Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Wise Convert Community Toolbar
Message
<blockquote data-quote="ArizEagle" data-source="post: 92342" data-attributes="member: 4153"><p>Here are the results of the OTL Scan:</p><p></p><p>OTL logfile created on: 12/29/2012 1:42:52 AM - Run 1</p><p>OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Downloads</p><p>Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation</p><p>Internet Explorer (Version = 9.0.8112.16421)</p><p>Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy</p><p> </p><p>2.90 Gb Total Physical Memory | 1.31 Gb Available Physical Memory | 45.05% Memory free</p><p>6.85 Gb Paging File | 5.21 Gb Available in Paging File | 76.03% Paging File free</p><p>Paging file location(s): c:\pagefile.sys 4096 4096 [binary data]</p><p> </p><p>%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files</p><p>Drive C: | 138.70 Gb Total Space | 83.84 Gb Free Space | 60.44% Space Free | Partition Type: NTFS</p><p>Drive D: | 10.34 Gb Total Space | 1.78 Gb Free Space | 17.17% Space Free | Partition Type: NTFS</p><p> </p><p>Computer Name: OWNER-PC | User Name: owner | Logged in as Administrator.</p><p>Boot Mode: Normal | Scan Mode: All users</p><p>Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days</p><p> </p><p><span style="color: #E56717">========== Processes (SafeList) ==========</span></p><p> </p><p>PRC - File not found</p><p>PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (Adobe Systems, Inc.)</p><p>PRC - C:\Program Files\AVG Secure Search\vprot.exe ()</p><p>PRC - C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)</p><p>PRC - C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)</p><p>PRC - C:\Program Files\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.)</p><p>PRC - C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)</p><p>PRC - C:\Program Files\AVG\AVG2013\avgnsx.exe (AVG Technologies CZ, s.r.o.)</p><p>PRC - C:\Program Files\AVG\AVG2013\avgemcx.exe (AVG Technologies CZ, s.r.o.)</p><p>PRC - C:\Program Files\AVG\AVG2013\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)</p><p>PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe ()</p><p>PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)</p><p>PRC - C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)</p><p>PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)</p><p>PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)</p><p>PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)</p><p>PRC - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)</p><p>PRC - C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()</p><p>PRC - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)</p><p>PRC - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)</p><p>PRC - C:\Windows\explorer.exe (Microsoft Corporation)</p><p>PRC - C:\Program Files\SMINST\BLService.exe ()</p><p> </p><p> </p><p><span style="color: #E56717">========== Modules (No Company Name) ==========</span></p><p> </p><p>MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()</p><p>MOD - C:\Program Files\AVG Secure Search\vprot.exe ()</p><p>MOD - C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll ()</p><p>MOD - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll ()</p><p>MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()</p><p>MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()</p><p>MOD - C:\Program Files\OpenOffice.org 3\program\libxslt.dll ()</p><p> </p><p> </p><p><span style="color: #E56717">========== Services (SafeList) ==========</span></p><p> </p><p>SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)</p><p>SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)</p><p>SRV - (avgwd) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)</p><p>SRV - (vToolbarUpdater13.2.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe ()</p><p>SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)</p><p>SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe (McAfee, Inc.)</p><p>SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)</p><p>SRV - (IntuitUpdateService) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)</p><p>SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()</p><p>SRV - (Recovery Service for Windows) -- C:\Program Files\SMINST\BLService.exe ()</p><p>SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)</p><p> </p><p> </p><p><span style="color: #E56717">========== Driver Services (SafeList) ==========</span></p><p> </p><p>DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found</p><p>DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found</p><p>DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found</p><p>DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )</p><p>DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)</p><p>DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )</p><p>DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)</p><p>DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)</p><p>DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)</p><p>DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)</p><p>DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )</p><p>DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)</p><p>DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)</p><p>DRV - (IntcHdmiAddService) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)</p><p>DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )</p><p>DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)</p><p>DRV - (NETw3v32) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)</p><p>DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)</p><p>DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)</p><p> </p><p> </p><p><span style="color: #E56717">========== Standard Registry (SafeList) ==========</span></p><p> </p><p> </p><p><span style="color: #E56717">========== Internet Explorer ==========</span></p><p> </p><p>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb</p><p>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb</p><p>IE - HKLM\..\URLSearchHook: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.)</p><p>IE - HKLM\..\SearchScopes,DefaultScope = {7DC7C2A9-63BE-4EDF-99EF-028F49D65B85}</p><p>IE - HKLM\..\SearchScopes\{7DC7C2A9-63BE-4EDF-99EF-028F49D65B85}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF</p><p>IE - HKLM\..\SearchScopes\{86336D6B-C1D5-4EC7-B038-A0D3290449FD}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscql</p><p> </p><p> </p><p>IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0</p><p> </p><p>IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0</p><p> </p><p> </p><p> </p><p>IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb</p><p>IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve</p><p>IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/</p><p>IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\URLSearchHook: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.)