay\Desktop\cmd.txt deleted successfully. <br/>========== COMMANDS ========== <br/>C:\Windows\System32\drivers\etc\Hosts moved successfully. <br/>HOSTS file reset successfully <br/>Restore point Set: OTL Restore Point <br/> <br/>[EMPTYTEMP] <br/> <br/>User: All Users <br/> <br/>User: Default <br/>->Temp folder emptied: 0 bytes <br/>->Temporary Internet Files folder emptied: 134 bytes <br/>->Flash cache emptied: 41044 bytes <br/> <br/>User: Default User <br/>->Temp folder emptied: 0 bytes <br/>->Temporary Internet Files folder emptied: 0 bytes <br/>->Flash cache emptied: 0 bytes <br/> <br/>User: Public <br/> <br/>User: Shay <br/>->Temp folder emptied: 1750809 bytes <br/>->Temporary Internet Files folder emptied: 83529921 bytes <br/>->Java cache emptied: 9406257 bytes <br/>->Google Chrome cache emptied: 109704495 bytes <br/>->Flash cache emptied: 58413 bytes <br/> <br/>User: surgery <br/>->Temp folder emptied: 776623 bytes <br/>->Temporary Internet Files folder emptied: 64325352 bytes <br/>->Flash cache emptied: 42909 bytes <br/> <br/>%systemdrive% .tmp files removed: 0 bytes <br/>%systemroot% .tmp files removed: 0 bytes <br/>%systemroot%\System32 .tmp files removed: 0 bytes <br/>%systemroot%\System32\drivers .tmp files removed: 0 bytes <br/>Windows Temp folder emptied: 79370 bytes <br/>RecycleBin emptied: 0 bytes <br/> <br/>Total Files Cleaned = 257.00 mb <br/> <br/> <br/>[EMPTYFLASH] <br/> <br/>User: All Users <br/> <br/>User: Default <br/>->Flash cache emptied: 0 bytes <br/> <br/>User: Default User <br/>->Flash cache emptied: 0 bytes <br/> <br/>User: Public <br/> <br/>User: Shay <br/>->Flash cache emptied: 0 bytes <br/> <br/>User: surgery <br/>->Flash cache emptied: 0 bytes <br/> <br/>Total Flash Files Cleaned = 0.00 mb <br/> <br/> <br/>OTL by OldTimer - Version 3.2.69.0 log created on 01092013_193607 <br/> <br/>Files\Folders moved on Reboot... <br/> <br/>PendingFileRenameOperations files... <br/> <br/>Registry entries deleted on Reboot... <br/> <br/> <br/>COMBOFIX LOG <br/> <br/>ComboFix 13-01-08.01 - Shay 09/01/2013 19:48:34.1.2 - x86 <br/>Microsoft Windows 7 Professional 6.1.7601.1.1252.353.1033.18.2909.1622 [GMT 0:00] <br/>Running from: c:\users\Shay\Desktop\ComboFix.exe <br/>AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} <br/>SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} <br/>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>c:\windows\system32\URTTemp <br/>c:\windows\system32\URTTemp\regtlib.exe <br/>c:\windows\system32\v.vbs <br/>. <br/>Infected copy of c:\windows\system32\Services.exe was found and disinfected <br/>Restored copy from - c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe <br/>. <br/>. <br/>((((((((((((((((((((((((( Files Created from 2012-12-09 to 2013-01-09 ))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>2013-01-09 19:56 . 2010-03-09 20:47 5283152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F25AF3A3-962F-4AEE-8909-B936886E5CE7}\mpengine.dll <br/>2013-01-09 19:55 . 2013-01-09 19:55 -------- d-----w- c:\users\surgery\AppData\Local\temp <br/>2013-01-09 19:55 . 2013-01-09 19:55 -------- d-----w- c:\users\Default\AppData\Local\temp <br/>2013-01-09 19:36 . 2013-01-09 19:36 -------- d-----w- C:\_OTL <br/>2013-01-09 19:28 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0606E4BF-B553-43FB-8F59-C831F446B3DF}\mpengine.dll <br/>2013-01-06 19:00 . 2013-01-06 19:00 -------- d-----w- c:\program files\Trend Micro <br/>2013-01-06 18:54 . 2013-01-06 18:54 -------- d-----w- c:\program files\Common Files\Java <br/>2013-01-06 18:54 . 2013-01-06 18:53 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll <br/>2013-01-05 14:33 . 2013-01-05 14:33 -------- d-----w- c:\program files\CCleaner <br/>2013-01-05 08:30 . 2013-01-05 08:30 44424 ----a-w- c:\windows\system32\sbbd.exe <br/>2013-01-05 08:30 . 2013-01-05 08:30 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys <br/>2013-01-05 08:29 . 2013-01-05 08:29 -------- d-----w- c:\program files\Toolbar Cleaner <br/>2012-12-30 15:18 . 2012-12-30 15:18 -------- d-----w- c:\users\Shay\AppData\Local\Programs <br/>2012-12-21 06:49 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll <br/>2012-12-21 06:49 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll <br/>2012-12-12 06:20 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll <br/>2012-12-12 06:19 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll <br/>. <br/>. <br/>. <br/>(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>2013-01-08 20:43 . 2012-03-31 01:31 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe <br/>2013-01-08 20:43 . 2011-05-18 21:51 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl <br/>2013-01-06 18:53 . 2012-10-23 06:34 859072 ----a-w- c:\windows\system32\npDeployJava1.dll <br/>2012-12-14 16:49 . 2012-10-17 02:29 21104 ----a-w- c:\windows\system32\drivers\mbam.sys <br/>2012-10-23 06:33 . 2011-03-13 15:31 746984 ----a-w- c:\windows\system32\deployJava1.dll <br/>2012-10-17 19:16 . 2012-07-05 21:18 14664 ----a-w- c:\windows\stinger.sys <br/>2012-10-16 07:39 . 