Solved CouponBar?

jenna28jj · 2011/01/14

OTL logfile created on: 1/14/2011 14:07:36 - Run 2
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\shawns\Documents
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.05 Gb Total Space | 138.15 Gb Free Space | 48.29% Space Free | Partition Type: NTFS
Drive D: | 11.94 Gb Total Space | 2.14 Gb Free Space | 17.93% Space Free | Partition Type: NTFS

Computer Name: SHAWNS-PC | User Name: shawns | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found -- C:\Users\shawns\My Documents\OTL.exe
PRC - [2010/12/22 03:04:14 | 000,936,712 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/12/22 03:04:06 | 001,402,272 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/12/16 16:19:34 | 002,402,512 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/09/07 09:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/07/28 07:26:46 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/12/01 19:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/10/20 13:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/05/26 02:36:13 | 000,656,896 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
PRC - [2009/04/27 13:37:18 | 000,025,256 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddamon.exe
PRC - [2008/11/20 11:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/05/04 00:38:34 | 000,291,760 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2500 Series\lxddmon.exe

========== Modules (SafeList) ==========

MOD - File not found -- C:\Users\shawns\My Documents\OTL.exe
MOD - [2010/08/20 23:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010/07/28 07:27:17 | 000,040,960 | ---- | M] () -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2010/07/28 07:26:48 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp71.dll
MOD - [2010/07/28 07:26:48 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr71.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/27 12:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2007/04/25 23:22:18 | 000,034,224 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxddserv.exe -- (lxddCATSCustConnectService)
SRV:64bit: - [2007/04/25 23:22:03 | 000,567,216 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxddcoms.exe -- (lxdd_device)
SRV - [2010/12/22 03:04:06 | 001,402,272 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/05/25 09:41:38 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxddcoms.exe -- (lxdd_device)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/09/07 08:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/07/12 02:55:39 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2009/07/13 19:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 19:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 04:38:42 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 14:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/19 10:19:38 | 000,339,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2007/05/14 15:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2010/11/03 12:35:58 | 000,017,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-402496917-614987249-1313985504-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
IE - HKU\S-1-5-21-402496917-614987249-1313985504-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-402496917-614987249-1313985504-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-402496917-614987249-1313985504-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/07/28 07:27:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/11/30 03:01:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/11/30 03:01:49 | 000,000,000 | ---D | M]

[2009/12/19 02:03:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\shawns\AppData\Roaming\Mozilla\Extensions
[2009/12/19 02:03:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\shawns\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2011/01/14 09:56:43 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (@c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-402496917-614987249-1313985504-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-21-402496917-614987249-1313985504-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4:64bit: - HKLM..\Run: [lxddmon.exe] C:\Program Files (x86)\Lexmark 2500 Series\lxddmon.exe ()
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [lxddamon] C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddamon.exe ()
O4 - HKLM..\Run: [lxddmon.exe] C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddmon.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\shawns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe (Lime Wire, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-402496917-614987249-1313985504-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.142.225.3 167.142.225.5
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/14 13:58:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/01/14 13:53:13 | 000,000,000 | ---D | C] -- C:\Users\shawns\Documents\JavaRa
[2011/01/14 13:42:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/01/14 11:22:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\shawns\Documents\OTL.exe
[2011/01/14 09:55:07 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\VACFix.exe
[2011/01/14 09:55:07 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.exe
[2011/01/14 09:55:07 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.C.exe
[2011/01/14 09:55:07 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\404Fix.exe
[2011/01/14 09:55:07 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\o4Patch.exe
[2011/01/14 09:55:07 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\Agent.OMZ.Fix.exe
[2011/01/14 09:55:06 | 000,289,144 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\VCCLSID.exe
[2011/01/14 09:55:06 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\SrchSTS.exe
[2011/01/14 09:55:06 | 000,135,168 | ---- | C] (SteelWerX) -- C:\Windows\SysWow64\swreg.exe
[2011/01/14 09:55:06 | 000,079,360 | ---- | C] (SteelWerX) -- C:\Windows\SysWow64\swxcacls.exe
[2011/01/14 09:55:06 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\SysWow64\Process.exe
[2011/01/14 09:54:58 | 000,000,000 | ---D | C] -- C:\Users\shawns\Desktop\SmitfraudFix
[2011/01/08 09:10:43 | 000,000,000 | ---D | C] -- C:\Users\shawns\AppData\Local\Adobe
[2011/01/08 00:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2010/01/24 13:53:51 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddpmui.dll
[2010/01/24 13:53:51 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddinpa.dll
[2010/01/24 13:53:51 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddiesc.dll
[2010/01/24 13:53:50 | 001,232,896 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddserv.dll
[2010/01/24 13:53:50 | 000,999,424 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddusb1.dll
[2010/01/24 13:53:50 | 000,700,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddhbn3.dll
[2010/01/24 13:53:50 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddcomc.dll
[2010/01/24 13:53:50 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddlmpm.dll
[2010/01/24 13:53:50 | 000,425,984 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddcomm.dll
[2010/01/24 13:53:50 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddprox.dll
[2010/01/24 13:53:50 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddpplc.dll