</p><p>IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}</p><p>IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\SearchScopes\{1B51FEB4-E04C-4DD1-AFC1-4F0ABD02ED51}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}</p><p>IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\SearchScopes\{7DC7C2A9-63BE-4EDF-99EF-028F49D65B85}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=HPNTDF&pc=HPNTDF&src=IE-SearchBox</p><p>IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={1DD32051-58E8-4EEB-A7B5-F47D5D4FE0DA}&mid=ce0793b5593c47d6a4e6d156509fa4c0-ff9a8face4ef37f8745aabf7f6f2f7468451d1c4&lang=en&ds=AVG&pr=fr&d=2012-10-18 14:33:56&v=13.2.0.1&sap=dsp&q={searchTerms}</p><p>IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\SearchScopes\{C2A2DF2E-0DFC-4A92-9995-01E0AC03C069}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716</p><p>IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0</p><p> </p><p><span style="color: #E56717">========== FireFox ==========</span></p><p> </p><p>FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"</p><p>FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"</p><p>FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35</p><p>FF - prefs.js..extensions.enabledAddons: avg@toolbar:13.2.0.5</p><p>FF - prefs.js..keyword.URL: "https://isearch.avg.com/search?cid={1DD32051-58E8-4EEB-A7B5-F47D5D4FE0DA}&mid=ce0793b5593c47d6a4e6d156509fa4c0-ff9a8face4ef37f8745aabf7f6f2f7468451d1c4&lang=en&ds=AVG&pr=fr&d=2012-10-18 14:33:56&v=13.2.0.1&sap=ku&q="</p><p>FF - prefs.js..network.proxy.type: 0</p><p>FF - user.js - File not found</p><p> </p><p>FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()</p><p>FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)</p><p>FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()</p><p>FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)</p><p>FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)</p><p>FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)</p><p>FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)</p><p>FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)</p><p>FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)</p><p>FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)</p><p>FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)</p><p>FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)</p><p> </p><p>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012/11/10 01:58:10 | 000,000,000 | ---D | M]</p><p>FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/27 13:33:43 | 000,000,000 | ---D | M]</p><p>FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins</p><p> </p><p>[2012/02/29 20:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\Mozilla\Extensions</p><p>[2012/11/19 12:57:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\ivp0wbj8.default\extensions</p><p>[2012/10/17 23:39:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions</p><p>[2012/09/18 07:21:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}</p><p>[2012/12/29 00:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions</p><p>[2012/12/29 00:02:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}</p><p>[2012/12/29 00:02:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}</p><p>[2012/11/10 01:58:10 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\13.2.0.5</p><p>[2012/09/23 08:35:50 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll</p><p>[2012/11/10 01:57:56 | 000,003,571 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml</p><p>[2012/09/23 08:35:49 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml</p><p>[2012/09/23 08:35:49 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml</p><p> </p><p>O1 HOSTS File: ([2006/09/18 13:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts</p><p>O1 - Hosts: 127.0.0.1 localhost</p><p>O1 - Hosts: ::1 localhost</p><p>O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)</p><p>O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)</p><p>O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()</p><p>O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)</p><p>O2 - BHO: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.)</p><p>O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)</p><p>O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)</p><p>O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()</p><p>O3 - HKLM\..\Toolbar: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.)</p><p>O3 - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.</p><p>O3 - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)</p><p>O3 - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\Toolbar\WebBrowser: (WiseConvert Toolbar) - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.)</p><p>O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)</p><p>O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)</p><p>O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)</p><p>O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)</p><p>O4 - HKLM..\Run: [ROC_roc_ssl_v12] C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe ()</p><p>O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()</p><p>O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)</p><p>O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)</p><p>O4 - Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()</p><p>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0</p><p>O7 - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1</p><p>O13 - gopher Prefix: missing</p><p>O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)</p><p>O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)</p><p>O15 - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)</p><p>O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)</p><p>O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)</p><p>O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)</p><p>O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)</p><p>O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76</p><p>O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2AFB4E5-A1E8-415B-A7B3-A433B3227715}: DhcpNameServer = 75.75.75.75 75.75.76.76</p><p>O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()</p><p>O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)</p><p>O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)</p><p>O24 - Desktop WallPaper: C:\Users\owner\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp</p><p>O24 - Desktop BackupWallPaper: C:\Users\owner\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp</p><p>O32 - HKLM CDRom: AutoRun - 1</p><p>O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]</p><p>O34 - HKLM BootExecute: (autocheck autochk *)</p><p>O35 - HKLM\..comfile [open] -- "%1" %*</p><p>O35 - HKLM\..exefile [open] -- "%1" %*</p><p>O37 - HKLM\...com [@ = comfile] -- "%1" %*</p><p>O37 - HKLM\...exe [@ = exefile] -- "%1" %*</p><p>O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)</p><p>O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)</p><p> </p><p><span style="color: #E56717">========== Files/Folders - Created Within 30 Days ==========</span></p><p> </p><p>[2012/12/28 23:13:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL(2).exe</p><p>[2012/12/27 23:44:20 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\CrashDumps</p><p>[2012/12/27 23:38:38 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit</p><p>[2012/12/27 23:38:33 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\Conduit</p><p>[2012/12/27 23:38:10 | 000,000,000 | ---D | C] -- C:\Program Files\WiseConvert</p><p>[2012/12/25 14:19:46 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll</p><p>[2012/12/25 14:19:46 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll</p><p>[2012/12/11 14:43:27 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb</p><p>[2012/12/11 14:43:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll</p><p>[2012/12/11 14:43:25 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll</p><p>[2012/12/11 14:43:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe</p><p>[2012/12/11 14:43:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll</p><p>[2012/12/11 14:43:24 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll</p><p>[2012/12/11 14:43:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll</p><p>[2012/12/11 14:43:22 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl</p><p>[2012/12/11 14:41:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll</p><p>[2012/12/11 14:41:17 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll</p><p>[2012/12/11 14:41:17 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys</p><p>[2012/12/11 14:41:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll</p><p>[2012/12/11 14:41:15 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll</p><p>[2012/12/11 14:41:15 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll</p><p>[2012/12/11 14:37:10 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys</p><p>[2012/12/11 