Hello, I found the solution to my issue on your site. At this lnk: http://malwaretips.com/blogs/pc-speed-up-virus/#adwcleaner I have gotten to Step 2, but cannot complete the step. First, when I clicked on the link for AdwCleaner (on the infected computer AND this computer) it gave me an error message to which I dont remember. So I just keyed in AdwCleaner and found it on Bleepingcomputer.com and CNET. I chose CNET because Ive downloaded from them before. I downloaded the program and installed it, but cannot find it on this computer or the infected one. When I downloaded it to the infected one, however, it said that I already have it installed and needed to install an update and it took me here https://toolslib.net/downloads/viewdownload/1-adwcleaner/. From doing some research, this is NOT the correct download link, its a FAKE. The screenshot doesnt look like the screenshot you provided and I found a site that said if the screenshot looks like this, its Fake. So now I am stuck. Now, if I click on the link from your site from either of my computers, it takes me to this back link. I really want to do this myself because it would be a lot faster. Please help resolve this download issue. Thanks!
Using your Uninstall guide to no avil. Stuck on Step 2!
- Thread starter okstout4
- Start date
- Status
- Mar 8, 2013
- 22,627
Hello,
They call me TwinHeadedEagle around here, and I'll be working with you.
Before we start please read and note the following:
Rules and policies
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
Scan with Farbar Recovery Scan Tool
Please download Farbar Recovery Scan Tool and save it to your desktop.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
They call me TwinHeadedEagle around here, and I'll be working with you.
Before we start please read and note the following:
- At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
- Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
- Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
- Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
- All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
- If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
- I visit forum several times at day, making sure to respond to everyone's topic as fast as possible. But bear in mind that I have private life like everyone and I cannot be here 24/7. So please be patient with me. Also, some infections require less, and some more time to be removed completely, so bear this in mind and be patient.
- Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. If you solved your problem yourself, set aside two minutes to let me know.
- Please attach all report using
button below. Doing this, you make it easier for me to analyze and fix your problem.
- Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay for the repair.
- If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
Please download Farbar Recovery Scan Tool and save it to your desktop.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
- Double-click to run it. When the tool opens click Yes to disclaimer.
- Press Scan button.
- It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
- The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Custom User (administrator) on EXPRESS-1 on 29-03-2015 17:19:40
Running from C:\Documents and Settings\Custom User\My Documents\Downloads
Loaded Profiles: Custom User (Available profiles: Custom User & Administrator & Guest)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Ran by Custom User (administrator) on EXPRESS-1 on 29-03-2015 17:19:40
Running from C:\Documents and Settings\Custom User\My Documents\Downloads
Loaded Profiles: Custom User (Available profiles: Custom User & Administrator & Guest)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Last edited by a moderator:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Custom User at 2015-03-29 17:22:27
Running from C:\Documents and Settings\Custom User\My Documents\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Anti-Virus Free Edition 2011 (Enabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1990.41618 - ABBYY Software House)
ACID Music Studio 8.0 (HKLM\...\{E97C937C-AE21-453D-86A0-A231507543D1}) (Version: 8.0.178 - Sony)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (Version: 6.0.2.0 - Your Company Name) Hidden
aioscnnr (Version: 7.6.13.10 - Your Company Name) Hidden
Amazon MP3 Downloader 1.0.17 (HKLM\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon MP3 Uploader (HKLM\...\com.amazon.music.uploader) (Version: 1.0.1 - Amazon Services LLC)
Amazon MP3 Uploader (Version: 1.0.1 - Amazon Services LLC) Hidden
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Print Creations - Album Page (HKLM\...\{E6B4117F-AC59-4B13-9274-EB136E8897EE}) (Version: - ArcSoft)
ArcSoft Print Creations - Funhouse (HKLM\...\{9591C049-5CAE-4E89-A8D9-191F1899628B}) (Version: - ArcSoft)
ArcSoft Print Creations - Greeting Card (HKLM\...\{F04F9557-81A9-4293-BC49-2C216FA325A7}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Book (HKLM\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Calendar (HKLM\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version: - ArcSoft)
ArcSoft Print Creations - Scrapbook (HKLM\...\{B0D83FCD-9D42-43ED-8315-250326AADA02}) (Version: - ArcSoft)
ArcSoft Print Creations - Slimline Card (HKLM\...\{007B37D9-0C45-4202-834B-DD5FAAE99D63}) (Version: - ArcSoft)
ArcSoft Print Creations (HKLM\...\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}) (Version: 2.8.255.384 - ArcSoft)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.32 - Atheros Communications Inc.)
AVG 2011 (HKLM\...\AVG) (Version: 10.0.1434 - AVG Technologies)
AVG 2011 (Version: 10.0.1434 - AVG Technologies) Hidden
AVG 2011 (Version: 10.0.4311 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Catalina Savings Printer (HKLM\...\{4956ACE3-F537-4418-BB45-FD52395275A7}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
CCScore (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
center (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Citrix online plug-in - web (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 11.2.0.31560 - Citrix Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Computer Requirements 1.0 (HKLM\...\{BA3582A0-2DE0-4DB8-8B74-CD34AC193F9B}_is1) (Version: - Furst Person)
Cricut (TM) Driver v2.01 (HKLM\...\Cricut (TM) Driver v2.01) (Version: 2.01 - Provo Craft & Novelty, Inc.)
Cricut Craft Room® (HKLM\...\com.cricut.Cricut-CraftRoom) (Version: v1.0 build-179 - Provo Craft & Novelty, Inc.)
Cricut Craft Room® (Version: 1.0.179 - Provo Craft & Novelty, Inc.) Hidden
Data Access Objects (DAO) 3.5 (HKLM\...\Data Access Objects (DAO) 3.5) (Version: - )
Download Updater (AOL LLC) (HKLM\...\SoftwareUpdUtility) (Version: - ) <==== ATTENTION
Driver Genius Professional Edition (HKLM\...\Driver Genius Professional Edition_is1) (Version: - Driver-Soft Inc.)
Dropbox (HKU\S-1-5-21-1547161642-1343024091-839522115-1007\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.1319 - CyberLink Corporation)
Elements 10 Organizer (Version: 10.0 - Adobe Systems Incorporated) Hidden
Elevated Installer (Version: 2.1.11 - Garmin Ltd or its subsidiaries) Hidden
emaze PowerPoint Add-In (HKU\S-1-5-21-1547161642-1343024091-839522115-1007\...\emaze PowerPoint Add-In) (Version: 1.1 - emaze.com)
ESSBrwr (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCDBK (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESScore (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
essentials (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
ESSgui (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSini (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPCD (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSTOOLS (Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
essvatgt (Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
Everio MediaBrowser 3 (HKLM\...\{548F12A2-BD2E-4B5A-9B62-BBC0AA8EB3DD}) (Version: 3.00.130 - PIXELA)
Facebook Plug-In (HKU\S-1-5-21-1547161642-1343024091-839522115-1007\...\Facebook Plug-In) (Version: - Facebook, Inc.)
Flash Player Pro V5.4 (HKLM\...\Flash Player Pro_is1) (Version: - FlashPlayerPro.com)
Garmin Communicator Plugin (HKLM\...\{13F054F3-0B07-4D15-9E80-C55B496AB557}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{22cb5aae-d413-47c3-9710-95a7d3c3027d}) (Version: 2.1.11 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 2.1.11 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.1.11 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (Version: 2.1.11 - Garmin Ltd or its subsidiaries) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 4.8.0.723 (HKU\S-1-5-21-1547161642-1343024091-839522115-1007\...\GoToMeeting) (Version: 4.8.0.723 - CitrixOnline)
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
Highlightly (HKLM\...\Highlightly) (Version: 1.9.0.2 - Highlightly) <==== ATTENTION
iTunes (HKLM\...\{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company)
Kodak EasyShare software (HKLM\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version: - Eastman Kodak Company)
LOTR The Return of the King tm (HKLM\...\{6E298B0A-558C-4138-0096-740677B382CD}) (Version: - )
Malwarebytes' Anti-Malware version 1.51.1.1800 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.51.1.1800 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Live Meeting 2007 (HKLM\...\{AC388C78-2619-452C-BFBE-FABCC3194387}) (Version: 8.0.6362.149 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Publisher 2010 (HKLM\...\Office14.PUBLISHERR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60531.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.52 (HKLM\...\WebPost) (Version: - )
MobileMe Control Panel (HKLM\...\{5A9AA2C0-972F-4239-AA41-E409434194D5}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 28.0 (x86 en-US) (HKLM\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (HKLM\...\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}) (Version: 6.10.1129.0 - Microsoft Corporation)
Neat (HKLM\...\Neat) (Version: 5.1.29.304 - The Neat Company)
Neat ADF Scanner 2008 Driver (HKLM\...\{A4A42670-82B9-4A58-8955-20271DBBF29F}) (Version: 2.0.0.61 - The Neat Company)
Neat ADF Scanner Driver (HKLM\...\{58155B30-6BE9-4268-A059-149629149C63}) (Version: 2.0.2.1 - The Neat Company)
Neat Core Files (Version: 5.1.29.304 - The Neat Company) Hidden
Neat Mobile Scanner (Silver) Driver (HKLM\...\{6EDB3FC5-8B7C-422A-B4FB-1D919F44F2C0}) (Version: 2.0.0.63 - The Neat Company)
Neat Mobile Scanner 2008 Driver (HKLM\...\{57F5920A-9897-4830-BD4A-BE85DA9734FF}) (Version: 2.0.0.69 - The Neat Company)
Neat Mobile Scanner Driver (HKLM\...\{11A53AF3-CAA5-4C29-887E-CCA7CEE2689B}) (Version: 2.0.1.2 - The Neat Company)
Nectarphone 1.5.20 (HKLM\...\Nectarphone 1.5_is1) (Version: - Nectar Services Corp)
Nero 7 Essentials (HKLM\...\{45B3A3BD-F90D-48FE-A147-D74878A51033}) (Version: 7.03.0920 - Nero AG)
netbrdg (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9621 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.00 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{8AAB4176-A747-493A-A42C-B63CFADFD8E3}) (Version: 9.09.0010 - NVIDIA Corporation)
ocr (Version: 6.2.3.50 - Eastman Kodak Company) Hidden
office Convert Pdf to Jpg Jpeg Tiff Free 6.4 (HKLM\...\office Convert Pdf to Jpg Jpeg Tiff Free_is1) (Version: - Officeconvert Software, Inc.)
OfotoXMI (Version: 8.02.1000.0001 - EASTMAN KODAK Company) Hidden
OpenOffice.org 3.1 (HKLM\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9420 - OpenOffice.org)
PANTECH Handset USB Driver V2 (HKLM\...\{5B5FE75F-A999-45e7-AE6B-5B85E1DD0577}) (Version: 1.1.4583.1215 - PANTECH CO,.LTD)
Pantech PCSuite (HKLM\...\{9B3F33D3-E2BC-4BAE-93AB-41700072F680}) (Version: 1.0 - Pantech)
Pantech PCSuite (Version: 1.0 - Pantech) Hidden
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
Platform (Version: 1.39 - VIA Technologies, Inc.) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - CyberLink Corporation)
PreReq (Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
PSE10 STI Installer (Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RapidPlayer v5.0 ActiveX Control (HKLM\...\{31C2F32D-C5DD-4583-8181-B48591CA231C}) (Version: - )
Reader Rabbit(R) Reading Ages 6-9 (HKLM\...\Reader Rabbit(R) Reading Ages 6-9) (Version: - )
RealDownloader (Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6167 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Rhapsody (HKLM\...\Rhapsody) (Version: - )
Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.2.5 - Roxio)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Send To Neat (HKLM\...\{F9C52512-F5AB-4CA8-8E35-6396797DD72A}) (Version: 1.1.0.0 - The Neat Company)
Serif PagePlus Starter Edition (HKLM\...\{FC6336EC-E007-4E60-A0B7-7EF2B54F6535}) (Version: 2.0.1.007 - Serif (Europe) Ltd)
SFR (Version: 8.01.0000.0001 - Eastman Kodak Company) Hidden
SHASTA (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
skin0001 (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
SKINXSDK (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
staticcr (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
System Requirements Lab (HKLM\...\{9EBDAF91-DADA-47CE-94F2-F5B004007934}) (Version: 4.1.13.0 - Husdawg, LLC)
VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VisualBee for Microsoft PowerPoint (HKU\S-1-5-21-1547161642-1343024091-839522115-1007\...\VisualBee for Microsoft PowerPoint) (Version: V4.1 - VisualBee.com)
VLC media player 1.0.1 (HKLM\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
VPRINTOL (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (04/10/2012 2.08.24) (HKLM\...\4C8545EEB6143B6AD3858B5D1E0AEE76040B1435) (Version: 04/10/2012 2.08.24 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (04/10/2012 2.08.24) (HKLM\...\6849F67BACD4DA5A5B9D46803E6850D0BE8B3826) (Version: 04/10/2012 2.08.24 - FTDI)
Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) (HKLM\...\6194C28A8F62DD817EA1B918E6E46E806A21B452) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) (HKLM\...\65B6FE5418CE28F4D72543FB2D964C3CEC83F161) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 20080509.140000 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WIRELESS (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Yahoo! BrowserPlus 2.9.8 (HKU\S-1-5-21-1547161642-1343024091-839522115-1007\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.)
Zip Motion Block Video codec (Remove Only) (HKLM\...\ZMBV) (Version: - )
Zune (HKLM\...\Zune) (Version: 04.07.1404.00 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{40F576AD-8680-4F9E-9490-99D069CD665F}\InprocServer32 -> C:\Program Files\SystemRequirementsLab\sysreqlabdetect.dll (Husdawg, LLC)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{6CE4B8A6-4DB5-4F63-8013-1197503692EF}\InprocServer32 -> C:\Documents and Settings\Custom User\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\YBPAddon_2.9.8.dll (Yahoo! Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\723\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{9FCC5E91-62B3-6BD7-B68E-B3707F34C817}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{AD848A76-F236-5EE2-819B-2BDE7ED40AE7}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Catalina – Print Savings\npBcsKtTcHW.dll (Catalina Marketing Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
14-11-2014 11:14:36 System Checkpoint
15-11-2014 04:00:37 Software Distribution Service 3.0
16-11-2014 04:57:45 System Checkpoint
17-11-2014 05:40:12 System Checkpoint
29-03-2015 14:35:37 Removed Google Earth Plug-in.
29-03-2015 15:13:44 Software Distribution Service 3.0
29-03-2015 15:41:19 Removed DIRECTV Player.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2004-08-04 07:00 - 2004-08-04 07:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-EXPRESS-1-Custom User.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\EasyShare Registration Task.job => C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_8.2.30.1.sxt
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1547161642-1343024091-839522115-1007.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1547161642-1343024091-839522115-1007.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
==================== Loaded Modules (whitelisted) ==============
2012-11-02 17:52 - 2012-09-06 07:41 - 00048640 _____ () C:\WINDOWS\system32\sdtnpm.dll
2012-05-10 10:42 - 2012-05-10 10:42 - 00827232 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-09-14 22:06 - 2011-09-14 22:06 - 03040920 _____ () C:\Program Files\Adobe\Elements 10 Organizer\QtCore4.dll
2011-09-14 22:06 - 2011-09-14 22:06 - 10729624 _____ () C:\Program Files\Adobe\Elements 10 Organizer\QtGui4.dll
2011-09-14 22:11 - 2011-09-14 22:11 - 00286360 _____ () C:\Program Files\Adobe\Elements 10 Organizer\QtPlugins\imageformats\qjpeg4.dll
2015-03-04 17:08 - 2015-03-04 17:08 - 00750080 _____ () C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\libGLESv2.dll
2015-03-29 15:56 - 2015-03-29 15:56 - 00043008 _____ () c:\Documents and Settings\Custom User\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfhvz67.dll
2015-03-04 17:08 - 2015-03-04 17:08 - 00047616 _____ () C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\libEGL.dll
2015-03-04 17:08 - 2015-03-04 17:08 - 00865280 _____ () C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 17:07 - 2015-03-04 17:07 - 00200704 _____ () C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\plugins\imageformats\qjpeg.dll
2011-02-10 07:55 - 2011-02-10 07:55 - 01148256 _____ () C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
2012-11-29 21:31 - 2012-11-29 21:31 - 00038608 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2009-06-12 09:12 - 2007-05-13 21:54 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2014-05-12 21:43 - 2014-05-12 21:44 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2015-03-29 16:01 - 2015-03-29 16:01 - 16858288 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1547161642-1343024091-839522115-1007\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Bliss.bmp
DNS Servers: 192.168.50.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Device Monitor 3.lnk => C:\WINDOWS\pss\Device Monitor 3.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk => C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Alcmtr => ALCMTR.EXE
MSCONFIG\startupreg: AlcWzrd => ALCWZRD.EXE
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: AVG_TRAY => C:\Program Files\AVG\AVG10\avgtray.exe
MSCONFIG\startupreg: Conime => %windir%\system32\conime.exe
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: EKIJ5000StatusMonitor => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
MSCONFIG\startupreg: High Definition Audio Property Page Shortcut => HDAudPropShortcut.exe
MSCONFIG\startupreg: InCD => C:\Program Files\Nero\Nero 7\InCD\InCD.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: NPSStartup =>
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: nwiz => nwiz.exe /installquiet
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE
MSCONFIG\startupreg: SecurDisc => C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
MSCONFIG\startupreg: SelectRebates => C:\Program Files\SelectRebates\SelectRebates.exe
MSCONFIG\startupreg: SoundMan => SOUNDMAN.EXE
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Zune Launcher => "c:\Program Files\Zune\ZuneLauncher.exe"
==================== Accounts: =============================
Administrator (S-1-5-21-1547161642-1343024091-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1547161642-1343024091-839522115-1005 - Limited - Enabled)
Custom User (S-1-5-21-1547161642-1343024091-839522115-1007 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Custom User
Guest (S-1-5-21-1547161642-1343024091-839522115-501 - Limited - Enabled) => %SystemDrive%\Documents and Settings\Guest
HelpAssistant (S-1-5-21-1547161642-1343024091-839522115-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1547161642-1343024091-839522115-1002 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: Video Controller (VGA Compatible)
Description: Video Controller (VGA Compatible)
Class Guid:
Manufacturer:
Service:
Problem: : This device is not configured correctly. (Code1)
Resolution: You may be prompted to provide the path of the driver. Windows may have the driver built-in, or may still have the driver files installed from the last time that you set up the device. If you are asked for the driver and you do not have it, you can try to download the latest driver from the hardware vendor�s Web site.
In the device properties dialog box, click the "Driver" tab, and then click "Update Driver" to start the "Hardware Update Wizard". Follow the instructions to update the driver. If updating the driver does not work, see your hardware documentation for more information.
Name:
Description:
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/29/2015 03:55:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 12.50.168.192.in-addr.arpa. PTR express-1.local.
Error: (03/29/2015 03:55:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.50.12:5353 17 12.50.168.192.in-addr.arpa. PTR express-2.local.
Error: (03/29/2015 02:23:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 12.50.168.192.in-addr.arpa. PTR express-1.local.
Error: (03/29/2015 02:23:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.50.12:5353 17 12.50.168.192.in-addr.arpa. PTR express-2.local.
Error: (03/29/2015 02:22:34 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved
Error: (03/29/2015 02:22:06 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved
Error: (11/14/2014 10:46:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 14.50.168.192.in-addr.arpa. PTR express-1.local.
Error: (11/14/2014 10:46:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.50.14:5353 17 14.50.168.192.in-addr.arpa. PTR express-2.local.
Error: (07/22/2014 11:32:59 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\CUSTOM USER\MY DOCUMENTS\RESUME\.~LOCK.SYDNEYS RESSSUME.ODT#> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (07/22/2014 11:32:59 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\CUSTOM USER\MY DOCUMENTS\RESUME\.~LOCK.SYDNEYS RESSSUME.ODT#> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
System errors:
=============
Error: (03/29/2015 03:56:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SProtection service failed to start due to the following error:
%%1053
Error: (03/29/2015 03:56:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the SProtection service to connect.
Error: (03/29/2015 03:56:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Core Update Service service failed to start due to the following error:
%%1053
Error: (03/29/2015 03:56:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Garmin Core Update Service service to connect.
Error: (03/29/2015 03:56:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZDPSp50 NDIS Protocol Driver service failed to start due to the following error:
%%2
Error: (03/29/2015 03:17:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).
Error: (03/29/2015 03:11:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.
Error: (03/29/2015 02:25:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Core Update Service service failed to start due to the following error:
%%1053
Error: (03/29/2015 02:25:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Garmin Core Update Service service to connect.
Error: (03/29/2015 02:25:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZDPSp50 NDIS Protocol Driver service failed to start due to the following error:
%%2
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU 2.80GHz
Percentage of memory in use: 61%
Total physical RAM: 2013.17 MB
Available physical RAM: 784.83 MB
Total Pagefile: 5940.37 MB
Available Pagefile: 4713.25 MB
Total Virtual: 2047.88 MB
Available Virtual: 1937.06 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:149.04 GB) (Free:57.98 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: A1BCA1BC)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Ran by Custom User at 2015-03-29 17:22:27
Running from C:\Documents and Settings\Custom User\My Documents\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Anti-Virus Free Edition 2011 (Enabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1990.41618 - ABBYY Software House)
ACID Music Studio 8.0 (HKLM\...\{E97C937C-AE21-453D-86A0-A231507543D1}) (Version: 8.0.178 - Sony)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (Version: 6.0.2.0 - Your Company Name) Hidden
aioscnnr (Version: 7.6.13.10 - Your Company Name) Hidden
Amazon MP3 Downloader 1.0.17 (HKLM\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon MP3 Uploader (HKLM\...\com.amazon.music.uploader) (Version: 1.0.1 - Amazon Services LLC)
Amazon MP3 Uploader (Version: 1.0.1 - Amazon Services LLC) Hidden
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Print Creations - Album Page (HKLM\...\{E6B4117F-AC59-4B13-9274-EB136E8897EE}) (Version: - ArcSoft)
ArcSoft Print Creations - Funhouse (HKLM\...\{9591C049-5CAE-4E89-A8D9-191F1899628B}) (Version: - ArcSoft)
ArcSoft Print Creations - Greeting Card (HKLM\...\{F04F9557-81A9-4293-BC49-2C216FA325A7}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Book (HKLM\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Calendar (HKLM\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version: - ArcSoft)
ArcSoft Print Creations - Scrapbook (HKLM\...\{B0D83FCD-9D42-43ED-8315-250326AADA02}) (Version: - ArcSoft)
ArcSoft Print Creations - Slimline Card (HKLM\...\{007B37D9-0C45-4202-834B-DD5FAAE99D63}) (Version: - ArcSoft)
ArcSoft Print Creations (HKLM\...\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}) (Version: 2.8.255.384 - ArcSoft)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.32 - Atheros Communications Inc.)
AVG 2011 (HKLM\...\AVG) (Version: 10.0.1434 - AVG Technologies)
AVG 2011 (Version: 10.0.1434 - AVG Technologies) Hidden
AVG 2011 (Version: 10.0.4311 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Catalina Savings Printer (HKLM\...\{4956ACE3-F537-4418-BB45-FD52395275A7}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
CCScore (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
center (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Citrix online plug-in - web (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 11.2.0.31560 - Citrix Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Computer Requirements 1.0 (HKLM\...\{BA3582A0-2DE0-4DB8-8B74-CD34AC193F9B}_is1) (Version: - Furst Person)
Cricut (TM) Driver v2.01 (HKLM\...\Cricut (TM) Driver v2.01) (Version: 2.01 - Provo Craft & Novelty, Inc.)
Cricut Craft Room® (HKLM\...\com.cricut.Cricut-CraftRoom) (Version: v1.0 build-179 - Provo Craft & Novelty, Inc.)
Cricut Craft Room® (Version: 1.0.179 - Provo Craft & Novelty, Inc.) Hidden
Data Access Objects (DAO) 3.5 (HKLM\...\Data Access Objects (DAO) 3.5) (Version: - )
Download Updater (AOL LLC) (HKLM\...\SoftwareUpdUtility) (Version: - ) <==== ATTENTION
Driver Genius Professional Edition (HKLM\...\Driver Genius Professional Edition_is1) (Version: - Driver-Soft Inc.)
Dropbox (HKU\S-1-5-21-1547161642-1343024091-839522115-1007\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.1319 - CyberLink Corporation)
Elements 10 Organizer (Version: 10.0 - Adobe Systems Incorporated) Hidden
Elevated Installer (Version: 2.1.11 - Garmin Ltd or its subsidiaries) Hidden
emaze PowerPoint Add-In (HKU\S-1-5-21-1547161642-1343024091-839522115-1007\...\emaze PowerPoint Add-In) (Version: 1.1 - emaze.com)
ESSBrwr (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCDBK (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESScore (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
essentials (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
ESSgui (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSini (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPCD (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSTOOLS (Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
essvatgt (Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
Everio MediaBrowser 3 (HKLM\...\{548F12A2-BD2E-4B5A-9B62-BBC0AA8EB3DD}) (Version: 3.00.130 - PIXELA)
Facebook Plug-In (HKU\S-1-5-21-1547161642-1343024091-839522115-1007\...\Facebook Plug-In) (Version: - Facebook, Inc.)
Flash Player Pro V5.4 (HKLM\...\Flash Player Pro_is1) (Version: - FlashPlayerPro.com)
Garmin Communicator Plugin (HKLM\...\{13F054F3-0B07-4D15-9E80-C55B496AB557}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{22cb5aae-d413-47c3-9710-95a7d3c3027d}) (Version: 2.1.11 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 2.1.11 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.1.11 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (Version: 2.1.11 - Garmin Ltd or its subsidiaries) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 4.8.0.723 (HKU\S-1-5-21-1547161642-1343024091-839522115-1007\...\GoToMeeting) (Version: 4.8.0.723 - CitrixOnline)
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
Highlightly (HKLM\...\Highlightly) (Version: 1.9.0.2 - Highlightly) <==== ATTENTION
iTunes (HKLM\...\{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company)
Kodak EasyShare software (HKLM\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version: - Eastman Kodak Company)
LOTR The Return of the King tm (HKLM\...\{6E298B0A-558C-4138-0096-740677B382CD}) (Version: - )
Malwarebytes' Anti-Malware version 1.51.1.1800 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.51.1.1800 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Live Meeting 2007 (HKLM\...\{AC388C78-2619-452C-BFBE-FABCC3194387}) (Version: 8.0.6362.149 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Publisher 2010 (HKLM\...\Office14.PUBLISHERR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60531.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.52 (HKLM\...\WebPost) (Version: - )
MobileMe Control Panel (HKLM\...\{5A9AA2C0-972F-4239-AA41-E409434194D5}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 28.0 (x86 en-US) (HKLM\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (HKLM\...\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}) (Version: 6.10.1129.0 - Microsoft Corporation)
Neat (HKLM\...\Neat) (Version: 5.1.29.304 - The Neat Company)
Neat ADF Scanner 2008 Driver (HKLM\...\{A4A42670-82B9-4A58-8955-20271DBBF29F}) (Version: 2.0.0.61 - The Neat Company)
Neat ADF Scanner Driver (HKLM\...\{58155B30-6BE9-4268-A059-149629149C63}) (Version: 2.0.2.1 - The Neat Company)
Neat Core Files (Version: 5.1.29.304 - The Neat Company) Hidden
Neat Mobile Scanner (Silver) Driver (HKLM\...\{6EDB3FC5-8B7C-422A-B4FB-1D919F44F2C0}) (Version: 2.0.0.63 - The Neat Company)
Neat Mobile Scanner 2008 Driver (HKLM\...\{57F5920A-9897-4830-BD4A-BE85DA9734FF}) (Version: 2.0.0.69 - The Neat Company)
Neat Mobile Scanner Driver (HKLM\...\{11A53AF3-CAA5-4C29-887E-CCA7CEE2689B}) (Version: 2.0.1.2 - The Neat Company)
Nectarphone 1.5.20 (HKLM\...\Nectarphone 1.5_is1) (Version: - Nectar Services Corp)
Nero 7 Essentials (HKLM\...\{45B3A3BD-F90D-48FE-A147-D74878A51033}) (Version: 7.03.0920 - Nero AG)
netbrdg (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9621 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.00 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{8AAB4176-A747-493A-A42C-B63CFADFD8E3}) (Version: 9.09.0010 - NVIDIA Corporation)
ocr (Version: 6.2.3.50 - Eastman Kodak Company) Hidden
office Convert Pdf to Jpg Jpeg Tiff Free 6.4 (HKLM\...\office Convert Pdf to Jpg Jpeg Tiff Free_is1) (Version: - Officeconvert Software, Inc.)
OfotoXMI (Version: 8.02.1000.0001 - EASTMAN KODAK Company) Hidden
OpenOffice.org 3.1 (HKLM\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9420 - OpenOffice.org)
PANTECH Handset USB Driver V2 (HKLM\...\{5B5FE75F-A999-45e7-AE6B-5B85E1DD0577}) (Version: 1.1.4583.1215 - PANTECH CO,.LTD)
Pantech PCSuite (HKLM\...\{9B3F33D3-E2BC-4BAE-93AB-41700072F680}) (Version: 1.0 - Pantech)
Pantech PCSuite (Version: 1.0 - Pantech) Hidden
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
Platform (Version: 1.39 - VIA Technologies, Inc.) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - CyberLink Corporation)
PreReq (Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
PSE10 STI Installer (Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RapidPlayer v5.0 ActiveX Control (HKLM\...\{31C2F32D-C5DD-4583-8181-B48591CA231C}) (Version: - )
Reader Rabbit(R) Reading Ages 6-9 (HKLM\...\Reader Rabbit(R) Reading Ages 6-9) (Version: - )
RealDownloader (Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6167 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Rhapsody (HKLM\...\Rhapsody) (Version: - )
Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.2.5 - Roxio)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Send To Neat (HKLM\...\{F9C52512-F5AB-4CA8-8E35-6396797DD72A}) (Version: 1.1.0.0 - The Neat Company)
Serif PagePlus Starter Edition (HKLM\...\{FC6336EC-E007-4E60-A0B7-7EF2B54F6535}) (Version: 2.0.1.007 - Serif (Europe) Ltd)
SFR (Version: 8.01.0000.0001 - Eastman Kodak Company) Hidden
SHASTA (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
skin0001 (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
SKINXSDK (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
staticcr (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
System Requirements Lab (HKLM\...\{9EBDAF91-DADA-47CE-94F2-F5B004007934}) (Version: 4.1.13.0 - Husdawg, LLC)
VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VisualBee for Microsoft PowerPoint (HKU\S-1-5-21-1547161642-1343024091-839522115-1007\...\VisualBee for Microsoft PowerPoint) (Version: V4.1 - VisualBee.com)
VLC media player 1.0.1 (HKLM\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
VPRINTOL (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (04/10/2012 2.08.24) (HKLM\...\4C8545EEB6143B6AD3858B5D1E0AEE76040B1435) (Version: 04/10/2012 2.08.24 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (04/10/2012 2.08.24) (HKLM\...\6849F67BACD4DA5A5B9D46803E6850D0BE8B3826) (Version: 04/10/2012 2.08.24 - FTDI)
Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) (HKLM\...\6194C28A8F62DD817EA1B918E6E46E806A21B452) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) (HKLM\...\65B6FE5418CE28F4D72543FB2D964C3CEC83F161) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 20080509.140000 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WIRELESS (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Yahoo! BrowserPlus 2.9.8 (HKU\S-1-5-21-1547161642-1343024091-839522115-1007\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.)
Zip Motion Block Video codec (Remove Only) (HKLM\...\ZMBV) (Version: - )
Zune (HKLM\...\Zune) (Version: 04.07.1404.00 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{40F576AD-8680-4F9E-9490-99D069CD665F}\InprocServer32 -> C:\Program Files\SystemRequirementsLab\sysreqlabdetect.dll (Husdawg, LLC)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{6CE4B8A6-4DB5-4F63-8013-1197503692EF}\InprocServer32 -> C:\Documents and Settings\Custom User\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\YBPAddon_2.9.8.dll (Yahoo! Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\723\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{9FCC5E91-62B3-6BD7-B68E-B3707F34C817}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{AD848A76-F236-5EE2-819B-2BDE7ED40AE7}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Catalina – Print Savings\npBcsKtTcHW.dll (Catalina Marketing Corporation)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547161642-1343024091-839522115-1007_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
14-11-2014 11:14:36 System Checkpoint
15-11-2014 04:00:37 Software Distribution Service 3.0
16-11-2014 04:57:45 System Checkpoint
17-11-2014 05:40:12 System Checkpoint
29-03-2015 14:35:37 Removed Google Earth Plug-in.
29-03-2015 15:13:44 Software Distribution Service 3.0
29-03-2015 15:41:19 Removed DIRECTV Player.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2004-08-04 07:00 - 2004-08-04 07:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-EXPRESS-1-Custom User.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\EasyShare Registration Task.job => C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_8.2.30.1.sxt
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1547161642-1343024091-839522115-1007.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1547161642-1343024091-839522115-1007.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
==================== Loaded Modules (whitelisted) ==============
2012-11-02 17:52 - 2012-09-06 07:41 - 00048640 _____ () C:\WINDOWS\system32\sdtnpm.dll
2012-05-10 10:42 - 2012-05-10 10:42 - 00827232 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-09-14 22:06 - 2011-09-14 22:06 - 03040920 _____ () C:\Program Files\Adobe\Elements 10 Organizer\QtCore4.dll
2011-09-14 22:06 - 2011-09-14 22:06 - 10729624 _____ () C:\Program Files\Adobe\Elements 10 Organizer\QtGui4.dll
2011-09-14 22:11 - 2011-09-14 22:11 - 00286360 _____ () C:\Program Files\Adobe\Elements 10 Organizer\QtPlugins\imageformats\qjpeg4.dll
2015-03-04 17:08 - 2015-03-04 17:08 - 00750080 _____ () C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\libGLESv2.dll
2015-03-29 15:56 - 2015-03-29 15:56 - 00043008 _____ () c:\Documents and Settings\Custom User\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfhvz67.dll
2015-03-04 17:08 - 2015-03-04 17:08 - 00047616 _____ () C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\libEGL.dll
2015-03-04 17:08 - 2015-03-04 17:08 - 00865280 _____ () C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 17:07 - 2015-03-04 17:07 - 00200704 _____ () C:\Documents and Settings\Custom User\Application Data\Dropbox\bin\plugins\imageformats\qjpeg.dll
2011-02-10 07:55 - 2011-02-10 07:55 - 01148256 _____ () C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
2012-11-29 21:31 - 2012-11-29 21:31 - 00038608 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2009-06-12 09:12 - 2007-05-13 21:54 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2014-05-12 21:43 - 2014-05-12 21:44 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2015-03-29 16:01 - 2015-03-29 16:01 - 16858288 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1547161642-1343024091-839522115-1007\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Bliss.bmp
DNS Servers: 192.168.50.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Device Monitor 3.lnk => C:\WINDOWS\pss\Device Monitor 3.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk => C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Alcmtr => ALCMTR.EXE
MSCONFIG\startupreg: AlcWzrd => ALCWZRD.EXE
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: AVG_TRAY => C:\Program Files\AVG\AVG10\avgtray.exe
MSCONFIG\startupreg: Conime => %windir%\system32\conime.exe
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: EKIJ5000StatusMonitor => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
MSCONFIG\startupreg: High Definition Audio Property Page Shortcut => HDAudPropShortcut.exe
MSCONFIG\startupreg: InCD => C:\Program Files\Nero\Nero 7\InCD\InCD.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: NPSStartup =>
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: nwiz => nwiz.exe /installquiet
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE
MSCONFIG\startupreg: SecurDisc => C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
MSCONFIG\startupreg: SelectRebates => C:\Program Files\SelectRebates\SelectRebates.exe
MSCONFIG\startupreg: SoundMan => SOUNDMAN.EXE
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Zune Launcher => "c:\Program Files\Zune\ZuneLauncher.exe"
==================== Accounts: =============================
Administrator (S-1-5-21-1547161642-1343024091-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1547161642-1343024091-839522115-1005 - Limited - Enabled)
Custom User (S-1-5-21-1547161642-1343024091-839522115-1007 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Custom User
Guest (S-1-5-21-1547161642-1343024091-839522115-501 - Limited - Enabled) => %SystemDrive%\Documents and Settings\Guest
HelpAssistant (S-1-5-21-1547161642-1343024091-839522115-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1547161642-1343024091-839522115-1002 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: Video Controller (VGA Compatible)
Description: Video Controller (VGA Compatible)
Class Guid:
Manufacturer:
Service:
Problem: : This device is not configured correctly. (Code1)
Resolution: You may be prompted to provide the path of the driver. Windows may have the driver built-in, or may still have the driver files installed from the last time that you set up the device. If you are asked for the driver and you do not have it, you can try to download the latest driver from the hardware vendor�s Web site.
In the device properties dialog box, click the "Driver" tab, and then click "Update Driver" to start the "Hardware Update Wizard". Follow the instructions to update the driver. If updating the driver does not work, see your hardware documentation for more information.
Name:
Description:
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/29/2015 03:55:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 12.50.168.192.in-addr.arpa. PTR express-1.local.
Error: (03/29/2015 03:55:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.50.12:5353 17 12.50.168.192.in-addr.arpa. PTR express-2.local.
Error: (03/29/2015 02:23:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 12.50.168.192.in-addr.arpa. PTR express-1.local.
Error: (03/29/2015 02:23:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.50.12:5353 17 12.50.168.192.in-addr.arpa. PTR express-2.local.
Error: (03/29/2015 02:22:34 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved
Error: (03/29/2015 02:22:06 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved
Error: (11/14/2014 10:46:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 14.50.168.192.in-addr.arpa. PTR express-1.local.
Error: (11/14/2014 10:46:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.50.14:5353 17 14.50.168.192.in-addr.arpa. PTR express-2.local.
Error: (07/22/2014 11:32:59 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\CUSTOM USER\MY DOCUMENTS\RESUME\.~LOCK.SYDNEYS RESSSUME.ODT#> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (07/22/2014 11:32:59 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\CUSTOM USER\MY DOCUMENTS\RESUME\.~LOCK.SYDNEYS RESSSUME.ODT#> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
System errors:
=============
Error: (03/29/2015 03:56:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SProtection service failed to start due to the following error:
%%1053
Error: (03/29/2015 03:56:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the SProtection service to connect.
Error: (03/29/2015 03:56:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Core Update Service service failed to start due to the following error:
%%1053
Error: (03/29/2015 03:56:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Garmin Core Update Service service to connect.
Error: (03/29/2015 03:56:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZDPSp50 NDIS Protocol Driver service failed to start due to the following error:
%%2
Error: (03/29/2015 03:17:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).
Error: (03/29/2015 03:11:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.
Error: (03/29/2015 02:25:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Core Update Service service failed to start due to the following error:
%%1053
Error: (03/29/2015 02:25:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Garmin Core Update Service service to connect.
Error: (03/29/2015 02:25:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZDPSp50 NDIS Protocol Driver service failed to start due to the following error:
%%2
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU 2.80GHz
Percentage of memory in use: 61%
Total physical RAM: 2013.17 MB
Available physical RAM: 784.83 MB
Total Pagefile: 5940.37 MB
Available Pagefile: 4713.25 MB
Total Virtual: 2047.88 MB
Available Virtual: 1937.06 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:149.04 GB) (Free:57.98 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: A1BCA1BC)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
==================== End Of Log ============================
- Mar 8, 2013
- 22,627
- Mar 8, 2013
- 22,627
- Mar 8, 2013
- 22,627
We need to uninstall some unwanted/unneeded programs.
- Press the
+ R on your keyboard at the same time. Type appwiz.cpl and click OK.
- Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time
- Catalina Savings Printer
- Download Updater (AOL LLC)
- Highlightly
Note: If you get the message like: An error occurred while trying to uninstall, just press Yes.
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
- Right-click on
icon and select
Run as Administrator to start the tool.
- Wait patiently until the main console will appear, it may take a minute or two.
- In the main box please paste in the following script:
Code:createsrpoint; autoclean; emptyalltemp; ipconfig /flushdns;b - Make sure that Scan All Users option is checked.
- Push Run Script and wait patiently. The scan may take a couple of minutes.
- When the scan completes, a zoek-results logfile should open in notepad.
- If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.
Ha! I thought I had already removed that stupid Highlightly! Also, I see that Iminent has been removed, thank goodness! But was concerned about Kodak Gallery though. I remember when it first came out it was a Gallery that held all my photos, but maybe its different now? Maybe this is a old file Kodak used to use.
So far thanks, its looking a whole lot better. When we get finished, I have a System Speed Up/Speed Test question.
So far thanks, its looking a whole lot better. When we get finished, I have a System Speed Up/Speed Test question.
- Mar 8, 2013
- 22,627
Yes, it did do a good job. Seems to be working much better and running a bit faster now. No more advertisements popping up, no more fake virus prog telling me to purchase their fake product and I got my google search back.
So now my question about System Speed Up/Speed tests. I strongly believe that I got this crap from running a Speed Test on my computer. I always check that I dont want the "extra" downloads (usually McAfee), but I doubt that is the problem. When you apply for various jobs w/the intention to work from home (from legitimate companies) they ask you to do a Speed Test so they can verify your upload and download speeds. They send you the link and instructions on how to send the test results to them after the test is completed. Are they not aware the link they are sending out has malware or do they not care? I think I know what company I applied for last year that had me do this. I have worked for them before at a call center here locally, so I know its legitimate. I just dont get it, but ill never do the Speed Test again.
Oops...there is still an problem. I opened up a new tab to search the company I was talking about and it appears that iminent is NOT gone after all. This is what the page looked like after I typed in what I was looking for http://start.iminent.com/en-US/search/#q=Convergys&s=web&p=1 I tried last time to change my search options but it never lets me permanently change it.
So now my question about System Speed Up/Speed tests. I strongly believe that I got this crap from running a Speed Test on my computer. I always check that I dont want the "extra" downloads (usually McAfee), but I doubt that is the problem. When you apply for various jobs w/the intention to work from home (from legitimate companies) they ask you to do a Speed Test so they can verify your upload and download speeds. They send you the link and instructions on how to send the test results to them after the test is completed. Are they not aware the link they are sending out has malware or do they not care? I think I know what company I applied for last year that had me do this. I have worked for them before at a call center here locally, so I know its legitimate. I just dont get it, but ill never do the Speed Test again.
Oops...there is still an problem. I opened up a new tab to search the company I was talking about and it appears that iminent is NOT gone after all. This is what the page looked like after I typed in what I was looking for http://start.iminent.com/en-US/search/#q=Convergys&s=web&p=1 I tried last time to change my search options but it never lets me permanently change it.
- Mar 8, 2013
- 22,627
- Mar 8, 2013
- 22,627
Yes, I could do that, but I'd have to download another browser. FF is the only one that I have. Would that be ok and where could I get a the download from? Im looking for one now.
I am running Win 7 64 bit. I did everything that the malware bytes forum & another site said to do. I followed the malwarebytes howto & deleted the icons for my browsers like the other site said. How ever when I opened up c:\programs and went to explorer.exe and launched it. It was fine so I closed IE right clicked on iexplorer.exe & selected pin to task bar. I launched thinking all was good but search.iminent pops up to my surprise. When i pined the iexplorer.exe in C:\programs(86) it launched fine to my home page. Iexplorer.exe in c:\programs was the one that was being hijacked. So I checked my other accounts doing the same process all was good. Not wanting to be defeated and use a restore point. I rerun the scans in all accounts on my computer nothing was found. I could not remember the other site url which gave the location of the other shortcut locations you had to delete. Since browsing history got deleted in the cleanup. After searching for the site for 30 minuets. I remembered it was in appdata some where. Just figured it was faster to search all of appdata. Remember the extra short cuts it dumped on your desktop.FireFox. Internet Explorer & Chrome. I dont have Chrome. Figured if I found another chrome shortcut i would find the other two in the same spot as well. You also have to delete the SIX yes SIX browser short cut icons (I found so far)the hijack made.Two of each. Or you can edit the Icon properties. Basically all to have to do is select icon open properties in the "Target" field (The field is called target) delete the URL after "C:\Program Files\Internet Explorer\iexplore.exe" search.iminent.com along with a bunch of random numbers. If you don't see "C:\Program Files\Internet Explorer\iexplore.exe" in target field but see a bunch of random numbers you found your culprit. I found my extras here
"C:\Users\"Your User Name "\AppData\Roaming\Microsoft\Windows\Start Menu\Programs"
I opened the properties on all three and removed the URL after "C:\Program Files\Internet Explorer\iexplore.exe". The Chrome Target field was blank because I don't have chrome so I deleted it. I repeated my earlier process pin to task bar and launch. Explorer hesitaded a little bit but opened my home page.
"C:\Users\"Your User Name "\AppData\Roaming\Microsoft\Windows\Start Menu\Programs"
I opened the properties on all three and removed the URL after "C:\Program Files\Internet Explorer\iexplore.exe". The Chrome Target field was blank because I don't have chrome so I deleted it. I repeated my earlier process pin to task bar and launch. Explorer hesitaded a little bit but opened my home page.
- Mar 8, 2013
- 22,627
- Status
Similar threads