========== Files - Modified Within 30 Days ==========

[2011/01/14 14:08:10 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/14 14:08:10 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/14 14:05:42 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/01/14 14:05:42 | 000,626,844 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/01/14 14:05:42 | 000,107,160 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/01/14 14:03:03 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/01/14 14:01:04 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/14 14:01:04 | 000,000,290 | -H-- | M] () -- C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
[2011/01/14 14:01:03 | 000,000,248 | -H-- | M] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2011/01/14 14:00:57 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2011/01/14 14:00:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/14 14:00:20 | 2314,067,968 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/14 13:50:08 | 000,159,757 | ---- | M] () -- C:\Users\shawns\Documents\JavaRa.zip
[2011/01/14 13:22:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/14 11:23:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\shawns\Documents\OTL.exe
[2011/01/14 09:56:46 | 000,000,691 | ---- | M] () -- C:\Users\shawns\AppData\Roaming\GetValue.vbs
[2011/01/14 09:56:46 | 000,000,035 | ---- | M] () -- C:\Users\shawns\AppData\Roaming\SetValue.bat
[2011/01/14 09:56:45 | 000,004,252 | ---- | M] () -- C:\Windows\SysWow64\tmp.reg
[2011/01/14 09:21:28 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2011/01/13 20:23:09 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/01/08 00:10:43 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForshawns.job
[2011/01/05 10:51:40 | 001,611,527 | ---- | M] () -- C:\Users\shawns\AppData\Local\tmp004.JPG
[2010/12/31 10:40:03 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2010/12/19 13:40:12 | 000,048,263 | ---- | M] () -- C:\Users\shawns\Desktop\fceux.cfg
[2010/12/16 17:45:31 | 000,078,836 | ---- | M] () -- C:\Users\shawns\Documents\Intervention.rtf
[2010/12/16 03:27:09 | 000,458,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2011/01/14 13:50:08 | 000,159,757 | ---- | C] () -- C:\Users\shawns\Documents\JavaRa.zip
[2011/01/14 09:56:46 | 000,000,035 | ---- | C] () -- C:\Users\shawns\AppData\Roaming\SetValue.bat
[2011/01/14 09:56:45 | 000,004,252 | ---- | C] () -- C:\Windows\SysWow64\tmp.reg
[2011/01/14 09:56:45 | 000,000,691 | ---- | C] () -- C:\Users\shawns\AppData\Roaming\GetValue.vbs
[2011/01/14 09:55:06 | 000,075,776 | ---- | C] () -- C:\Windows\SysWow64\WS2Fix.exe
[2011/01/14 09:55:06 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\dumphive.exe
[2011/01/14 09:55:06 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\swsc.exe
[2011/01/13 18:01:15 | 000,000,410 | ---- | C] () -- C:\Windows\tasks\SmartDefrag.job
[2011/01/12 17:38:36 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/12/22 16:14:02 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForshawns.job
[2010/11/25 17:55:16 | 000,392,052 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp002.2
[2010/11/25 17:55:15 | 000,395,667 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp002.1
[2010/11/25 17:55:13 | 001,202,652 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp002.0
[2010/11/25 17:55:13 | 000,395,626 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp002.JPG
[2010/11/24 08:10:11 | 001,793,074 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp003.JPG
[2010/11/13 09:07:30 | 000,406,616 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp012.JPG
[2010/11/13 09:07:17 | 001,148,709 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp012.0
[2010/11/07 09:36:01 | 000,010,328 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp024_navi.JPG
[2010/11/07 09:35:48 | 001,368,289 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp024.JPG
[2010/11/07 09:34:54 | 001,468,649 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp021.JPG
[2010/11/07 09:33:29 | 001,480,824 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp026.JPG
[2010/10/13 07:21:09 | 001,324,683 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp018.JPG
[2010/09/17 12:42:34 | 000,004,096 | -H-- | C] () -- C:\Users\shawns\AppData\Local\keyfile3.drm
[2010/06/29 23:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/05/20 07:57:51 | 001,653,916 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp015.JPG
[2010/05/06 07:34:32 | 002,088,607 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp007.JPG
[2010/05/06 07:28:02 | 000,056,540 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmpSECUREDOWNLOAD.JPG
[2010/05/06 07:24:57 | 001,611,527 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp004.JPG
[2010/05/06 06:26:05 | 000,249,971 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp001_CROP.JPG
[2010/05/06 06:25:26 | 001,072,245 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp001.JPG