2012-11-27 18:39 561664 ----a-w- c:\windows\apppatch\AcLayers.dll <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>*Note* empty entries & legit default entries are not shown <br/>REGEDIT4 <br/>. <br/>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"HP Deskjet 3070 B611 series (NET)"="c:\program files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" [2011-03-30 1721192] <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-08-12 352256] <br/>"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 425984] <br/>"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088] <br/>"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-03 611672] <br/>"Toshiba TEMPRO"="c:\program files\Toshiba TEMPRO\TemproTray.exe" [2010-05-11 1050072] <br/>"TosNC"="c:\program files\Toshiba\BulletinBoard\TosNcCore.exe" [2009-08-06 466792] <br/>"TosReelTimeMonitor"="c:\program files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [2009-08-06 29528] <br/>"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 141848] <br/>"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 174104] <br/>"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 151064] <br/>"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-08-05 476512] <br/>"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2009-03-09 55160] <br/>"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-08-13 521528] <br/>"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-08-05 738616] <br/>"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-28 7625248] <br/>"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-20 1545512] <br/>"Teco"="c:\program files\TOSHIBA\TECO\Teco.exe" [2009-08-26 1324384] <br/>"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 1294136] <br/>"TosWaitSrv"="c:\program files\TOSHIBA\TPHM\TosWaitSrv.exe" [2009-08-06 611672] <br/>"TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-08-11 2446648] <br/>"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2009-07-30 134032] <br/>"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-03-24 2145000] <br/>"TkBellExe"="c:\program files\Real\realplayer\update\realsched.exe" [2011-11-27 296056] <br/>"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] <br/>. <br/>c:\users\surgery\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ <br/>OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] <br/>TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184] <br/>. <br/>c:\users\Shay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ <br/>OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] <br/>TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184] <br/>. <br/>c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ <br/>TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184] <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] <br/>"ConsentPromptBehaviorAdmin"= 0 (0x0) <br/>"ConsentPromptBehaviorUser"= 3 (0x3) <br/>"EnableLUA"= 0 (0x0) <br/>"EnableUIADesktopToggle"= 0 (0x0) <br/>"PromptOnSecureDesktop"= 0 (0x0) <br/>. <br/>R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x] <br/>R3 BFAIFILT;BFAIFILT;c:\windows\system32\Drivers\bfaifilt.sys [x] <br/>R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x] <br/>R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x] <br/>R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] <br/>R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187B.sys [x] <br/>R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x] <br/>R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] <br/>R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] <br/>S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [x] <br/>S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x] <br/>S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [x] <br/>S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [x] <br/>S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x] <br/>S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x] <br/>S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x] <br/>S2 LMIGuardianSvc;Support LogMeIn processes with quality assurance feedback;c:\program files\LogMeIn Ignition\LMIGuardianSvc.exe [x] <br/>S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x] <br/>S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] <br/>S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x] <br/>S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [x] <br/>S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [x] <br/>S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\Toshiba TEMPRO\TemproSvc.exe [x] <br/>S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [x] <br/>S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x] <br/>S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x] <br/>S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] <br/>S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x] <br/>S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x] <br/>S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x] <br/>S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x] <br/>S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x] <br/>S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x] <br/>. <br/>. <br/>--- Other Services/Drivers In Memory --- <br/>. <br/>*NewlyCreated* - WS2IFSL <br/>. <br/>Contents of the 'Scheduled Tasks' folder <br/>. <br/>2013-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job <br/>- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 20:44] <br/>. <br/>2013-01-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job <br/>- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-14 21:56] <br/>. <br/>2013-01-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job <br/>- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-14 21:56] <br/>. <br/>2013-01-08 c:\windows\Tasks\ReclaimerUpdateFiles_Shay.job <br/>- c:\users\Shay\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-18 22:57] <br/>. <br/>2013-01-08 c:\windows\Tasks\ReclaimerUpdateXML_Shay.job <br/>- c:\users\Shay\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-18 22:57] <br/>. <br/>2013-01-09 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Shay.job <br/>- c:\users\Shay\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-18 22:57] <br/>. <br/>. <br/>------- Supplementary Scan ------- <br/>. <br/>uStart Page = hxxp://bubbleshooter.com/ <br/>IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 <br/>IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 <br/>IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html <br/>TCP: DhcpNameServer = 192.168.1.254 <br/>. <br/>- - - - ORPHANS REMOVED - - - - <br/>. <br/>URLSearchHooks-{0fc85f5d-6207-4515-a490-45a549d285c0} - (no file) <br/>HKU-Default-Run-TOSHIBA Online Product Information - c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe <br/>SafeBoot-mcmscsvc <br/>SafeBoot-MCODS <br/>. <br/>. <br/>. <br/>--------------------- LOCKED REGISTRY KEYS --------------------- <br/>. <br/>[HKEY_USERS\S-1-5-21-1379762275-1066828835-1910331368-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{570FCB08-C562-C05F-29F0-99CA49D09F25}*] <br/>"hagicefndmndhhli"=hex:6a,61,70,70,70,6e,64,6a,70,70,65,69,6a,6b,64,70,68,69, <br/> 6e,70,00,00 <br/>"ganjbghnldnkpg"=hex:61,63,69,70,68,6d,6b,6a,62,63,6d,62,6f,65,69,63,66,61,6d, <br/> 6e,70,66,70,61,63,6f,6b,66,62,67,62,68,68,66,6c,6d,69,6b,65,67,61,68,6c,61,\ <br/>"iaiiaeifgjlcipmeme"=hex:6a,61,70,70,70,6e,64,6a,70,70,65,69,6a,6b,64,70,68,69, <br/> 6e,70,00,00 <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] <br/>@Denied: (A) (Users) <br/>@Denied: (A) (Everyone) <br/>@Allowed: (B 1 2 3 4 5) (S-1-5-20) <br/>"BlindDial"=dword:00000000 <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] <br/>@Denied: (Full) (Everyone) <br/>. <br/>------------------------ Other Running Processes ------------------------ <br/>. <br/>c:\windows\system32\TODDSrv.exe <br/>c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe <br/>c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE <br/>c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe <br/>c:\windows\system32\taskhost.exe <br/>c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe <br/>c:\windows\system32\conhost.exe <br/>c:\windows\system32\igfxsrvc.exe <br/>c:\program files\Synaptics\SynTP\SynTPHelper.exe <br/>c:\windows\system32\igfxext.exe <br/>c:\program files\TOSHIBA\ConfigFree\NDSTray.exe <br/>c:\program files\TOSHIBA\ConfigFree\CFSwMgr.exe <br/>c:\windows\system32\sppsvc.exe <br/>c:\program files\Windows Media Player\wmpnetwk.exe <br/>c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe <br/>c:\program files\TOSHIBA\TPHM\TPCHWMsg.exe <br/>. <br/>************************************************************************** <br/>. <br/>Completion time: 2013-01-09 20:02:10 - machine was rebooted <br/>ComboFix-quarantined-files.txt 2013-01-09 20:02 <br/>. <br/>Pre-Run: 168,406,171,648 bytes free <br/>Post-Run: 168,284,450,816 bytes free <br/>. <br/>- - End Of File - - 709A5DA627925EFD84179E3562E1ACEC
Posted 1/12/2013 7:26 AM
#94963
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Looks fine to me, how do things behave on your computer ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 1/12/2013 2:06 PM
#94965
User avatar

Irishguy 7 Member

Date Joined Nov 2016
Total Posts: 4
The problem I have is that when I run Google Chrome browser that pop up windows (http://ad.directrev.com/RealMedia/ads/adstream_sx.ads/S0000481/1%5brandomNo%5d@x10) appear when I click a link. This happens all of the time and the browser often freezes. Drop down menus that are used on pages do not work. Even on this forum I cannot use the submit when I use Chrome and I have to post the replies in Internet Explorer browser. <br/> I uninstalled and reinstalled Chrome but there was no difference. <br/>The problem does not happen with Internet Explorer.
Posted 1/14/2013 9:41 AM
#94975
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
That´s annoying :rolleyes: <br/> <br/> <br/> <br/> <br/>See if Chrome adblock can do the trick....... <br/>https://adblockplus.org/en/chrome

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Saturday, December 10, 2016, 2:26 AM (GMT +1)
There are a total of 61,163 posts in 13,450 threads.
In the last 3 days there were 1 new threads and 3 reply posts.

Who's online

This forum has 37,969 registered members. Please welcome our newest member, Heisenberg.
There are currently no users on-line.