14:37:09 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll</p><p>[2012/12/11 14:37:09 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe</p><p>[2012/12/11 14:36:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll</p><p>[2012/12/10 11:59:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG</p><p>[2012/12/01 08:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus</p><p>[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]</p><p> </p><p><span style="color: #E56717">========== Files - Modified Within 30 Days ==========</span></p><p> </p><p>[2012/12/29 01:46:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job</p><p>[2012/12/29 01:36:59 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job</p><p>[2012/12/29 00:33:57 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0</p><p>[2012/12/29 00:33:57 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0</p><p>[2012/12/28 23:15:33 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat</p><p>[2012/12/28 23:15:33 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat</p><p>[2012/12/28 23:13:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL(2).exe</p><p>[2012/12/28 22:34:07 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job</p><p>[2012/12/28 22:33:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat</p><p>[2012/12/28 22:33:45 | 3119,722,496 | -HS- | M] () -- C:\hiberfil.sys</p><p>[2012/12/27 23:49:00 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForowner.job</p><p>[2012/12/26 14:30:43 | 000,034,043 | ---- | M] () -- C:\Users\owner\Documents\Homes - Carmichael - 2012.ods</p><p>[2012/12/26 12:19:30 | 000,306,332 | ---- | M] () -- C:\Users\owner\Documents\Medjugorie Message.odt</p><p>[2012/12/26 00:01:01 | 000,128,416 | ---- | M] () -- C:\Users\owner\Documents\Deck of Cards.odt</p><p>[2012/12/25 22:07:04 | 000,351,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT</p><p>[2012/12/25 08:37:22 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe</p><p>[2012/12/25 08:37:22 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl</p><p>[2012/12/16 05:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll</p><p>[2012/12/16 02:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll</p><p>[2012/12/10 11:59:54 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk</p><p>[2012/12/01 08:06:42 | 000,001,871 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk</p><p>[2012/12/01 08:06:42 | 000,001,871 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk</p><p>[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]</p><p> </p><p><span style="color: #E56717">========== Files Created - No Company Name ==========</span></p><p> </p><p>[2012/12/28 09:16:40 | 3119,722,496 | -HS- | C] () -- C:\hiberfil.sys</p><p>[2012/12/11 14:41:29 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf</p><p>[2012/12/11 14:41:29 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf</p><p>[2012/07/15 21:41:17 | 000,001,072 | ---- | C] () -- C:\Users\owner\AppData\Roaming\wklnhst.dat</p><p>[2012/06/21 00:18:33 | 000,033,758 | ---- | C] () -- C:\Users\owner\AppData\Local\dt.dat</p><p>[2011/07/01 05:48:46 | 000,060,304 | ---- | C] () -- C:\Users\owner\g2mdlhlpx.exe</p><p>[2011/05/13 07:52:05 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll</p><p>[2011/05/13 07:52:05 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin</p><p>[2011/04/16 15:51:27 | 000,139,791 | ---- | C] () -- C:\Windows\hpoins15.dat</p><p>[2010/05/15 09:30:04 | 000,004,608 | ---- | C] () -- C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini</p><p>[2009/04/23 01:01:27 | 000,000,284 | ---- | C] () -- C:\ProgramData\hpqp.ini</p><p> </p><p><span style="color: #E56717">========== ZeroAccess Check ==========</span></p><p> </p><p>[2006/11/02 04:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini</p><p> </p><p>[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]</p><p> </p><p>[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]</p><p> </p><p>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]</p><p>"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 09:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)</p><p>"ThreadingModel" = Apartment</p><p> </p><p>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]</p><p>"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 22:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)</p><p>"ThreadingModel" = Free</p><p> </p><p>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]</p><p>"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 22:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)</p><p>"ThreadingModel" = Both</p><p></p><p>< End of report ></p><p></p><p>Here is the OTL Extra file:</p><p></p><p>OTL Extras logfile created on: 12/29/2012 1:42:52 AM - Run 1</p><p>OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Downloads</p><p>Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation</p><p>Internet Explorer (Version = 9.0.8112.16421)</p><p>Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy</p><p> </p><p>2.90 Gb Total Physical Memory | 1.31 Gb Available Physical Memory | 45.05% Memory free</p><p>6.85 Gb Paging File | 5.21 Gb Available in Paging File | 76.03% Paging File free</p><p>Paging file location(s): c:\pagefile.sys 4096 4096 [binary data]</p><p> </p><p>%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files</p><p>Drive C: | 138.70 Gb Total Space | 83.84 Gb Free Space | 60.44% Space Free | Partition Type: NTFS</p><p>Drive D: | 10.34 Gb Total Space | 1.78 Gb Free Space | 17.17% Space Free | Partition Type: NTFS</p><p> </p><p>Computer Name: OWNER-PC | User Name: owner | Logged in as Administrator.</p><p>Boot Mode: Normal | Scan Mode: All users</p><p>Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days</p><p> </p><p><span style="color: #E56717">========== Extra Registry (SafeList) ==========</span></p><p> </p><p> </p><p><span style="color: #E56717">========== File Associations ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]</p><p>.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)</p><p>.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)</p><p> </p><p>[HKEY_USERS\S-1-5-21-4156696597-1341229448-2497781583-1000\SOFTWARE\Classes\<extension>]</p><p>.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)</p><p> </p><p><span style="color: #E56717">========== Shell Spawning ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]</p><p>batfile [open] -- "%1" %*</p><p>cmdfile [open] -- "%1" %*</p><p>comfile [open] -- "%1" %*</p><p>cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)</p><p>exefile [open] -- "%1" %*</p><p>helpfile [open] -- Reg Error: Key error.</p><p>hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)</p><p>inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)</p><p>piffile [open] -- "%1" %*</p><p>regfile [merge] -- Reg Error: Key error.</p><p>scrfile [config] -- "%1"</p><p>scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l</p><p>scrfile [open] -- "%1" /S</p><p>txtfile [edit] -- Reg Error: Key error.