[2010/05/06 05:28:21 | 000,692,584 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp011_CROP.JPG
[2010/05/06 05:27:52 | 002,723,988 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp011.JPG
[2010/05/01 09:56:26 | 003,089,179 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp006.JPG
[2010/04/14 16:01:40 | 001,204,641 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp010.JPG
[2010/04/06 12:27:55 | 001,415,042 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp045.JPG
[2010/03/24 07:58:16 | 000,007,710 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmpM_A85061BC9B4541F3F7DC275F19EC341C.JPG
[2010/03/24 07:58:16 | 000,007,666 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmpM_A85061BC9B4541F3F7DC275F19EC341C.0
[2010/03/17 19:17:35 | 000,006,327 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp002_navi.JPG
[2010/03/17 19:16:53 | 000,006,435 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp003_navi.JPG
[2010/03/16 10:07:37 | 000,258,029 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp013.JPG
[2010/03/16 10:05:10 | 000,508,784 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp081.JPG
[2010/03/16 10:04:42 | 001,283,451 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp081.0
[2010/02/21 14:32:50 | 000,000,148 | ---- | C] () -- C:\Users\shawns\AppData\Roaming\wklnhst.dat
[2010/02/04 15:39:53 | 000,730,638 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/01/29 09:38:57 | 000,000,077 | ---- | C] () -- C:\Windows\chemlab.ini
[2010/01/24 13:53:51 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxddcomx.dll
[2010/01/24 13:53:51 | 000,286,720 | ---- | C] () -- C:\Windows\SysWow64\LXDDinst.dll
[2010/01/01 00:22:21 | 000,265,663 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp017.JPG
[2010/01/01 00:22:20 | 000,961,558 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp017.0
[2009/12/27 16:14:42 | 001,519,442 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp015.0
[2009/12/27 16:14:19 | 000,567,457 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp016.JPG
[2009/12/27 16:14:18 | 001,071,154 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp016.0
[2009/12/26 08:22:08 | 000,390,884 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp008.JPG
[2009/12/26 08:22:07 | 001,068,386 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp008.0
[2009/12/10 17:14:21 | 001,232,908 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp005.JPG
[2009/12/10 17:14:20 | 001,084,365 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp005.0
[2009/12/07 11:34:16 | 000,000,120 | ---- | C] () -- C:\Users\shawns\AppData\Roaming\FixVTS.ini
[2009/12/05 23:27:10 | 000,471,474 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp035.JPG
[2009/12/05 23:27:09 | 001,208,764 | ---- | C] () -- C:\Users\shawns\AppData\Local\tmp035.0
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010/01/06 08:44:28 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\Amazon
[2010/05/26 08:31:00 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\BitDefender
[2010/02/05 07:53:57 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\BitZipper
[2010/09/21 12:07:39 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\Elluminate
[2010/01/29 12:14:35 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\GetRightToGo
[2011/01/12 16:56:00 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\IObit
[2010/02/07 13:22:02 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\Lexmark Productivity Studio
[2011/01/14 13:40:32 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\LimeWire
[2010/01/17 09:54:34 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\Meridian93
[2010/08/30 15:12:40 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\OpenOffice.org
[2010/08/04 11:56:23 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\Panda Security
[2010/02/06 18:55:26 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\RipIt4Me
[2010/08/04 11:55:10 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\SurfSecret Privacy Suite
[2010/02/21 14:32:51 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\Template
[2009/12/03 08:13:51 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\WildTangent
[2009/12/11 12:57:01 | 000,000,000 | ---D | M] -- C:\Users\shawns\AppData\Roaming\WinBatch
[2011/01/14 14:03:03 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/01/14 14:00:57 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2010/12/31 10:40:03 | 000,000,552 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2009/07/13 23:08:49 | 000,025,160 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/01/14 09:21:28 | 000,000,410 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job
[2011/01/14 14:01:03 | 000,000,248 | -H-- | M] () -- C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2011/01/14 14:01:04 | 000,000,290 | -H-- | M] () -- C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

