Internet Explorer: 9.0.8112.16421
Run by Ray at 22:42:00 on 2012-03-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3007.1666 [GMT
-5:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-
337730C6E984}
SP: Kaspersky Anti-Virus *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-
08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-
DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
C:\Program Files\Common Files\AOL\1326271217\ee\aolsoftware.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\AOL Desktop 9.7\waol.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\AOL Desktop 9.7\shellmon.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtblfs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11f_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://aol.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:
\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer:
{3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer
\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - c:
\program files\aol toolbar\aoltb.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program
files\kaspersky lab\kaspersky anti-virus 2012\ievkbd.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} -
c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9}
- c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program
files\kaspersky lab\kaspersky anti-virus 2012\klwtbbho.dll
BHO: TBSB07898 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program
files\coupons.com couponbar\tbcore3.dll
TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - c:\program files
\aol toolbar\aoltb.dll
TB: Coupons.com CouponBar: {8660e5b3-6c41-44de-8503-98d99bbecd41} - c:
\program files\coupons.com couponbar\tbcore3.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Google Update] "c:\users\ray\appdata\local\google\update
\GoogleUpdate.exe" /c
uRun: [AOL Fast Start] "c:\program files\aol desktop 9.7\AOL.EXE" -b
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus
2012\avp.exe"
mRun: [HostManager] c:\program files\common files\aol\1326271217\ee
\AOLSoftware.exe
mRun: [iolo Startup] "c:\program files\iolo\common\lib\ioloLManager.exe"
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe
/logon
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm
\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"
-osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update
\jusched.exe"
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-
339F08212110} - c:\program files\kaspersky lab\kaspersky anti-virus
2012\ievkbd.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-
D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus
2012\klwtbbho.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.1 71.250.0.12
TCP: Interfaces\{07D9729C-778C-46F1-8E6C-E6FDC07A4F15} : DhcpNameServer =
192.168.1.1 71.250.0.12
TCP: Interfaces\{D56CC746-ABD0-440D-84C3-7FABBD8A24CE} : DhcpNameServer =
192.168.1.1 71.250.0.12
Notify: klogon - c:\windows\system32\klogon.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amacpi;Microsoft Away Mode System;c:\windows\system32\drivers\null.sys
[2009-7-13 4608]
R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2012-1-13
20392]
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2011-3-4 11352]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers
\klim6.sys [2011-3-10 23856]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers
\vwififlt.sys [2009-7-13 48128]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common
files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab
\kaspersky anti-virus 2012\avp.exe [2011-4-24 202296]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib
\ioloServiceManager.exe [2012-1-13 722616]
R3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys [2012-1-
11 28256]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys
[2009-11-2 19984]
R3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13
980992]
R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-13
266752]
R3 VUSB3HUB;VIA USB 3.0 Root Hub Service;c:\windows\system32\drivers
\ViaHub3.sys [2011-2-25 117760]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows
\system32\drivers\xhcdrv.sys [2012-1-12 164864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN
v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
[2010-3-18 130384]
S3 appliand;Applian Network Service;c:\windows\system32\drivers
\appliand.sys [2012-1-11 28256]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows
\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app
\GamesAppService.exe [2010-10-12 206072]
S3 ssmirrdr;ssmirrdr;c:\windows\system32\drivers\ssmirrdr.sys [2011-3-15
10112]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20
52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers
\TsUsbGD.sys [2010-11-20 27264]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows
\system32\wat\WatAdminSvc.exe [2012-1-13 1343400]
.
=============== Created Last 30 ================
.