</p><p>Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1</p><p>Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)</p><p>Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)</p><p>Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)</p><p>Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)</p><p>Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)</p><p> </p><p><span style="color: #E56717">========== Security Center Settings ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]</p><p>"cval" = 1</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]</p><p>"AntiVirusOverride" = 0</p><p>"AntiSpywareOverride" = 0</p><p>"FirewallOverride" = 0</p><p>"VistaSp1" = Reg Error: Unknown registry data type -- File not found</p><p>"VistaSp2" = Reg Error: Unknown registry data type -- File not found</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4156696597-1341229448-2497781583-1000]</p><p>"EnableNotifications" = 0</p><p>"EnableNotificationsRef" = 1</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]</p><p> </p><p><span style="color: #E56717">========== Firewall Settings ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]</p><p>"EnableFirewall" = 1</p><p>"DisableNotifications" = 0</p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]</p><p>"EnableFirewall" = 1</p><p>"DisableNotifications" = 0</p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]</p><p>"EnableFirewall" = 1</p><p>"DisableNotifications" = 0</p><p> </p><p><span style="color: #E56717">========== Authorized Applications List ==========</span></p><p> </p><p> </p><p><span style="color: #E56717">========== Vista Active Open Ports Exception List ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]</p><p>"{00CB93EF-0717-4C20-AAE7-DCCD3D9AD48B}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdater.exe | </p><p>"{1A9BA254-91CA-4E3F-AED8-3C88D4C1877D}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdateservice.exe | </p><p> </p><p><span style="color: #E56717">========== Vista Active Application Exception List ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]</p><p>"{00F1A93B-502C-449E-AA33-4161A25D37DF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | </p><p>"{075D420D-A659-4966-A214-7B9D6793D810}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | </p><p>"{15612316-5D26-4960-AEFB-6D6BB1FBADAE}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | </p><p>"{2FFD9B92-AD55-40F5-B9FF-7637C2EAF603}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | </p><p>"{35D96FB4-3233-490C-A3AF-3FAFD97B2F63}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | </p><p>"{3AA85B49-F91A-4308-9E3F-7A816C34CFB4}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | </p><p>"{4ED40416-09F8-4F1C-8BB4-2F9DBA1787E5}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | </p><p>"{4F17C458-0B27-4C1E-9425-81C15FB932F9}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | </p><p>"{56D49D58-36C8-4AAB-84BA-112ADBB14EF4}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | </p><p>"{67942ACE-3121-4911-897D-D6DEE6BCC36E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | </p><p>"{7023FFA7-035D-44F0-831C-364E6404FA3D}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | </p><p>"{A6F823F0-2B58-4A4D-9AAD-CA63DCD2F495}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | </p><p>"{B41EA4AD-7BEB-49BB-B34D-7F97355875C8}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | </p><p>"{CA591556-87B5-40C2-8CCB-3B73F63BCED6}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | </p><p>"{D53B8B7E-D3B8-4479-B152-393894654F29}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | </p><p>"{DCC24E8D-3905-464F-95CA-8DE3303962D5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | </p><p>"{E4756FD8-1EA7-4A0D-AAEF-334DBEBC3DAE}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | </p><p>"{F3B215A1-F050-4DEE-932D-30EA7D61BEBD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | </p><p>"TCP Query User{B9500B90-7B5E-40B7-A325-1CA43135CBFA}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | </p><p>"UDP Query User{148D1F22-A3EE-4354-A4AF-D9961786BE44}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | </p><p> </p><p><span style="color: #E56717">========== HKEY_LOCAL_MACHINE Uninstall List ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]</p><p>"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc</p><p>"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR</p><p>"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support</p><p>"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport</p><p>"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer</p><p>"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox</p><p>"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp</p><p>"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers</p><p>"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch</p><p>"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor</p><p>"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works</p><p>"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy</p><p>"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService</p><p>"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148</p><p>"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite</p><p>"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant</p><p>"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library</p><p>"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer</p><p>"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35</p><p>"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in</p><p>"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7</p><p>"{3256C48C-78D0-4FC6-A0F5-81ADF3A9D7D4}" = AVG 2013</p><p>"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2</p><p>"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup</p><p>"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset</p><p>"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista</p><p>"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile</p><p>"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3</p><p>"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting</p><p>"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go</p><p>"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module</p><p>"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7</p><p>"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply</p><p>"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater</p><p>"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter</p><p>"{4D9C7DA3-D532-432D-A556-5F6CD186B0A5}" = DJ_AIO_03_F4200_ProductContext</p><p>"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper</p><p>"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements</p><p>"{5D412B61-F3A7-42C6-9C07-29BBD3D442B1}" = AVG 2013</p><p>"{612F4E20-3661-4D44-AD79-823F1B613FB3}" = HP Update</p><p>"{63505193-EE81-450B-9F74-B1F25FAE64B7}" = Rand McNally SGDE Engine V6.40</p><p>"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2</p><p>"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites</p><p>"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module</p><p>"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library</p><p>"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder</p><p>"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm</p><p>"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder</p><p>"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable</p><p>"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053</p><p>"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com</p><p>"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update</p><p>"{7A98467A-CB99-4DCA-ACF6-A826F902D849}" = Rand McNally Street Guide Sacramento & Solano Counties</p><p>"{7C118AFD-6E0F-45DD-BD5A-3D96BBD1DFAA}" = Rand McNally Street Guide Sacramento & Solano Counties</p><p>"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01</p><p>"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module</p><p>"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01</p><p>"{846DDADA-0239-4B67-A6B1-33658863793B}" = HPTCSSetup</p><p>"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder</p><p>"{87FF0E39-8490-4EB4-A557-FF12F712EF7E}" = TurboTax 2010 