========== Purity Check ==========

< End of report >

broni · 2011/01/14

OK, I don't know why you're posting same log, so let's do it in different way.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
64-bit users go HERE
Double-click SystemLook.exe to run it.

Vista users:: Right click on SystemLook.exe, click Run As Administrator
Copy the content of the following box into the main textfield:
Code:
:reg
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
Click the Look button to start the scan.

When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

jenna28jj · 2011/01/14

Im sorry, i dont know why either...im just posting what my computer shows me....

SystemLook 04.09.10 by jpshortstuff
Log created at 17:54 on 14/01/2011 by shawns
Administrator - Elevation successful

No Context: reg

No Context: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

-= EOF =-

broni · 2011/01/14

Make sure, you copy everything from the code box, including a "colon" in front of "reg (1st line).
Please, retry.

jenna28jj · 2011/01/14

yep..inadvertantly left out the colon....

SystemLook 04.09.10 by jpshortstuff
Log created at 18:08 on 14/01/2011 by shawns
Administrator - Elevation successful

========== reg ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Lexmark 2500 Series]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Lexmark Fax Solutions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LSI Soft Modem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Client Profile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA Drivers]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC-Doctor for Windows]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WIC]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{071c9b48-7c32-4621-a0ac-3f809523288f}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26280024-DFB7-4967-90DB-7F9C6660D01E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{350AA351-21FA-3270-8B7A-835434E766AD}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90140000-002A-0000-1000-0000000FF1CE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90140000-002A-0409-1000-0000000FF1CE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90140000-0116-0409-1000-0000000FF1CE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}]

-= EOF =-

broni · 2011/01/14

I can't see Coupons there, so we have to go little bit deeper.
Double-click SystemLook.exe to run it.

Vista users:: Right click on SystemLook.exe, click Run As Administrator
Copy the content of the following box into the main textfield:
Code:
:reg
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall /s
Click the Look button to start the scan.

When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

jenna28jj · 2011/01/14

SystemLook 04.09.10 by jpshortstuff
Log created at 18:20 on 14/01/2011 by shawns
Administrator - Elevation successful