2012-03-09 03:08:15 -------- d-----w- c:\program files
\Trend Micro
2012-03-06 18:00:47 56200 ----a-w- c:\programdata\microsoft
\windows defender\definition updates\{d03ca25c-5d18-4e27-9518-
5da2cf0f5895}\offreg.dll
2012-03-06 11:28:39 6552120 ----a-w- c:\programdata\microsoft
\windows defender\definition updates\{d03ca25c-5d18-4e27-9518-
5da2cf0f5895}\mpengine.dll
2012-03-05 15:22:01 -------- d-----w- c:\users\ray
\appdata\roaming\QuickScan
2012-03-05 15:20:47 -------- d-----w- C:\temp
2012-03-05 15:20:23 -------- d-----w- c:\users\ray
\appdata\roaming\OpswatLogs
2012-03-05 15:20:15 -------- d-----w- c:\program files
\common files\supportsoft
2012-03-05 15:18:40 -------- d-----w- c:\users\ray
\appdata\roaming\supportdotcom
2012-03-05 15:18:35 -------- d-----w- c:\program files
\common files\supportdotcom
2012-03-05 15:14:44 -------- d-----w- c:\users\ray
\appdata\local\Google
2012-03-05 15:13:33 -------- d-----w- c:\users\ray
\appdata\local\Deployment
2012-03-05 15:13:33 -------- d-----w- c:\users\ray
\appdata\local\Apps
2012-02-29 18:17:40 -------- d-----w- c:\program files
\Coupons.com CouponBar
2012-02-29 18:17:23 -------- d-----w- c:\program files
\Coupons
2012-02-25 23:29:29 -------- d-----w- C:\AWOL Marines
2012-02-25 23:27:31 -------- d-----w- C:\CATCHER
2012-02-25 15:04:22 -------- d-----w- c:\programdata
\Funny Bear Studio
2012-02-25 14:27:42 -------- d-----w- c:\programdata
\Alawar Stargaze
2012-02-25 14:11:27 -------- d-----w- c:\program files
\WildGames
2012-02-25 14:04:40 -------- d-----w- c:\program files
\WildTangent Games
2012-02-24 21:57:33 -------- d-----w- c:\users\ray
\appdata\roaming\FamilyVacationCalifornia
2012-02-17 01:55:33 -------- d-----w- c:\programdata
\21149
2012-02-16 07:34:14 478720 ----a-w- c:\windows
\system32\timedate.cpl
2012-02-16 07:34:02 442880 ----a-w- c:\windows
\system32\ntshrui.dll
2012-02-16 07:33:58 690688 ----a-w- c:\windows
\system32\msvcrt.dll
2012-02-16 07:33:43 2343424 ----a-w- c:\windows
\system32\win32k.sys
2012-02-13 10:27:06 -------- d-----w- c:\users\ray
\appdata\local\CrimsonThief
2012-02-11 06:11:06 -------- d-----w- c:\users\ray
\appdata\roaming\SpinTop Games
2012-02-11 06:02:23 -------- d-----w- c:\programdata
\WildTangent
.
==================== Find3M ====================
.
2012-02-26 16:28:26 414368 ----a-w- c:\windows
\system32\FlashPlayerCPLApp.cpl
2012-02-23 14:18:36 237072 ------w- c:\windows
\system32\MpSigStub.exe
2012-02-22 23:58:20 71072 ----a-w- c:\windows
\CouponPrinter.ocx
2012-02-17 19:34:42 472808 ----a-w- c:\windows
\system32\deployJava1.dll
2012-01-18 09:48:56 499712 ----a-w- c:\windows
\system32\msvcp71.dll
2012-01-18 09:48:56 348160 ----a-w- c:\windows
\system32\msvcr71.dll
2012-01-13 06:11:08 74703 ----a-w- c:\windows
\system32\mfc45.dll
2012-01-12 10:03:47 108144 ----a-w- c:\windows
\system32\CmdLineExt.dll
2012-01-11 08:37:51 58696 ----a-w- c:\windows
\system32\AOLParconLink.exe
2011-12-14 03:04:54 1798656 ----a-w- c:\windows
\system32\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- c:\windows
\system32\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- c:\windows
\system32\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- c:\windows
\system32\mshtml.tlb
.
============= FINISH: 22:43:00.76 ===============
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:09:55 PM, on 3/8/2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
C:\Program Files\Common Files\AOL\1326271217\ee\aolsoftware.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\AOL Desktop 9.7\waol.exe
C:\Program Files\AOL Desktop 9.7\shellmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtblfs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11f_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://aol.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: AOL Toolbar Loader - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O2 - BHO: TBSB07898 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll
O3 - Toolbar: AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll
O3 - Toolbar: Coupons.com CouponBar - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1326271217\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [iolo Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ray\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL Desktop 9.7\AOL.EXE" -b
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
--
End of file - 6902 bytes