wcaiper</p><p>"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver</p><p>"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight</p><p>"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport</p><p>"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007</p><p>"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)</p><p>"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007</p><p>"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)</p><p>"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007</p><p>"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)</p><p>"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007</p><p>"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)</p><p>"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007</p><p>"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)</p><p>"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007</p><p>"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)</p><p>"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system</p><p>"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007</p><p>"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007</p><p>"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)</p><p>"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007</p><p>"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)</p><p>"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007</p><p>"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)</p><p>"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In</p><p>"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007</p><p>"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)</p><p>"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery</p><p>"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)</p><p>"{96384578-C6A2-4EC6-92CD-B62A60713040}" = Microsoft Live Search Toolbar</p><p>"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant</p><p>"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161</p><p>"{9DBCE8C7-FE94-4D8F-9FF0-38EF3D8BC99E}" = DJ_AIO_03_F4200_Software</p><p>"{A036E231-5A03-4d63-94F6-7864CC77EC48}" = PS_AIO_ProductContext</p><p>"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status</p><p>"{A11409F1-CD33-4076-85CB-4EE4A8439BFE}" = Scan</p><p>"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine</p><p>"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper</p><p>"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)</p><p>"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player</p><p>"{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}" = HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3</p><p>"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime</p><p>"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan</p><p>"{B040FEFE-B45F-4e30-B3C6-035F53F544A9}" = c4200_Help</p><p>"{B22C19AE-6A67-4f28-B541-5AE72FB17A25}" = HP Photosmart All-In-One Software 9.0</p><p>"{B29B526D-F027-4122-BC7A-D9E5BC86CC40}" = DJ_AIO_03_F4200_Software_Min</p><p>"{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118</p><p>"{B9F3A6E6-9C77-4535-9ED9-B16C1EBDFEC2}" = C4200</p><p>"{BE50CAF7-C98E-4242-B476-C1BCEFC6E22E}" = Rand McNally SGDE Search Databases</p><p>"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program</p><p>"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant</p><p>"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint</p><p>"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector</p><p>"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg</p><p>"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1</p><p>"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library</p><p>"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component</p><p>"{D719E8F1-6931-40b4-AC0B-5FE2C097F995}" = C4200_doccd</p><p>"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal</p><p>"{E39A3770-3DDE-404c-B91F-3522947874A3}" = PS_AIO_Software_min</p><p>"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219</p><p>"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support</p><p>"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE</p><p>"{FA4FA322-5C90-4d2b-A019-9E588273DED5}" = PS_AIO_Software</p><p>"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites</p><p>"Adobe AIR" = Adobe AIR</p><p>"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX</p><p>"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin</p><p>"AVG" = AVG 2013</p><p>"AVG Secure Search" = AVG Security Toolbar</p><p>"Canon MP280 series User Registration" = Canon MP280 series User Registration</p><p>"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program</p><p>"CanonMyPrinter" = Canon My Printer</p><p>"CanonSolutionMenuEX" = Canon Solution Menu EX</p><p>"CCleaner" = CCleaner</p><p>"CNXT_AUDIO_HDA" = Conexant HD Audio</p><p>"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP</p><p>"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com</p><p>"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX</p><p>"Easy-WebPrint EX" = Canon Easy-WebPrint EX</p><p>"HDMI" = Intel(R) Graphics Media Accelerator Driver</p><p>"HOMESTUDENTR" = Microsoft Office Home and Student 2007</p><p>"HP Imaging Device Functions" = HP Imaging Device Functions 9.0</p><p>"HP Photosmart Essential" = HP Photosmart Essential 2.01</p><p>"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0</p><p>"HPExtendedCapabilities" = HP Customer Participation Program 9.0</p><p>"HPOCR" = HP OCR Software 9.0</p><p>"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite</p><p>"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go</p><p>"InstallShield_{7A98467A-CB99-4DCA-ACF6-A826F902D849}" = Rand McNally Street Guide Sacramento & Solano Counties</p><p>"InstallShield_{7C118AFD-6E0F-45DD-BD5A-3D96BBD1DFAA}" = Rand McNally Street Guide Sacramento & Solano Counties</p><p>"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint</p><p>"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector</p><p>"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300</p><p>"McAfee Security Scan" = McAfee Security Scan Plus</p><p>"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1</p><p>"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile</p><p>"Mozilla Firefox 15.0.1 (x86 en-US)" = Mozilla Firefox 15.0.1 (x86 en-US)</p><p>"MozillaMaintenanceService" = Mozilla Maintenance Service</p><p>"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0</p><p>"SynTPDeinstKey" = Synaptics Pointing Device Driver</p><p>"TurboTax 2010" = TurboTax 2010</p><p>"WiseConvert Toolbar" = WiseConvert Toolbar</p><p> </p><p><span style="color: #E56717">========== HKEY_USERS Uninstall List ==========</span></p><p> </p><p>[HKEY_USERS\S-1-5-21-4156696597-1341229448-2497781583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]</p><p>"GoToMeeting" = GoToMeeting 5.1.0.880</p><p> </p><p><span style="color: #E56717">========== Last 20 Event Log Errors ==========</span></p><p> </p><p>[ Application Events ]</p><p>Error - 12/18/2012 5:43:21 PM | Computer Name = owner-PC | Source = WinMgmt | ID = 10</p><p>Description = </p><p> </p><p>Error - 12/18/2012 5:47:32 PM | Computer Name = owner-PC | Source = WinMgmt | ID = 10</p><p>Description = </p><p> </p><p>Error - 12/18/2012 5:55:10 PM | Computer Name = owner-PC | Source = Application Error | ID = 1000</p><p>Description = Faulting application avgidsagent.exe, version 13.0.0.2792, time stamp</p><p> 0x50993b63, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e,</p><p> exception code 0xc0000005, fault offset 0x0001025a, process id 0x1b0, application</p><p> start time 0x01cddd693f91ad65.</p><p> </p><p>Error - 12/19/2012 3:04:30 PM | Computer Name = owner-PC | Source = WinMgmt | ID = 10</p><p>Description = </p><p> </p><p>Error - 12/25/2012 12:21:57 PM | Computer Name = owner-PC | Source = WinMgmt | ID = 10</p><p>Description = </p><p> </p><p>Error - 12/26/2012 2:07:40 AM | Computer Name = owner-PC | Source = WinMgmt | ID = 10</p><p>Description = </p><p> </p><p>Error - 12/28/2012 3:44:13 AM | Computer Name = owner-PC | Source = Application Error | ID = 1000</p><p>Description = Faulting application iexplore.exe, version 9.0.8112.16457, time stamp</p><p> 0x50a2f9e3, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5,</p><p> exception code 0xc0000005, fault offset 0x00066e5f, process id 0xebc, application</p><p> start time 0x01cde32f61174f10.</p><p> </p><p>Error - 12/28/2012 3:49:48 AM | Computer Name = owner-PC | Source = WinMgmt | ID = 10</p><p>Description = </p><p> </p><p>Error - 12/28/2012 3:52:19 AM | Computer Name = owner-PC | Source = EventSystem | ID = 4609</p><p>Description = </p><p> </p><p>Error - 12/28/2012 3:52:26 AM | Computer Name = owner-PC | Source = WinMgmt | ID = 10</p><p>Description = </p><p> </p><p>Error - 12/28/2012 5:14:51 AM | Computer Name = owner-PC | Source = WinMgmt | ID = 10</p><p>Description = </p><p> </p><p>[ System Events ]</p><p>Error - 12/28/2012 1:18:20 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7006</p><p>Description = </p><p> </p><p>Error - 12/28/2012 1:42:04 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7000</p><p>Description = </p><p> </p><p>Error - 12/28/2012 1:42:04 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7006</p><p>Description = </p><p> </p><p>Error - 12/28/2012 1:42:04 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7006</p><p>Description = </p><p> </p><p>Error - 12/28/2012 4:43:49 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7006</p><p>Description = </p><p> </p><p>Error - 12/28/2012 9:47:57 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7000</p><p>Description = </p><p> </p><p>Error - 12/28/2012 9:47:57 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7006</p><p>Description = </p><p> </p><p>Error - 12/28/2012 9:56:46 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7006</p><p>Description = </p><p> </p><p>Error - 12/29/2012 2:34:22 AM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7000</p><p>Description = </p><p> </p><p>Error - 12/29/2012 2:34:22 AM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7006</p><p>Description = </p><p> </p><p> </p><p>< End of report ></p><p></p><p>It doesn't affect my Firefox...</p><p>You did a great job on my Win 7 Defender virus...!!</p></blockquote><p></p>
[QUOTE="ArizEagle, post: 92342, member: 4153"] Here are the results of the OTL Scan: OTL logfile created on: 12/29/2012 1:42:52 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Downloads Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.90 Gb Total Physical Memory | 1.31 Gb Available Physical Memory | 45.05% Memory free 6.85 Gb Paging File | 5.21 Gb Available in Paging File | 76.03% Paging File free Paging file location(s): c:\pagefile.sys 4096 4096 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 138.70 Gb Total Space | 83.84 Gb Free Space | 60.44% Space Free | Partition Type: NTFS Drive D: | 10.34 Gb Total Space | 1.78 Gb Free Space | 17.17% Space Free | Partition Type: NTFS Computer Name: OWNER-PC | User Name: owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - File not found PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (Adobe Systems, Inc.) PRC - C:\Program Files\AVG Secure Search\vprot.exe () PRC - C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG2013\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG2013\avgemcx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG2013\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe () PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.) PRC - C:\Program Files\Canon\IJPLM\ijplmsvc.exe () PRC - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) PRC - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\SMINST\BLService.exe () [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_135.dll () MOD - C:\Program Files\AVG Secure Search\vprot.exe () MOD - C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll () MOD - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll () MOD - C:\Program Files\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Program Files\OpenOffice.org 3\program\libxslt.dll () [color=#E56717]========== Services (SafeList) ==========[/color] SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) SRV - (avgwd) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (vToolbarUpdater13.2.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe () SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe (McAfee, Inc.) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (IntuitUpdateService) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.) SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe () SRV - (Recovery Service for Windows) -- C:\Program Files\SMINST\BLService.exe () SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. ) DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies) DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. ) DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.) DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. ) DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (IntcHdmiAddService) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.) DRV - (NETw3v32) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb IE - HKLM\..\URLSearchHook: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {7DC7C2A9-63BE-4EDF-99EF-028F49D65B85} IE - HKLM\..\SearchScopes\{7DC7C2A9-63BE-4EDF-99EF-028F49D65B85}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF IE - HKLM\..\SearchScopes\{86336D6B-C1D5-4EC7-B038-A0D3290449FD}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscql IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\URLSearchHook: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.) IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\SearchScopes\{1B51FEB4-E04C-4DD1-AFC1-4F0ABD02ED51}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\SearchScopes\{7DC7C2A9-63BE-4EDF-99EF-028F49D65B85}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={1DD32051-58E8-4EEB-A7B5-F47D5D4FE0DA}&mid=ce0793b5593c47d6a4e6d156509fa4c0-ff9a8face4ef37f8745aabf7f6f2f7468451d1c4&lang=en&ds=AVG&pr=fr&d=2012-10-18 14:33:56&v=13.2.0.1&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\SearchScopes\{C2A2DF2E-0DFC-4A92-9995-01E0AC03C069}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716 IE - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search" FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35 FF - prefs.js..extensions.enabledAddons: avg@toolbar:13.2.0.5 FF - prefs.js..keyword.URL: "https://isearch.avg.com/search?cid={1DD32051-58E8-4EEB-A7B5-F47D5D4FE0DA}&mid=ce0793b5593c47d6a4e6d156509fa4c0-ff9a8face4ef37f8745aabf7f6f2f7468451d1c4&lang=en&ds=AVG&pr=fr&d=2012-10-18 14:33:56&v=13.2.0.1&sap=ku&q=" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012/11/10 01:58:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/27 13:33:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/29 20:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\Mozilla\Extensions [2012/11/19 12:57:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\ivp0wbj8.default\extensions [2012/10/17 23:39:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/09/18 07:21:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012/12/29 00:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions [2012/12/29 00:02:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012/12/29 00:02:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012/11/10 01:58:10 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\13.2.0.5 [2012/09/23 08:35:50 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/11/10 01:57:56 | 000,003,571 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2012/09/23 08:35:49 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/09/23 08:35:49 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2006/09/18 13:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.) O2 - BHO: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found. O3 - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..\Toolbar\WebBrowser: (WiseConvert Toolbar) - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [ROC_roc_ssl_v12] C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe () O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O13 - gopher Prefix: missing O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet) O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet) O15 - HKU\S-1-5-21-4156696597-1341229448-2497781583-1000\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2AFB4E5-A1E8-415B-A7B3-A433B3227715}: DhcpNameServer = 75.75.75.75 75.75.76.76 O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll () O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\owner\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\Users\owner\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/12/28 23:13:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL(2).exe [2012/12/27 23:44:20 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\CrashDumps [2012/12/27 23:38:38 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2012/12/27 23:38:33 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\Conduit [2012/12/27 23:38:10 | 000,000,000 | ---D | C] -- C:\Program Files\WiseConvert [2012/12/25 14:19:46 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012/12/25 14:19:46 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012/12/11 14:43:27 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012/12/11 14:43:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012/12/11 14:43:25 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012/12/11 14:43:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012/12/11 14:43:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012/12/11 14:43:24 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012/12/11 14:43:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012/12/11 14:43:22 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012/12/11 14:41:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll [2012/12/11 14:41:17 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll [2012/12/11 14:41:17 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys [2012/12/11 14:41:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll [2012/12/11 14:41:15 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll [2012/12/11 14:41:15 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll [2012/12/11 14:37:10 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012/12/11 14:37:09 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll [2012/12/11 14:37:09 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe [2012/12/11 14:36:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2012/12/10 11:59:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2012/12/01 08:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/12/29 01:46:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/12/29 01:36:59 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/12/29 00:33:57 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/12/29 00:33:57 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/12/28 23:15:33 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/12/28 23:15:33 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/12/28 23:13:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL(2).exe [2012/12/28 22:34:07 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/12/28 22:33:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/12/28 22:33:45 | 3119,722,496 | -HS- | M] () -- C:\hiberfil.sys [2012/12/27 23:49:00 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForowner.job [2012/12/26 14:30:43 | 000,034,043 | ---- | M] () -- C:\Users\owner\Documents\Homes - Carmichael - 2012.ods [2012/12/26 12:19:30 | 000,306,332 | ---- | M] () -- C:\Users\owner\Documents\Medjugorie Message.odt [2012/12/26 00:01:01 | 000,128,416 | ---- | M] () -- C:\Users\owner\Documents\Deck of Cards.odt [2012/12/25 22:07:04 | 000,351,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/12/25 08:37:22 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012/12/25 08:37:22 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012/12/16 05:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012/12/16 02:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012/12/10 11:59:54 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk [2012/12/01 08:06:42 | 000,001,871 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2012/12/01 08:06:42 | 000,001,871 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/12/28 09:16:40 | 3119,722,496 | -HS- | C] () -- C:\hiberfil.sys [2012/12/11 14:41:29 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012/12/11 14:41:29 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012/07/15 21:41:17 | 000,001,072 | ---- | C] () -- C:\Users\owner\AppData\Roaming\wklnhst.dat [2012/06/21 00:18:33 | 000,033,758 | ---- | C] () -- C:\Users\owner\AppData\Local\dt.dat [2011/07/01 05:48:46 | 000,060,304 | ---- | C] () -- C:\Users\owner\g2mdlhlpx.exe [2011/05/13 07:52:05 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2011/05/13 07:52:05 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2011/04/16 15:51:27 | 000,139,791 | ---- | C] () -- C:\Windows\hpoins15.dat [2010/05/15 09:30:04 | 000,004,608 | ---- | C] () -- C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/04/23 01:01:27 | 000,000,284 | ---- | C] () -- C:\ProgramData\hpqp.ini [color=#E56717]========== ZeroAccess Check ==========[/color] [2006/11/02 04:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 09:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 22:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 22:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > Here is the OTL Extra file: OTL Extras logfile created on: 12/29/2012 1:42:52 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Downloads Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.90 Gb Total Physical Memory | 1.31 Gb Available Physical Memory | 45.05% Memory free 6.85 Gb Paging File | 5.21 Gb Available in Paging File | 76.03% Paging File free Paging file location(s): c:\pagefile.sys 4096 4096 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 138.70 Gb Total Space | 83.84 Gb Free Space | 60.44% Space Free | Partition Type: NTFS Drive D: | 10.34 Gb Total Space | 1.78 Gb Free Space | 17.17% Space Free | Partition Type: NTFS Computer Name: OWNER-PC | User Name: owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4156696597-1341229448-2497781583-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4156696597-1341229448-2497781583-1000] "EnableNotifications" = 0 "EnableNotificationsRef" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00CB93EF-0717-4C20-AAE7-DCCD3D9AD48B}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdater.exe | "{1A9BA254-91CA-4E3F-AED8-3C88D4C1877D}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdateservice.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00F1A93B-502C-449E-AA33-4161A25D37DF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{075D420D-A659-4966-A214-7B9D6793D810}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{15612316-5D26-4960-AEFB-6D6BB1FBADAE}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | "{2FFD9B92-AD55-40F5-B9FF-7637C2EAF603}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | "{35D96FB4-3233-490C-A3AF-3FAFD97B2F63}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | "{3AA85B49-F91A-4308-9E3F-7A816C34CFB4}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{4ED40416-09F8-4F1C-8BB4-2F9DBA1787E5}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "{4F17C458-0B27-4C1E-9425-81C15FB932F9}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | "{56D49D58-36C8-4AAB-84BA-112ADBB14EF4}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | "{67942ACE-3121-4911-897D-D6DEE6BCC36E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "{7023FFA7-035D-44F0-831C-364E6404FA3D}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{A6F823F0-2B58-4A4D-9AAD-CA63DCD2F495}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{B41EA4AD-7BEB-49BB-B34D-7F97355875C8}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | "{CA591556-87B5-40C2-8CCB-3B73F63BCED6}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | "{D53B8B7E-D3B8-4479-B152-393894654F29}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{DCC24E8D-3905-464F-95CA-8DE3303962D5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | "{E4756FD8-1EA7-4A0D-AAEF-334DBEBC3DAE}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{F3B215A1-F050-4DEE-932D-30EA7D61BEBD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "TCP Query User{B9500B90-7B5E-40B7-A325-1CA43135CBFA}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{148D1F22-A3EE-4354-A4AF-D9961786BE44}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support "{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox "{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers "{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch "{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy "{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer "{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{3256C48C-78D0-4FC6-A0F5-81ADF3A9D7D4}" = AVG 2013 "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2 "{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup "{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3 "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7 "{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4D9C7DA3-D532-432D-A556-5F6CD186B0A5}" = DJ_AIO_03_F4200_ProductContext "{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper "{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements "{5D412B61-F3A7-42C6-9C07-29BBD3D442B1}" = AVG 2013 "{612F4E20-3661-4D44-AD79-823F1B613FB3}" = HP Update "{63505193-EE81-450B-9F74-B1F25FAE64B7}" = Rand McNally SGDE Engine V6.40 "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7A98467A-CB99-4DCA-ACF6-A826F902D849}" = Rand McNally Street Guide Sacramento & Solano Counties "{7C118AFD-6E0F-45DD-BD5A-3D96BBD1DFAA}" = Rand McNally Street Guide Sacramento & Solano Counties "{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01 "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module "{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01 "{846DDADA-0239-4B67-A6B1-33658863793B}" = HPTCSSetup "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{87FF0E39-8490-4EB4-A557-FF12F712EF7E}" = TurboTax 2010 wcaiper "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{96384578-C6A2-4EC6-92CD-B62A60713040}" = Microsoft Live Search Toolbar "{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9DBCE8C7-FE94-4D8F-9FF0-38EF3D8BC99E}" = DJ_AIO_03_F4200_Software "{A036E231-5A03-4d63-94F6-7864CC77EC48}" = PS_AIO_ProductContext "{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status "{A11409F1-CD33-4076-85CB-4EE4A8439BFE}" = Scan "{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4) "{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player "{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}" = HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3 "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan "{B040FEFE-B45F-4e30-B3C6-035F53F544A9}" = c4200_Help "{B22C19AE-6A67-4f28-B541-5AE72FB17A25}" = HP Photosmart All-In-One Software 9.0 "{B29B526D-F027-4122-BC7A-D9E5BC86CC40}" = DJ_AIO_03_F4200_Software_Min "{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118 "{B9F3A6E6-9C77-4535-9ED9-B16C1EBDFEC2}" = C4200 "{BE50CAF7-C98E-4242-B476-C1BCEFC6E22E}" = Rand McNally SGDE Search Databases "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library "{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component "{D719E8F1-6931-40b4-AC0B-5FE2C097F995}" = C4200_doccd "{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal "{E39A3770-3DDE-404c-B91F-3522947874A3}" = PS_AIO_Software_min "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support "{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE "{FA4FA322-5C90-4d2b-A019-9E588273DED5}" = PS_AIO_Software "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AVG" = AVG 2013 "AVG Secure Search" = AVG Security Toolbar "Canon MP280 series User Registration" = Canon MP280 series User Registration "CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program "CanonMyPrinter" = Canon My Printer "CanonSolutionMenuEX" = Canon Solution Menu EX "CCleaner" = CCleaner "CNXT_AUDIO_HDA" = Conexant HD Audio "CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX "Easy-WebPrint EX" = Canon Easy-WebPrint EX "HDMI" = Intel(R) Graphics Media Accelerator Driver "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP Imaging Device Functions" = HP Imaging Device Functions 9.0 "HP Photosmart Essential" = HP Photosmart Essential 2.01 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 9.0 "HPOCR" = HP OCR Software 9.0 "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{7A98467A-CB99-4DCA-ACF6-A826F902D849}" = Rand McNally Street Guide Sacramento & Solano Counties "InstallShield_{7C118AFD-6E0F-45DD-BD5A-3D96BBD1DFAA}" = Rand McNally Street Guide Sacramento & Solano Counties "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300 "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mozilla Firefox 15.0.1 (x86 en-US)" = Mozilla Firefox 15.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "MP Navigator EX 4.0" = Canon MP Navigator EX 4.0 "SynTPDeinstKey" = Synaptics Pointing Device Driver "TurboTax 2010" = TurboTax 2010 "WiseConvert Toolbar" = WiseConvert Toolbar [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-4156696597-1341229448-2497781583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GoToMeeting" = GoToMeeting 5.1.0.880 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 12/18/2012 5:43:21 PM | Computer Name = owner-PC | Source = WinMgmt | ID = 10 Description = Error - 12/18/2012 5:47:32 PM | Computer Name = owner-PC | Source = WinMgmt | ID = 10 Description = Error - 12/18/2012 5:55:10 PM | Computer Name = owner-PC | Source = Application Error | ID = 1000 Description = Faulting application avgidsagent.exe, version 13.0.0.2792, time stamp 0x50993b63, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e, exception code 0xc0000005, fault offset 0x0001025a, process id 0x1b0, application start time 0x01cddd693f91ad65. Error - 12/19/2012 3:04:30 PM | Computer Name = owner-PC | Source = WinMgmt | ID = 10 Description = Error - 12/25/2012 12:21:57 PM | Computer Name = owner-PC | Source = WinMgmt | ID = 10 Description = Error - 12/26/2012 2:07:40 AM | Computer Name = owner-PC | Source = WinMgmt | ID = 10 Description = Error - 12/28/2012 3:44:13 AM | Computer Name = owner-PC | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 9.0.8112.16457, time stamp 0x50a2f9e3, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x00066e5f, process id 0xebc, application start time 0x01cde32f61174f10. Error - 12/28/2012 3:49:48 AM | Computer Name = owner-PC | Source = WinMgmt | ID = 10 Description = Error - 12/28/2012 3:52:19 AM | Computer Name = owner-PC | Source = EventSystem | ID = 4609 Description = Error - 12/28/2012 3:52:26 AM | Computer Name = owner-PC | Source = WinMgmt | ID = 10 Description = Error - 12/28/2012 5:14:51 AM | Computer Name = owner-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 12/28/2012 1:18:20 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7006 Description = Error - 12/28/2012 1:42:04 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7000 Description = Error - 12/28/2012 1:42:04 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7006 Description = Error - 12/28/2012 1:42:04 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7006 Description = Error - 12/28/2012 4:43:49 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7006 Description = Error - 12/28/2012 9:47:57 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7000 Description = Error - 12/28/2012 9:47:57 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7006 Description = Error - 12/28/2012 9:56:46 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7006 Description = Error - 12/29/2012 2:34:22 AM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7000 Description = Error - 12/29/2012 2:34:22 AM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7006 Description = < End of report > It doesn't affect my Firefox... You did a great job on my Win 7 Defender virus...!! [/QUOTE]
Insert quotes…
Verification
Post reply
Top