========== reg ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager]
"SystemComponent "= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Lexmark 2500 Series]
"UninstallString "= "C:\Program Files (x86)\Lexmark 2500 Series\Install\x64\Uninst.exe "
"DisplayIcon "= "C:\Program Files (x86)\Lexmark 2500 Series\Install\x64\Uninst.exe "
"UrlInfoAbout "= "http://www.lexmark.com "
"Publisher "= "Lexmark International, Inc. "
"HelpLink "= "http://support.lexmark.com "
"DisplayName "= "Lexmark 2500 Series "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Lexmark Fax Solutions]
"UninstallString "= "C:\Program Files (x86)\Lexmark Fax Solutions\Install\x64\Uninst.exe /R:faxunst "
"DisplayIcon "= "C:\Program Files (x86)\Lexmark Fax Solutions\Install\x64\Uninst.exe "
"UrlInfoAbout "= "http://www.lexmark.com "
"HelpLink "= "http://support.lexmark.com "
"DisplayName "= "Lexmark Fax Solutions "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LSI Soft Modem]
"DisplayName "= "LSI PCI-SV92EX Soft Modem "
"DisplayIcon "= "C:\Program Files\LSI SoftModem\agrsmdel.ico "
"DisplayVersion "= "2.2.96 "
"InstallLocation "= "C:\Program Files\LSI SoftModem "
"Publisher "= "LSI Corporation "
"UninstallString "= "C:\Windows\agrsmdel "
"QuietUninstallString "= "C:\Windows\agrsmdel -s "
"VersionMajor "= "2 "
"VersionMinor "= "2 "
"EstimatedSize "= 0x0000000010 (16)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Client Profile]
"DisplayIcon "= "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\DisplayIcon.ico "
"DisplayName "= "Microsoft .NET Framework 4 Client Profile "
"DisplayVersion "= "4.0.30319 "
"EstimatedSize "= 0x0000009b34 (39732)
"UninstallString "= "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client "
"VersionMinor "= "0 "
"VersionMajor "= "4 "
"Publisher "= "Microsoft Corporation "
"InstallLocation "= "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client "
"UninstallPath "= "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client "
"Readme "= "http://go.microsoft.com/fwlink/?LinkId=164156 "
"URLInfoAbout "= "http://go.microsoft.com/fwlink/?LinkId=164164 "
"URLUpdateInfo "= "http://go.microsoft.com/fwlink/?LinkId=164165 "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA Drivers]
"DisplayIcon "= "C:\Windows\system32\nvuninst.exe "
"DisplayName "= "NVIDIA Drivers "
"DisplayVersion "= "1.5 "
"UninstDataVerified "= 0x0000000001 (1)
"Publisher "= "NVIDIA Corporation "
"UninstallString "= "C:\Windows\system32\nvuninst.exe UninstallGUI "
"InstallLocation "= "C:\Windows\system32 "
"MajorVersion "= 0x0000000001 (1)
"MinorVersion "= 0x0000000005 (5)
"VersionMajor "= 0x0000000001 (1)
"VersionMinor "= 0x0000000005 (5)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA Drivers\SubComponents]
"nvnrm.nvu "= "NVIDIA Ethernet Driver Components "
"nvdisp.nvu "= "NVIDIA Display Driver "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC-Doctor for Windows]
"DisplayName "= "Hardware Diagnostic Tools "
"UninstallString "= "C:\Program Files\PC-Doctor for Windows\uninst.exe "
"DisplayIcon "= "C:\Program Files\PC-Doctor for Windows\pcdr.ico "
"DisplayVersion "= "6.0.5434.08 "
"URLInfoAbout "= "http://www.pc-doctor.com "
"Publisher "= "PC-Doctor, Inc. "
"Contact "= "Customer Support Department "
"Comments "= "Personal Computer Diagnostics Software "
"InstallLocation "= "C:\Program Files\PC-Doctor for Windows\ "
"RegCompany "=" "
"RegOwner "= "Windows User "
"NoModify "= 0x0000000001 (1)
"NoRepair "= 0x0000000001 (1)
"VersionMajor "= 0x0000000006 (6)
"VersionMinor "= 0x0000000000 (0)
"DisplayName_Localized "= "@C:\ProgramData\PC-Doctor for Windows\startmenu\bundle.dll.mui,-201 "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WIC]
"NoRemove "= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{071c9b48-7c32-4621-a0ac-3f809523288f}]
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "=" "
"DisplayVersion "= "8.0.56336 "
"HelpLink "=" "
"HelpTelephone "=" "
"InstallDate "= "20090815 "
"InstallLocation "=" "
"InstallSource "= "C:\Users\ADMINI~1\AppData\Local\Temp\IXP001.TMP\ "
"ModifyPath "= "MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f} "
"NoModify "= 0x0000000001 (1)
"NoRepair "= 0x0000000001 (1)
"Publisher "= "Microsoft Corporation "
"Readme "=" "
"Size "=" "
"EstimatedSize "= 0x00000002c4 (708)
"UninstallString "= "MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f} "
"URLInfoAbout "=" "
"URLUpdateInfo "=" "
"VersionMajor "= 0x0000000008 (8)
"VersionMinor "= 0x0000000000 (0)
"WindowsInstaller "= 0x0000000001 (1)
"Version "= 0x000800dc10 (134274064)
"Language "= 0x0000000000 (0)
"DisplayName "= "Microsoft Visual C++ 2005 Redistributable (x64) "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26280024-DFB7-4967-90DB-7F9C6660D01E}]
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "=" "
"DisplayVersion "= "3.0.28.2 "
"HelpLink "= "http://www.hp.com/support "
"HelpTelephone "=" "
"InstallDate "= "20090815 "
"InstallLocation "= "C:\Program Files\Hewlett-Packard\HP MediaSmart\ "
"InstallSource "= "C:\hp\tmp\src\ "
"ModifyPath "= "MsiExec.exe /X{26280024-DFB7-4967-90DB-7F9C6660D01E} "
"NoModify "= 0x0000000001 (1)
"NoRepair "= 0x0000000001 (1)
"Publisher "= "Hewlett-Packard "
"Readme "=" "
"Size "=" "
"EstimatedSize "= 0x0000000770 (1904)
"UninstallString "= "MsiExec.exe /X{26280024-DFB7-4967-90DB-7F9C6660D01E} "
"URLInfoAbout "= "http://www.hp.com/support "
"URLUpdateInfo "=" "
"VersionMajor "= 0x0000000003 (3)
"VersionMinor "= 0x0000000000 (0)
"WindowsInstaller "= 0x0000000001 (1)
"Version "= 0x000300001c (50331676)
"Language "= 0x0000000409 (1033)
"DisplayName "= "HP MediaSmart SmartMenu "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{350AA351-21FA-3270-8B7A-835434E766AD}]
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "=" "
"DisplayVersion "= "9.0.21022 "
"HelpLink "=" "
"HelpTelephone "=" "
"InstallDate "= "20100830 "
"InstallLocation "=" "
"InstallSource "= "C:\af78d5219fa2072ed506c9ddeaa310cf\ "
"ModifyPath "= "MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD} "
"NoModify "= 0x0000000001 (1)
"NoRepair "= 0x0000000001 (1)
"Publisher "= "Microsoft Corporation "
"Readme "=" "
"Size "=" "
"EstimatedSize "= 0x00000006d0 (1744)
"UninstallString "= "MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD} "
"URLInfoAbout "=" "
"URLUpdateInfo "=" "
"VersionMajor "= 0x0000000009 (9)
"VersionMinor "= 0x0000000000 (0)
"WindowsInstaller "= 0x0000000001 (1)
"Version "= 0x000900521e (151015966)
"Language "= 0x0000000409 (1033)
"DisplayName "= "Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}]
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "=" "
"DisplayVersion "= "9.0.30729 "
"HelpLink "=" "
"HelpTelephone "=" "
"InstallDate "= "20090815 "
"InstallLocation "=" "
"InstallSource "= "c:\ea4bcf6f734a1b7e7500f1\ "
"ModifyPath "= "MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE} "
"NoModify "= 0x0000000001 (1)
"NoRepair "= 0x0000000001 (1)
"Publisher "= "Microsoft Corporation "
"Readme "=" "
"Size "=" "
"EstimatedSize "= 0x0000000314 (788)
"UninstallString "= "MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE} "
"URLInfoAbout "=" "
"URLUpdateInfo "=" "
"VersionMajor "= 0x0000000009 (9)
"VersionMinor "= 0x0000000000 (0)
"WindowsInstaller "= 0x0000000001 (1)
"Version "= 0x0009007809 (151025673)
"Language "= 0x0000000409 (1033)
"DisplayName "= "Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90140000-002A-0000-1000-0000000FF1CE}]
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "=" "
"DisplayVersion "= "14.0.4763.1000 "
"HelpLink "=" "
"HelpTelephone "=" "
"InstallDate "= "20100916 "
"InstallLocation "= "C:\Program Files (x86)\Microsoft Office\ "
"InstallSource "= "C:\MSOCache\All Users\{90140000-003D-0000-0000-0000000FF1CE}-C\ "
"ModifyPath "= "MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE} "
"NoModify "= 0x0000000001 (1)
"Publisher "= "Microsoft Corporation "
"Readme "=" "
"Size "=" "
"EstimatedSize "= 0x00000098f9 (39161)
"SystemComponent "= 0x0000000001 (1)
"UninstallString "= "MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE} "
"URLInfoAbout "=" "
"URLUpdateInfo "=" "
"VersionMajor "= 0x000000000e (14)
"VersionMinor "= 0x0000000000 (0)
"WindowsInstaller "= 0x0000000001 (1)
"Version "= 0x000e00129b (234885787)
"Language "= 0x0000000000 (0)
"DisplayName "= "Microsoft Office Office 64-bit Components 2010 "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90140000-002A-0409-1000-0000000FF1CE}]
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "=" "
"DisplayVersion "= "14.0.4763.1000 "
"HelpLink "=" "
"HelpTelephone "=" "
"InstallDate "= "20100916 "
"InstallLocation "= "C:\Program Files (x86)\Microsoft Office\ "
"InstallSource "= "C:\MSOCache\All Users\{90140000-0116-0409-1000-0000000FF1CE}-C\ "
"ModifyPath "= "MsiExec.exe /X{90140000-002A-0409-1000-0000000FF1CE} "
"NoModify "= 0x0000000001 (1)
"Publisher "= "Microsoft Corporation "
"Readme "=" "
"Size "=" "
"EstimatedSize "= 0x0000000245 (581)
"SystemComponent "= 0x0000000001 (1)
"UninstallString "= "MsiExec.exe /X{90140000-002A-0409-1000-0000000FF1CE} "
"URLInfoAbout "=" "
"URLUpdateInfo "=" "
"VersionMajor "= 0x000000000e (14)
"VersionMinor "= 0x0000000000 (0)
"WindowsInstaller "= 0x0000000001 (1)
"Version "= 0x000e00129b (234885787)
"Language "= 0x0000000409 (1033)
"DisplayName "= "Microsoft Office Shared 64-bit MUI (English) 2010 "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90140000-0116-0409-1000-0000000FF1CE}]
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "=" "
"DisplayVersion "= "14.0.4763.1000 "
"HelpLink "=" "
"HelpTelephone "=" "
"InstallDate "= "20100916 "
"InstallLocation "= "C:\Program Files (x86)\Microsoft Office\ "
"InstallSource "= "C:\MSOCache\All Users\{90140000-0116-0409-1000-0000000FF1CE}-C\ "
"ModifyPath "= "MsiExec.exe /X{90140000-0116-0409-1000-0000000FF1CE} "
"NoModify "= 0x0000000001 (1)
"Publisher "= "Microsoft Corporation "
"Readme "=" "
"Size "=" "
"EstimatedSize "= 0x0000000286 (646)
"SystemComponent "= 0x0000000001 (1)
"UninstallString "= "MsiExec.exe /X{90140000-0116-0409-1000-0000000FF1CE} "
"URLInfoAbout "=" "
"URLUpdateInfo "=" "
"VersionMajor "= 0x000000000e (14)
"VersionMinor "= 0x0000000000 (0)
"WindowsInstaller "= 0x0000000001 (1)
"Version "= 0x000e00129b (234885787)
"Language "= 0x0000000409 (1033)
"DisplayName "= "Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}]
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "=" "
"DisplayVersion "= "8.0.50727.4053 "
"HelpLink "=" "
"HelpTelephone "=" "
"InstallDate "= "20100917 "
"InstallLocation "=" "
"InstallSource "= "c:\65bdaa487aa414963bf05c154e98\ "
"ModifyPath "= "MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C} "
"NoModify "= 0x0000000001 (1)
"NoRepair "= 0x0000000001 (1)
"Publisher "= "Microsoft Corporation "
"Readme "=" "
"Size "=" "
"EstimatedSize "= 0x0000000104 (260)
"UninstallString "= "MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C} "
"URLInfoAbout "=" "
"URLUpdateInfo "=" "
"VersionMajor "= 0x0000000008 (8)
"VersionMinor "= 0x0000000000 (0)
"WindowsInstaller "= 0x0000000001 (1)
"Version "= 0x000800c627 (134268455)
"Language "= 0x0000000409 (1033)
"DisplayName "= "Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}]
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "=" "
"DisplayVersion "= "9.0.30729.4148 "
"HelpLink "=" "
"HelpTelephone "=" "
"InstallDate "= "20100917 "
"InstallLocation "=" "
"InstallSource "= "c:\f6c941ff86002e04932318423d6c78\ "
"ModifyPath "= "MsiExec.exe /X{EE936C7A-EA40-31D5-9B65-8E3E089C3828} "
"NoModify "= 0x0000000001 (1)
"NoRepair "= 0x0000000001 (1)
"Publisher "= "Microsoft Corporation "
"Readme "=" "
"Size "=" "
"EstimatedSize "= 0x00000000d2 (210)
"UninstallString "= "MsiExec.exe /X{EE936C7A-EA40-31D5-9B65-8E3E089C3828} "
"URLInfoAbout "=" "
"URLUpdateInfo "=" "
"VersionMajor "= 0x0000000009 (9)
"VersionMinor "= 0x0000000000 (0)
"WindowsInstaller "= 0x0000000001 (1)
"Version "= 0x0009007809 (151025673)
"Language "= 0x0000000409 (1033)
"DisplayName "= "Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}]
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "=" "
"DisplayVersion "= "4.0.30319 "
"HelpLink "=" "
"HelpTelephone "=" "
"InstallDate "= "20101014 "
"InstallLocation "=" "
"InstallSource "= "C:\dc12a3817a96b8f921421e82f0\ "
"ModifyPath "= "MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} "
"NoModify "= 0x0000000001 (1)
"NoRepair "= 0x0000000001 (1)
"Publisher "= "Microsoft Corporation "
"Readme "= "http://go.microsoft.com/fwlink/?LinkId=164156 "
"Size "= 0x0000009b34 (39732)
"EstimatedSize "= 0x00000d682c (878636)
"SystemComponent "= 0x0000000001 (1)
"UninstallString "= "MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} "
"URLInfoAbout "= "http://go.microsoft.com/fwlink/?LinkId=164164 "
"URLUpdateInfo "= "http://go.microsoft.com/fwlink/?LinkId=164165 "
"VersionMajor "= 0x0000000004 (4)
"VersionMinor "= 0x0000000000 (0)
"WindowsInstaller "= 0x0000000001 (1)
"Version "= 0x000400766f (67139183)
"Language "= 0x0000000000 (0)
"DisplayName "= "Microsoft .NET Framework 4 Client Profile "

-= EOF =-

broni · 2011/01/14

I don't see it anywhere there.

As I said, it must be some registry leftover.
Since it doesn't show in your browser anymore, it won't bother you anymore.

I'll make one more effort to find it...
Double-click SystemLook.exe to run it.

Vista users:: Right click on SystemLook.exe, click Run As Administrator
Copy the content of the following box into the main textfield:
Code:
:regfind
*coupon*
Click the Look button to start the scan.

When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

jenna28jj · 2011/01/14

well, I think we did it!

SystemLook 04.09.10 by jpshortstuff
Log created at 18:30 on 14/01/2011 by shawns
Administrator - Elevation successful

========== regfind ==========

Searching for "*coupon* "
No data found.

-= EOF =-

broni · 2011/01/14

Yeah, nothing there, so we consider it as resolved unless you have some other issues.

jenna28jj · 2011/01/14

resolved, and thank you so much for all of your help. sincerely grateful.

broni · 2011/01/14

You're very welcome

Log in or Sign up

Solved CouponBar?

jenna28jj Inactive Thread Starter

broni Moderator Malware Analyst

jenna28jj Inactive Thread Starter

broni Moderator Malware Analyst

jenna28jj Inactive Thread Starter

broni Moderator Malware Analyst

jenna28jj Inactive Thread Starter

broni Moderator Malware Analyst

jenna28jj Inactive Thread Starter

broni Moderator Malware Analyst

jenna28jj Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Solved CouponBar?

jenna28jj Inactive Thread Starter

broni Moderator Malware Analyst

jenna28jj Inactive Thread Starter

broni Moderator Malware Analyst

jenna28jj Inactive Thread Starter

broni Moderator Malware Analyst

jenna28jj Inactive Thread Starter

broni Moderator Malware Analyst

jenna28jj Inactive Thread Starter

broni Moderator Malware Analyst

jenna28jj Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches