# Need help to remove Charter Suite



## lynne2322 (Feb 7, 2008)

Dear Members..
I have a somewhat unusual proble, I have a Toshiba Satellite P308-S8823 Operating system is Vista. I have Charter Security Suite 9.01 as my security and my ISP.
However lately I'm getting a notice that my antivirus is out of date, but it won't let me upgrade it.
I tried to remove it so I could install another Antivirus; but can't remove it even with charter help.
They (charter) does not know how to remove it, and thinks the problem is with my computer.
I tried 10 times to remove it and went into Safe mode 3 x's and tried to remove.
Can someone please help me. I can't use my computer until this is resolves.


----------



## captainron276 (Sep 11, 2010)

A lot of folks have used Revo to remove stubborn programs. Use the Free version. Create a System Restore point just to be safe.

http://www.revouninstaller.com/revo_uninstaller_free_download.html


----------



## lunarlander (Sep 22, 2007)

Hi captainron276, He has Vista. It only has SP2.


----------



## captainron276 (Sep 11, 2010)

I'll be darned, I clicked on his computer icon and it says XP with SP2? Now I read it again and see he/she has Vista. Getting old I guess....LOL Thanks Lunar for catching that


----------



## lynne2322 (Feb 7, 2008)

captainron276 said:


> A lot of folks have used Revo to remove stubborn programs. Use the Free version. Create a System Restore point just to be safe.
> 
> http://www.revouninstaller.com/revo_uninstaller_free_download.html


Hi captainron276..
Thank you so much for answering my SOS, I tried to download Revo and my browsers will not allow me to search. I did rent a New computer today and am going to try to fix my Vista machine. Will probably be calling on you again when I can get in. I have a feeling there is more wrong than just removing Charter Suite.
Thanks again for your info, I will definitely keep it for help with Vista, and my new computer.


----------



## Cookiegal (Aug 27, 2003)

Lynne, you really should update the computer specs field in your profile here at TSG because it does say you're running XP and helpers rely on that to provide the correct assistance. Thanks.


----------



## lynne2322 (Feb 7, 2008)

Cookiegal said:


> Lynne, you really should update the computer specs field in your profile here at TSG because it does say you're running XP and helpers rely on that to provide the correct assistance. Thanks.


Thank you so much for the reminder. I did update it and I can see where the tech would rely on the information I produce.
Lynne


----------



## Cookiegal (Aug 27, 2003)

Thanks for updating it Lynne.


----------



## lynne2322 (Feb 7, 2008)

lynne2322 said:


> Hi captainron276..
> Thank you so much for answering my SOS, I tried to download Revo and my browsers will not allow me to search. I did rent a New computer today and am going to try to fix my Vista machine. Will probably be calling on you again when I can get in. I have a feeling there is more wrong than just removing Charter Suite.
> Thanks again for your info, I will definitely keep it for help with Vista, and my new computer.


Hi...
I finally got Revo downloaded and ran it, It did not remove the Charter Suite; so I was wondering if I should run it under another selection. I ran it "Moderate-and that leaves "Built-in, Safe, Advanced" But wasn't sure which one to run. I think it makes sense to me that Charter should remove their Key from the application, but charter says that isn't necessary. Your thoughts please.
Lynne


----------



## captainron276 (Sep 11, 2010)

Lynne,

Maybe on of the Tech's will be able to advise you further. I am not familiar with Charter and was hoping that the default settng of Revo would help you out.


----------



## Cookiegal (Aug 27, 2003)

Did you try using their removal tool?

You should always try using the Control Panel method first and then run the tool afterwards.

http://www.myaccount.charter.com/customers/supportgeneral.aspx?pagetype=11


----------



## lynne2322 (Feb 7, 2008)

Cookiegal said:


> Did you try using their removal tool?
> 
> You should always try using the Control Panel method first and then run the tool afterwards.
> 
> http://www.myaccount.charter.com/customers/supportgeneral.aspx?pagetype=11


Hello...
I have used their removal tool about 20 times before calling Charter techs. I've also tried going into Safe mode and that will not work. Charter Tech has tried many times to help also. We are all exacerbated, because we had no success. But I need to get it off, so I can download a different one. It won't let me download another one until it's gone.
Thanks for all the help. I'm still open to try anything.
Lynne


----------



## Cookiegal (Aug 27, 2003)

Which anti-virus were you trying to install and what message did you get that Charter was still on the machine?


----------



## Cookiegal (Aug 27, 2003)

Please download the Event Viewer Tool by Vino Rosso *VEW* and save it to your Desktop:


Double-click *VEW.exe*

Under "Select log to query", select:

*Application*
*System*

Under "Select type to list", select:

*Error*

Click the radio button for "Number of events"
Type *10* in the 1 to 20 box 
Then click the *Run* button.

Notepad will open with the output log. Please copy and paste the contents here.


----------



## lynne2322 (Feb 7, 2008)

Cookiegal said:


> Which anti-virus were you trying to install and what message did you get that Charter was still on the machine?


When I uninstall Charter Suite, and after computer restarts I go to "Programs and Features" and Charter Suite is still there. 
I thought I would download and install AVGFree if I can get Charter Suite off. I liked Charter Suite for 10 years, but lately it keeps telling me that the antivirus has not been updated for 29 days. I never updated, Charter takes care of that, and when I tried manually it will not let me update.
Lynne


----------



## captainron276 (Sep 11, 2010)

Ahhh, glad to see Cookiegal in here helping you out Lynne She will get to the bottom of this for you.


----------



## Cookiegal (Aug 27, 2003)

Please download DDS by sUBs to your desktop from the following location:

http://download.bleepingcomputer.com/sUBs/dds.scr

Double-click the *dds.scr* file to run the program.

It will automatically run in silent mode and then you will see the following note:

*"Two logs shall be created on your Desktop".*

The logs will be named *dds.txt* and *attach.txt*.

Wait until the logs appear and then copy and paste their contents in your post.


----------



## Cookiegal (Aug 27, 2003)

Also, please run the tool I asked you to run previously. That will show us if there are any errors in the Event Viewer related to this.


----------



## captainron276 (Sep 11, 2010)

Bump


----------



## Cookiegal (Aug 27, 2003)

Captain,

"Bumping" is reserved for the original poster. If YOU are waiting for a response from them then it would be appropriate to post something asking if they have done what you suggested or still need help, etc. but please do not "bump" other people's threads. Thanks for understanding.


----------



## captainron276 (Sep 11, 2010)

Understood Cookiegal  Sorry


----------



## Cookiegal (Aug 27, 2003)

captainron276 said:


> Understood Cookiegal  Sorry


Thanks. No problem.


----------



## lynne2322 (Feb 7, 2008)

Cookiegal said:


> Also, please run the tool I asked you to run previously. That will show us if there are any errors in the Event Viewer related to this.


Hi Cookiegal...
I do have both of the programs you ask me to download on my desk top. I am going to run them tonight and will touch base with you again in the morning.
Thanks 
Lynne


----------



## lynne2322 (Feb 7, 2008)

Cookiegal said:


> Also, please run the tool I asked you to run previously. That will show us if there are any errors in the Event Viewer related to this.


Hi Cookiegal...
I do have both of the programs you ask me to download on my desk top. I am going to run them tonight and will touch base with you again in the morning.
Thanks 
Lynne


----------



## lynne2322 (Feb 7, 2008)

Cookiegal...
What do I tic (check) on the VEW application.
Lynne


----------



## lynne2322 (Feb 7, 2008)

I hope I did this right??

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 1.6.0_39
Run by Lynne at 23:23:56 on 2013-02-21
Microsoft® Windows Vista Home Premium 6.0.6002.2.1252.1.1033.18.3070.1581 [GMT -5:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Charter Security Suite 9.01 *Enabled/Outdated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Charter Security Suite 9.01 *Enabled/Outdated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
FW: Charter Security Suite 9.01 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\CISVC.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\FSGK32.EXE
C:\Program Files\Charter High-Speed Security Suite\Common\FSHDLL32.EXE
C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\TOSHIBA\IVP\ISM\pinger.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\System32\rpcnetp.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe
C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE
C:\Program Files\Common Files\aol\1268103784\ee\aolsoftware.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fssm32.exe
C:\Program Files\Charter High-Speed Security Suite\FWES\Program\fsdfwd.exe
C:\Program Files\Charter High-Speed Security Suite\ORSP Client\fsorsp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsav32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\goodsol\goodsol.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
C:\Windows\System32\notepad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://blekko.com/ws/?source={SourceID}&toolbarid=TOOLBARNAMESPACE&u=USERGUID&tbp=homepage
uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
dURLSearchHooks: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Pando Toolbar: {EC8677A0-C3EE-42e1-B85B-3FCE1728F6BA} - c:\program files\pandotb\pandodx.dll
TB: Pando Toolbar: {EC8677A0-C3EE-42e1-B85B-3FCE1728F6BA} - c:\program files\pandotb\pandodx.dll
TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [PCMAgent] "c:\program files\cyberlink\powercinema for toshiba\PCMAgent.exe"
mRun: [CLMLServer] "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\CLMLSvc.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [F-Secure Manager] "c:\program files\charter high-speed security suite\common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "c:\program files\charter high-speed security suite\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [HostManager] c:\program files\common files\aol\1268103784\ee\AOLSoftware.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Anti-phishing Domain Advisor] "c:\programdata\anti-phishing domain advisor\visicom_antiphishing.exe"
mRun: [EfficientAddressBookFree] <no file>
dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
LSP: c:\program files\charter high-speed security suite\fsps\program\FSLSP.DLL
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 24.159.64.23 24.217.201.67 66.189.0.100
TCP: Interfaces\{84E5B98B-6828-40CB-805A-E830BA4F18AA} : DHCPNameServer = 24.159.64.23 24.217.201.67 66.189.0.100
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\lynne\appdata\roaming\mozilla\firefox\profiles\4trvf6sb.default-1358554591160\
FF - prefs.js: browser.search.selectedEngine - Search the Web
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\picasa2\npPicasa3.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_168.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-01-03 21:38; [email protected]; c:\program files\charter high-speed security suite\nrs\[email protected]
FF - ExtSQL: 2013-02-14 23:48; {87934c42-161d-45bc-8cef-ef18abe2a30c}; c:\users\lynne\appdata\roaming\mozilla\firefox\profiles\4trvf6sb.default-1358554591160\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
.
============= SERVICES / DRIVERS ===============
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2009-3-31 44240]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2013-2-14 64512]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\charter high-speed security suite\hips\drivers\fshs.sys [2009-3-31 68064]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2009-3-31 36792]
R1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-3-31 73160]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\charter high-speed security suite\anti-virus\minifilter\fsvista.sys [2009-3-31 12384]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-7-3 116608]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2007-12-25 40960]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS;c:\program files\charter high-speed security suite\anti-virus\fsgk32st.exe [2009-3-31 215648]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-11-3 2152720]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDART.sys [2008-2-1 187904]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\charter high-speed security suite\anti-virus\minifilter\fsgk.sys [2009-3-31 144440]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\charter high-speed security suite\orsp client\fsorsp.exe [2009-3-31 61088]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-11-3 15232]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2008-1-15 48472]
R3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [2007-4-9 8192]
RUnknown rpcnetp;rpcnetp; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\Safari.exe="c:\program files\safari\Safari.exe" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2013-02-22 01:23:43 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{7f8af146-7be5-4a65-b14e-aae0596b1e48}\offreg.dll
2013-02-22 01:00:18 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2013-02-22 00:59:57 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2013-02-19 21:55:08 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{7f8af146-7be5-4a65-b14e-aae0596b1e48}\mpengine.dll
2013-02-17 03:50:39 -------- d-----w- c:\program files\VS Revo Group
2013-02-15 04:49:46 -------- d-----w- c:\users\lynne\appdata\local\adaware
2013-02-15 04:48:45 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2013-02-15 04:48:18 -------- d-----w- c:\program files\adawaretb
2013-02-15 04:47:58 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2013-02-15 00:42:30 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-15 00:42:30 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-14 23:55:40 -------- d-----w- C:\8322ef326b53ed79d027c703
2013-02-14 23:54:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-14 23:54:02 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-14 23:54:02 194048 ----a-w- c:\program files\internet explorer\IEShims.dll
2013-02-14 23:54:02 149528 ----a-w- c:\program files\internet explorer\sqmapi.dll
2013-02-14 23:54:01 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-14 23:54:00 194560 ----a-w- c:\program files\internet explorer\ieproxy.dll
2013-02-14 23:54:00 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-14 23:53:59 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-14 23:53:58 757280 ----a-w- c:\program files\internet explorer\iexplore.exe
2013-02-14 23:53:58 387584 ----a-w- c:\program files\internet explorer\jsdbgui.dll
2013-02-14 23:53:57 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll
2013-02-14 23:53:57 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-14 23:53:42 768000 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-02-14 00:22:32 2048512 ----a-w- c:\windows\system32\win32k.sys
2013-02-14 00:22:22 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-02-14 00:22:12 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-14 00:21:57 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-14 00:21:56 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-04 23:30:06 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
2013-02-04 23:30:05 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll
2013-02-04 23:30:04 588728 ----a-w- c:\program files\mozilla firefox\gkmedias.dll
2013-02-04 23:30:04 43960 ----a-w- c:\program files\mozilla firefox\mozglue.dll
2013-02-04 23:30:04 157352 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
2013-02-04 23:30:04 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
2013-02-04 23:30:03 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll
2013-02-04 23:30:03 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll
2013-02-04 23:30:03 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll
.
==================== Find3M ====================
.
2013-02-20 23:48:51 44544 ----a-w- c:\windows\system32\agremove.exe
2013-01-17 06:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-15 21:56:10 477616 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-01-15 21:56:07 473520 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-16 13:12:54 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50:29 293376 ----a-w- c:\windows\system32\atmfd.dll
.
============= FINISH: 23:25:15.96 ===============

ATTACH text
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 5/1/2008 1:20:45 PM
System Uptime: 2/21/2013 7:59:39 PM (4 hours ago)
.
Motherboard: TOSHIBA | | Satellite P305
Processor: Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz | U2E1 | 1833/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 231 GiB total, 153.844 GiB free.
D: is CDROM (CDFS)
E: is FIXED (FAT32) - 149 GiB total, 133.853 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1329: 1/29/2013 5:48:13 PM - Scheduled Checkpoint
RP1330: 1/30/2013 9:02:04 AM - Windows Update
RP1331: 2/3/2013 9:46:50 PM - Scheduled Checkpoint
RP1332: 2/4/2013 12:46:03 PM - Scheduled Checkpoint
RP1333: 2/5/2013 12:39:31 PM - Windows Update
RP1334: 2/7/2013 10:38:36 PM - Scheduled Checkpoint
RP1335: 2/8/2013 4:02:07 PM - Windows Update
RP1336: 2/10/2013 3:21:32 PM - Removed Adobe Reader 8.1.2
RP1337: 2/13/2013 7:17:37 PM - Windows Update
RP1338: 2/14/2013 6:46:45 PM - Windows Update
RP1339: 2/14/2013 11:36:52 PM - Installed Ad-Aware
RP1340: 2/14/2013 11:47:26 PM - Installed Ad-Aware
RP1341: 2/16/2013 1:45:50 PM - Scheduled Checkpoint
RP1342: 2/17/2013 5:59:51 PM - Scheduled Checkpoint
RP1344: 2/17/2013 6:21:52 PM - Revo Uninstaller's restore point - Charter Security Suite
RP1345: 2/19/2013 12:39:13 AM - Scheduled Checkpoint
RP1346: 2/19/2013 4:53:29 PM - Windows Update
RP1347: 2/20/2013 10:00:41 PM - Scheduled Checkpoint
RP1348: 2/21/2013 11:06:48 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
7-Zip 4.57
Ad-Aware Security Toolbar
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Anti-phishing Domain Advisor
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
Bluetooth Stack for Windows by Toshiba
Bonjour
BrainsBreaker 4.11(001)
BrainsBreaker additional puzzles
Camera Assistant Software for Toshiba
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Dutch
CCC Help English
CCC Help French
CCC Help German
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Portuguese
CCC Help Spanish
CCC Help Swedish
CCScore
CD/DVD Drive Acoustic Silencer
Charter Security Suite
Christmas Wonderland 1.00
Conexant HD Audio
CyberLink PowerCinema for TOSHIBA
D3DX10
DVD MovieFactory for TOSHIBA
Efficient Address Book Free 3.0
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSTOOLS
essvatgt
EULAlyzer 2.0
F-Secure PSC Prerequisites
GearDrvs
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) PROSet/Wireless Software
Intel® Matrix Storage Manager
IrfanView (remove only)
iTunes
Java Auto Updater
Java(TM) 6 Update 3
Java(TM) 6 Update 39
Kodak EasyShare software
Livebrush Lite
Many Years Ago
Marvell Miniport Driver
mCorev32.ism_new
mCPlug
Memeo AutoBackup
mHelp
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Web Components
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft XML Parser
Mihov Image Resizer (remove only)
Minos album v2.6.9.303
mMHouse
MobileMe Control Panel
Mozilla Firefox 12.0 (x86 en-US)
mPfMgr
MSVCRT
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
netbrdg
NetWaiting
Norton 360
NTI Shadow 3
O2Micro Flash Memory Card Reader Driver (x86)
OfotoXMI
OGA Notifier 2.0.0048.0
Pando
Picasa 3
Pretty Good Solitaire version 13.2.0
QuickTime
RarMonkey
RegTool
Revo Uninstaller 1.94
RTC Client API v1.2
Safari
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Segoe UI
SFR
SHASTA
skin0001
Skins
SKINXSDK
Sony Picture Utility
staticcr
StuffIt Expander
Synaptics Pointing Device Driver
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Games
TOSHIBA Hardware Setup
Toshiba Registration
TOSHIBA SD Memory Utilities
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
Trogladite Software SendTo 1.6
Uninstall AOL Emergency Connect Utility 1.0
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 0.9.2
VPRINTOL
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Encoder 9 Series
WinRAR archiver
WinX DVD Ripper Platinum 5.1.1
WIRELESS
Yippy
.
==== End Of File ===========================



Cookiegal said:


> Please download DDS by sUBs to your desktop from the following location:
> 
> http://download.bleepingcomputer.com/sUBs/dds.scr
> 
> ...


----------



## Cookiegal (Aug 27, 2003)

lynne2322 said:


> Cookiegal...
> What do I tic (check) on the VEW application.
> Lynne



Under "Select log to query", select:

*Application*
*System*

Under "Select type to list", select:

*Error*

Click the radio button for "Number of events"
Type *10* in the 1 to 20 box 
Then click the *Run* button.


----------



## Cookiegal (Aug 27, 2003)

Please uninstall the following via the Control Panel:

Ad-Aware Security Toolbar
F-Secure PSC Prerequisites
Norton 360

Then download and run the Norton removal tool:

https://support.norton.com/sp/en/us/home/current/solutions/kb20080710133834EN_EndUserProfile_en_us

After the tool has run please be sure the system is rebooted.

Than see if you can uninstall Charter via the Control Panel. If that seems to be successful, follow it up by running the Charter removal tool as well then reboot.


----------



## lynne2322 (Feb 7, 2008)

Cookiegal said:


> Under "Select log to query", select:
> 
> *Application*
> *System*
> ...


Then do I come back and post the results here.
Will the results post to my desk top as the dde and Vew did?
BTW should included "Quote message in reply?" each time.
Lynne


----------



## Cookiegal (Aug 27, 2003)

Notepad should open automatically with the log so you just have to copy/paste the contents here.

No, it's not necessary to use the quote button to quote my posts.


----------



## lynne2322 (Feb 7, 2008)

Well, I'm not sure what this is: but here is what I got when I run VEW marked as you suggested.

Run time error "75"
Path file access error. 
OK button


----------



## Cookiegal (Aug 27, 2003)

Right-click the vew.exe file and select "Run as Administrator". That should get it to work.


----------



## lynne2322 (Feb 7, 2008)

VEW report.
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 22/02/2013 5:36:19 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/02/2013 6:24:25 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 22/02/2013 6:24:22 PM
Type: Error Category: 0
Event: 103 Source: FSecure-FSecure-F-Secure DeepGuard
1 2013-02-22 13:24:22-04:00 lynne-pc SYSTEM F-Secure DeepGuard DeepGuard configuration was rejected. Old configuration will be used if possible. Error code: XML parse failed 

Log: 'Application' Date/Time: 22/02/2013 5:03:18 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application AAWService.exe, version 9.0.0.0, time stamp 0x4fbb5c7b, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0xd99c858b, process id 0x1540, application start time 0x01ce1098a964ebf1.

Log: 'Application' Date/Time: 22/02/2013 4:06:58 AM
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed

System Error:
The system cannot find the file specified. .

Log: 'Application' Date/Time: 22/02/2013 1:04:59 AM
Type: Error Category: 0
Event: 0 Source: Lavasoft Ad-Aware Service
The event description cannot be found.

Log: 'Application' Date/Time: 22/02/2013 1:00:29 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 22/02/2013 1:00:26 AM
Type: Error Category: 0
Event: 103 Source: FSecure-FSecure-F-Secure DeepGuard
1 2013-02-21 20:00:26-04:00 lynne-pc SYSTEM F-Secure DeepGuard DeepGuard configuration was rejected. Old configuration will be used if possible. Error code: XML parse failed 

Log: 'Application' Date/Time: 20/02/2013 11:46:15 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 20/02/2013 11:46:03 PM
Type: Error Category: 0
Event: 103 Source: FSecure-FSecure-F-Secure DeepGuard
1 2013-02-20 18:46:03-04:00 lynne-pc SYSTEM F-Secure DeepGuard DeepGuard configuration was rejected. Old configuration will be used if possible. Error code: XML parse failed 

Log: 'Application' Date/Time: 20/02/2013 3:13:14 AM
Type: Error Category: 0
Event: 103 Source: FSecure-FSecure-F-Secure DeepGuard
1 2013-02-19 22:13:14-04:00 lynne-pc SYSTEM F-Secure DeepGuard DeepGuard configuration was rejected. Old configuration will be used if possible. Error code: XML parse failed 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 25/06/2008 2:12:00 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 7:31:45 PM on 6/24/2008 was unexpected.

Log: 'System' Date/Time: 24/06/2008 8:06:03 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 24/06/2008 8:05:50 PM
Type: Error Category: 0
Event: 15016 Source: Microsoft-Windows-HttpEvent
Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.

Log: 'System' Date/Time: 24/06/2008 7:53:06 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 24/06/2008 7:52:57 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 24/06/2008 7:52:57 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 24/06/2008 7:52:57 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 24/06/2008 7:52:57 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: AFD DfsC FSES FSFW NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr tdx Wanarpv6 ws2ifsl

Log: 'System' Date/Time: 24/06/2008 7:52:57 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

Log: 'System' Date/Time: 24/06/2008 7:52:57 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.


----------



## Cookiegal (Aug 27, 2003)

OK, please follow the instructions in post no. 28 now.

When running the removal tools (both Norton and F-Secure) be secure to right-click them and select "Run as Administrator".


----------



## lynne2322 (Feb 7, 2008)

Hi Cookiegal...
I don't know what you mean here, I'm sorry I'm not more techie.
Which is the tech tool. and I don't have Nortons, just F-Secire.
Please identify for me the tech tool. I'm sure it's one of the items you
sent me, but I don't know which.
Lynne


----------



## Cookiegal (Aug 27, 2003)

Your Programs list is showing Norton 360.

Please read post no. 28. Everything you need is there.


----------



## lynne2322 (Feb 7, 2008)

Hi Cookiegal...

I tried going into the control panel, but found none of these there as: 1. Ad-Aware Security Toolbar, 2. F-Secure PSC Prerequisites, 3. Norton 360. So, I went into programs and features from the control panel and did find and removed Ad-Aware Security Toolbar, Could not find F-Secure PSC Prerequisites, or Norton 360.
I do remember Charter sent me to Programs and Features when they were trying to remove Charter Suite.
I also did a search from Features and programs for: F-Secure PSC Prerequisites, and Norton 360, but could find neither. 
I did not download the Norton removal tool yet, wanted to hear from you first.

AdAwae Security Toolbar is gone.
Lynne


----------



## Cookiegal (Aug 27, 2003)

Please go ahead and download and run the Norton Removal tool. Then reboot the machine.

Then see if you can uninstall Charter.


----------



## lynne2322 (Feb 7, 2008)

Hi CookieGal...

I download the Norton tool removal, and here is my choices they list. Below.
Since my "Charter Suite" isn't listed, I think we should go ahead and check the 3rd one dow. ( Norton Secirotu Suite Or Norton Business Suite. What do you say? I just didn't want to mess it up now with all the time and work you have invested in it.
Lynne

{Norton product

Download Norton Removal Tool to remove a failed installation or a damaged Norton product.

The Norton Removal Tool uninstalls Norton AntiVirus, Norton Internet Security, Norton 360, and Norton SystemWorks 12.0 from your computer. If you use ACT! or WinFAX, back up those databases before you proceed.
Download Norton Removal Tool

The steps to download and run the Norton Removal Tool differ depending on what product you have.
Choose your product:
I have a Norton product that was purchased from my service provider
I have Norton AntiVirus, Norton Internet Security, or Norton 360
I have Norton Security Suite or Norton Business Suite
I have Norton SystemWorks 12.0
I have Norton Ghost or Norton Save & Restore
I have pcAnywhere or WinFax

This solution was previously published as KB 2001111912274039.}


----------



## captainron276 (Sep 11, 2010)

Lynne2322,



> Your Programs list is showing Norton 360.


Since Cookiegal mentioned this is the one showing, I would go ahead and download your second choice.


----------



## Cookiegal (Aug 27, 2003)

Yup. This is not to remove Charter, it's to remove any remnants of Norton 360 so this is the one to choose:

*I have Norton AntiVirus, Norton Internet Security, or Norton 360*


----------



## lynne2322 (Feb 7, 2008)

Well, I did download the Norton Internet Security, or Norton 360 tool, right clicked, selected Run as Administrator, and upon completion of the run, restarted as stated. 
Cookiegal advised me to go back after the reboot and Uninstall Charter Suite which I did and then restarted again.
But, to my dismay Charter Suite is still there. I was disappointed I thought it would be gone. 
Any more suggestions. Thanks to all who has help me with all this.
Lynne


----------



## Cookiegal (Aug 27, 2003)

I just realized there were other components of Ad-Aware running that may still be interfering so please do this.

Click the Start button then All Programs then Accessories and finally Command Prompt then type in the following at the command prompt:

*SC Stop "Lavasoft Ad-Aware Service"*

Then press *Enter*

Type:

*SC Delete "Lavasoft Ad-Aware Service"*

Then press *Enter*

Type:

*SC Stop Lavasoft Kernexplorer*

Press *Enter*

Type:

*SC Delete Lavasoft Kernexplorer*

Press *Enter*

Type:

*Exit*

Then please delete this folder:

c:\program files\*lavasoft*

After doing the above please reboot the machine then see if you can uninstall Charter.


----------



## lynne2322 (Feb 7, 2008)

Hi Cookiegal...
You are right, I removed Ad-Aware; but when I log on I still get a message that Ad-Aware is trying to update, so I deny it.
Also below is what I got when trying to do the prompts you wanted me to. Is this OK or not?

[ SC] Openservice FAILED 1060:

The specific service does not exist as an installed service
C:/users/Lynne> SC STOP "Lavasoft Ad Adware Service

[SC] Open Service Failed 5:

Access is denied


----------



## Cookiegal (Aug 27, 2003)

You didn't include the closing quotation marks in the command. Please try again.


----------



## lynne2322 (Feb 7, 2008)

Sorry!
My second try below.
Is my forward leaning slash supposed to be a backward leaning?
Lynne:

C:/Users/Lynne>
C:/Users/Lynne> SC Stop "Lavasoft Ad-Aware Service" 
[SC] OpenService FAILED 5:

Access is denied.

C:/Users/Lynne>SC Delete "Lavasoft Ad-Adware Service"
[SC] OpenService FAILED 5:
Access is denied.
C:/Users/Lynne>


----------



## Cookiegal (Aug 27, 2003)

Yes they should be backward slashes. Are you typing C:/Users/Lynne> or is that what you actually see there? I forgot to include the instructions for elevated privileges so please try this:

Click the Start button then All Programs then Accessories and then right click on Command Prompt and select "Run as Administrator" to open a command prompt. Then try the commands again please.


----------



## lynne2322 (Feb 7, 2008)

Yes, I am typing all of what you see I tried to copy and paste but is wouldn't let me. I had to hand write it out then copy it to a new E mail. 
What's with the backward/ forward slash, all I see is the one I used; the question mark slash key.??
Off to try elevated privileges will let you know.



Yes they should be backward slashes. Are you typing C:/Users/Lynne> or is that what you actually see there? I forgot to include the instructions for elevated privileges so please try this:


----------



## Cookiegal (Aug 27, 2003)

Let's see what elevated privileges does. If that doesn't work, I'd like you to post a screenshot of what you see when you open a command prompt.


----------



## lynne2322 (Feb 7, 2008)

You said you forgot to include instructions for "elevated privileges" Where do I find that; or are you going to give me instructions?
Lynne

I forgot to include the instructions for elevated privileges so please try this:


----------



## Cookiegal (Aug 27, 2003)

Cookiegal said:


> Click the Start button then All Programs then Accessories and then right click on Command Prompt and select "Run as Administrator" to open a command prompt. Then try the commands again please.


As stated in post no. 47.


----------



## lynne2322 (Feb 7, 2008)

Hi Cookiegal..
Here is the command prompt in "Run as Administratior"

Copyright (c) 2006 Microsoft Corporation. All rights reserved.
* 
C:/Windows/system32>sc STOP "Lavasoft Ad-Aware Service"

SERVICE NAME: LAVASOFT Ad-Aware Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 3 STOP-PENDING
(STOPPABLE, NOT_PAUSABLE.ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)a
CHECKPOINT : 0x2
WAIT_HINE : 0x0
C:/Windows/system32> SC DELETE "Lavasoft Ad-Aware Service"
[SC] DeleteService SUCCESS
C:/Windows/system32>SC Stop Lavasoft kernexplorer
[SC] DeleteService FAILED 1060:
The specified service does not exist as an installed service.*


----------



## Cookiegal (Aug 27, 2003)

Please run DDS again and post just the dds.txt log.


----------



## lynne2322 (Feb 7, 2008)

Hi Cookiegal

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 1.6.0_39
Run by Lynne at 15:38:12 on 2013-02-27
Microsoft® Windows Vista Home Premium 6.0.6002.2.1252.1.1033.18.3070.1990 [GMT -5:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Charter Security Suite 9.01 *Enabled/Outdated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Charter Security Suite 9.01 *Enabled/Outdated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
FW: Charter Security Suite 9.01 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\CISVC.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\FSGK32.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSHDLL32.EXE
C:\TOSHIBA\IVP\ISM\pinger.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe
C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE
C:\Program Files\Common Files\aol\1268103784\ee\aolsoftware.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fssm32.exe
C:\Program Files\AOL Desktop 9.6\waol.exe
C:\Program Files\Charter High-Speed Security Suite\FWES\Program\fsdfwd.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\AOL Desktop 9.6\shellmon.exe
C:\Program Files\Charter High-Speed Security Suite\ORSP Client\fsorsp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsav32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://blekko.com/ws/?source={SourceID}&toolbarid=TOOLBARNAMESPACE&u=USERGUID&tbp=homepage
uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
dURLSearchHooks: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - 
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Pando Toolbar: {EC8677A0-C3EE-42e1-B85B-3FCE1728F6BA} - c:\program files\pandotb\pandodx.dll
TB: Pando Toolbar: {EC8677A0-C3EE-42e1-B85B-3FCE1728F6BA} - c:\program files\pandotb\pandodx.dll
uRun: [AOL Fast Start] "c:\program files\aol desktop 9.6\AOL.EXE" -b
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [PCMAgent] "c:\program files\cyberlink\powercinema for toshiba\PCMAgent.exe"
mRun: [CLMLServer] "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\CLMLSvc.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [F-Secure Manager] "c:\program files\charter high-speed security suite\common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "c:\program files\charter high-speed security suite\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [HostManager] c:\program files\common files\aol\1268103784\ee\AOLSoftware.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Anti-phishing Domain Advisor] "c:\programdata\anti-phishing domain advisor\visicom_antiphishing.exe"
mRun: [EfficientAddressBookFree] <no file>
dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
LSP: c:\program files\charter high-speed security suite\fsps\program\FSLSP.DLL
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 24.159.64.23 24.217.201.67 24.177.176.38
TCP: Interfaces\{84E5B98B-6828-40CB-805A-E830BA4F18AA} : DHCPNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\lynne\appdata\roaming\mozilla\firefox\profiles\4trvf6sb.default-1358554591160\
FF - prefs.js: browser.search.selectedEngine - Search the Web
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\picasa2\npPicasa3.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_168.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-01-03 21:38; [email protected]; c:\program files\charter high-speed security suite\nrs\[email protected]
FF - ExtSQL: 2013-02-18 00:52; {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2009-3-31 44240]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2013-2-14 64512]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\charter high-speed security suite\hips\drivers\fshs.sys [2009-3-31 68064]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2009-3-31 36792]
R1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-3-31 73160]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\charter high-speed security suite\anti-virus\minifilter\fsvista.sys [2009-3-31 12384]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-7-3 116608]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2007-12-25 40960]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS;c:\program files\charter high-speed security suite\anti-virus\fsgk32st.exe [2009-3-31 215648]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDART.sys [2008-2-1 187904]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\charter high-speed security suite\anti-virus\minifilter\fsgk.sys [2009-3-31 144440]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\charter high-speed security suite\orsp client\fsorsp.exe [2009-3-31 61088]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2008-1-15 48472]
R3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [2007-4-9 8192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\Safari.exe="c:\program files\safari\Safari.exe" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2013-02-27 00:28:45 6954968 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{021e1a6e-6772-415a-a773-27f0c09415f4}\mpengine.dll
2013-02-27 00:05:58 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2013-02-27 00:05:34 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2013-02-17 03:50:39 -------- d-----w- c:\program files\VS Revo Group
2013-02-15 04:47:58 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2013-02-15 00:42:30 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-15 00:42:30 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-14 23:55:40 -------- d-----w- C:\8322ef326b53ed79d027c703
2013-02-14 23:54:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-14 23:54:02 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-14 23:54:02 194048 ----a-w- c:\program files\internet explorer\IEShims.dll
2013-02-14 23:54:02 149528 ----a-w- c:\program files\internet explorer\sqmapi.dll
2013-02-14 23:54:01 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-14 23:54:00 194560 ----a-w- c:\program files\internet explorer\ieproxy.dll
2013-02-14 23:54:00 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-14 23:53:59 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-14 23:53:58 757280 ----a-w- c:\program files\internet explorer\iexplore.exe
2013-02-14 23:53:58 387584 ----a-w- c:\program files\internet explorer\jsdbgui.dll
2013-02-14 23:53:57 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll
2013-02-14 23:53:57 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-14 23:53:42 768000 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-02-14 00:22:32 2048512 ----a-w- c:\windows\system32\win32k.sys
2013-02-14 00:22:22 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-02-14 00:22:12 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-14 00:21:57 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-14 00:21:56 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-04 23:30:06 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
2013-02-04 23:30:05 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll
2013-02-04 23:30:04 588728 ----a-w- c:\program files\mozilla firefox\gkmedias.dll
2013-02-04 23:30:04 43960 ----a-w- c:\program files\mozilla firefox\mozglue.dll
2013-02-04 23:30:04 157352 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
2013-02-04 23:30:04 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
2013-02-04 23:30:03 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll
2013-02-04 23:30:03 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll
2013-02-04 23:30:03 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll
.
==================== Find3M ====================
.
2013-02-26 01:32:39 44544 ----a-w- c:\windows\system32\agremove.exe
2013-01-17 06:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-15 21:56:10 477616 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-01-15 21:56:07 473520 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-16 13:12:54 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50:29 293376 ----a-w- c:\windows\system32\atmfd.dll
.
============= FINISH: 15:39:18.00 ===============


----------



## Cookiegal (Aug 27, 2003)

Try shutting down Charter completely. Make sure all other windows are closed. Then open up the Task Manager (Ctrl-Alt-Del) and highlight any of the following processes you see under "image Name" on the Processes Tab one at a time and then click on "End Process".

fsgk32st.exe
FSMA32.EXE
FSGK32.EXE
FSHDLL32.EXE
FSM32.EXE
fssm32.exe
fsdfwd.exe
fsorsp.exe
fsav32.exe


Once those no longer appear in the list try uninstall Charter via the Control Panel first and then running the removal tool.


----------



## lynne2322 (Feb 7, 2008)

Hi Cookiegal...
I can't shut down CharterSuite. I've talked to Charter Tech 2 time tonight and they send a link to try, but I don't know how to shut it down. Do you know how to shut it down.
I went through control but couldn't find anything that will work.
I'm going to keep trying.
Lynne


----------



## Cookiegal (Aug 27, 2003)

What link did they send you to try?

If you right-click the icon in the system tray is there no option to disable it or exit there?


----------



## lynne2322 (Feb 7, 2008)

Hi CookieGal..
Below is the link Charter sent me, but it did not work.

ftp://ftp.f-secure.com/support/tools/uitool/UninstallationTool.exe

Anyway in all the things I've tried to do, something removed CharterSuite from my system tray, but just now checked and CharterSuite is still on my laptop.
Hope this helps
Lynne


----------



## Cookiegal (Aug 27, 2003)

Please download *SystemLook* from one of the links below and save it to your Desktop.
*Download Mirror #1
Download Mirror #2*
Double-click *SystemLook.exe* to run it.
Copy the content of the following code box into the main text field:

```
:filefind
*ad-aware*
*lavasoft*
:folderfind
*lavasoft*
*Ad-aware*
:regfind
lavasoft
ad-aware
```

Click the *Look* button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
*Note:* The log can also be found on your Desktop entitled *SystemLook.txt*


----------



## lynne2322 (Feb 7, 2008)

Hi...
Since Mirror 1, and 2 are download sites, and I'm not sure about my antivirus after the desk tray icon disappeared, do you think it's safe to download from these sites?
Thanks
Lynne


----------



## Cookiegal (Aug 27, 2003)

The downloads are safe. Isn't Charter still running though?


----------



## lynne2322 (Feb 7, 2008)

It says it is; but after all the uninstalls I've done I don't know, 
Lynne


----------



## Cookiegal (Aug 27, 2003)

I need to see if there are still remnants of Ad-Aware as that may be interfering.


----------



## lynne2322 (Feb 7, 2008)

Is this what you are looking for?

SystemLook 30.07.11 by jpshortstuff

Log created at 22:49 on 01/03/2013 by Lynne

Administrator - Elevation successful



========== filefind ==========



Searching for "*ad-aware*"


----------



## lynne2322 (Feb 7, 2008)

Sorry about the other post, I gave up too fast, But here is what you are looking for.

SystemLook 30.07.11 by jpshortstuff
Log created at 22:49 on 01/03/2013 by Lynne
Administrator - Elevation successful

========== filefind ==========

Searching for "*ad-aware*"
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe	--a---- 1895736 bytes	[17:06 03/11/2011]	[05:02 18/02/2013] 2F5E14E8E934898D23EA0532475F93F8
C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe	--a---- 1744312 bytes	[17:06 03/11/2011]	[17:06 03/11/2011] 98070A7FCE5B4AFB24A142C6F4C25CC1
C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareCommand.exe	--a---- 1250448 bytes	[05:02 18/02/2013]	[05:02 18/02/2013] 0BFD76B6F38CED2286E5FAD893694BA2
C:\Program Files\Lavasoft\Ad-Aware\Lavasoft Ad-Aware Manual.url	--a---- 175 bytes	[16:05 19/05/2011]	[16:05 19/05/2011] F9CEA9ED5BD1AE88AF13FE3D137B8F73
C:\ProgramData\Lavasoft\Ad-Aware\Update\Ad-Aware.exe	--a---- 1895736 bytes	[05:02 18/02/2013]	[05:02 18/02/2013] 2F5E14E8E934898D23EA0532475F93F8
C:\ProgramData\Lavasoft\Ad-Aware\Update\Ad-Aware.exe.compressed	--a---- 428102 bytes	[05:02 18/02/2013]	[05:02 18/02/2013] D9932E07D1CA1588FDFC73D77A361E33
C:\ProgramData\Lavasoft\Ad-Aware\Update\Ad-Aware.exe.to_be_patched	--a---- 1891048 bytes	[05:02 18/02/2013]	[17:06 03/11/2011] 60A68843F7A29195FF0CADAABD46973F
C:\ProgramData\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe	--a---- 1250448 bytes	[05:02 18/02/2013]	[05:02 18/02/2013] 0BFD76B6F38CED2286E5FAD893694BA2
C:\ProgramData\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe.compressed	--a---- 299969 bytes	[05:02 18/02/2013]	[05:02 18/02/2013] 67E8ACAA50B03330DFBC835BB6DE55C8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware\Ad-Aware Manual.lnk	--a---- 1862 bytes	[04:48 15/02/2013]	[04:48 15/02/2013] 0A89A4FE8CEE85A07597E91829A0F5DF
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware\Ad-Aware Update.lnk	--a---- 1903 bytes	[04:48 15/02/2013]	[04:48 15/02/2013] AE48C13D6A498DF3E90027B5E2FE56B6
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware\Ad-Aware.lnk	--a---- 932 bytes	[04:48 15/02/2013]	[04:48 15/02/2013] 2AB8E728251D24878D43753ADFE07E5C
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware\Uninstall Ad-Aware.lnk	--a---- 687 bytes	[04:48 15/02/2013]	[04:48 15/02/2013] 4053AABC12E0ADB674D7B572EC0F15A0
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report16d2e8b8\Ad-AwareAdmin.exe.hu.kdmp	--a--c- 55785070 bytes	[05:25 25/02/2013]	[05:25 25/02/2013] 0ED6C097FA8411DEC268E063F4187F13
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report16d2e8b8\Ad-AwareAdmin.exe.xml	--a--c- 4486 bytes	[05:25 25/02/2013]	[05:25 25/02/2013] EC8C7AFF4119B64E8A7E7FF746953657
C:\Users\All Users\Lavasoft\Ad-Aware\Update\Ad-Aware.exe	--a---- 1895736 bytes	[05:02 18/02/2013]	[05:02 18/02/2013] 2F5E14E8E934898D23EA0532475F93F8
C:\Users\All Users\Lavasoft\Ad-Aware\Update\Ad-Aware.exe.compressed	--a---- 428102 bytes	[05:02 18/02/2013]	[05:02 18/02/2013] D9932E07D1CA1588FDFC73D77A361E33
C:\Users\All Users\Lavasoft\Ad-Aware\Update\Ad-Aware.exe.to_be_patched	--a---- 1891048 bytes	[05:02 18/02/2013]	[17:06 03/11/2011] 60A68843F7A29195FF0CADAABD46973F
C:\Users\All Users\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe	--a---- 1250448 bytes	[05:02 18/02/2013]	[05:02 18/02/2013] 0BFD76B6F38CED2286E5FAD893694BA2
C:\Users\All Users\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe.compressed	--a---- 299969 bytes	[05:02 18/02/2013]	[05:02 18/02/2013] 67E8ACAA50B03330DFBC835BB6DE55C8
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware\Ad-Aware Manual.lnk	--a---- 1862 bytes	[04:48 15/02/2013]	[04:48 15/02/2013] 0A89A4FE8CEE85A07597E91829A0F5DF
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware\Ad-Aware Update.lnk	--a---- 1903 bytes	[04:48 15/02/2013]	[04:48 15/02/2013] AE48C13D6A498DF3E90027B5E2FE56B6
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware\Ad-Aware.lnk	--a---- 932 bytes	[04:48 15/02/2013]	[04:48 15/02/2013] 2AB8E728251D24878D43753ADFE07E5C
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware\Uninstall Ad-Aware.lnk	--a---- 687 bytes	[04:48 15/02/2013]	[04:48 15/02/2013] 4053AABC12E0ADB674D7B572EC0F15A0
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report16d2e8b8\Ad-AwareAdmin.exe.hu.kdmp	--a--c- 55785070 bytes	[05:25 25/02/2013]	[05:25 25/02/2013] 0ED6C097FA8411DEC268E063F4187F13
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report16d2e8b8\Ad-AwareAdmin.exe.xml	--a--c- 4486 bytes	[05:25 25/02/2013]	[05:25 25/02/2013] EC8C7AFF4119B64E8A7E7FF746953657
C:\Users\Lynne\AppData\Local\Temp\AAWInstallerTemp\v9.6.0\Ad-Aware.msi	--ah--- 15544320 bytes	[17:08 03/11/2011]	[17:08 03/11/2011] EA5A6FC1C4C28B9AFB965C7E01DD1248
C:\Users\Lynne\Desktop\Desk Drawer\FILE CAB\UTil 4 now\Ad-Aware.lnk	--a---- 978 bytes	[04:47 13/05/2010]	[04:33 20/05/2010] CCF0727BDA2E8C7E45EC097CA595D6AF
C:\Users\Lynne\Desktop\Desk Drawer\FILE CAB\UTil 4 now\Ad-AwareInstall.exe	--a---- 128750008 bytes	[01:40 30/07/2010]	[01:41 30/07/2010] CA8DAAA68DD094D201FB5D6AB467CE82
C:\Users\Lynne\Desktop\Desk Drawer\FILE CAB\UTil 4 now\Utilities2\Ad-AwareInstaller.exe	--a---- 97364760 bytes	[04:28 20/05/2010]	[04:28 20/05/2010] A2162244C42228FD857A2B7786B4DF9D
C:\Users\Lynne\Desktop\Desk Drawer\FILE CAB\UTil 4 now\Utilities2\new\Ad-AwareInstaller.exe	--a---- 97364760 bytes	[23:44 19/02/2010]	[23:46 19/02/2010] A2162244C42228FD857A2B7786B4DF9D
C:\Users\Lynne\Desktop\Desk Drawer\FILE CAB\UTil 4 now\Utilities2\New utilities\Ad-AwareInstallation.exe	--a---- 77086488 bytes	[22:44 14/10/2009]	[22:46 14/10/2009] A79004C06D357F9BD34BEDAFDE5A71AB
C:\Users\Lynne\Desktop\Desk Drawer\FILE CAB\~Games\4 New Puzzles\~Done Already\FILE CAB\~Lynne\Downloads\Ad-Aware95Install.msi	--a---- 10268672 bytes	[02:58 31/08/2011]	[02:58 31/08/2011] A49C8C949068EA22BACDA5CB29CB5F23
C:\Users\Lynne\Desktop\Desk Drawer\FILE CAB\~Lynne\Lynne\Lynne\Desktop\UTil 4 now\Ad-Aware.lnk	--a---- 978 bytes	[05:53 19/07/2010]	[04:33 20/05/2010] CCF0727BDA2E8C7E45EC097CA595D6AF
C:\Users\Lynne\Desktop\Desk Drawer\FILE CAB\~Lynne\Lynne\Lynne\Desktop\Utilities2\Ad-AwareInstaller.exe	--a---- 97364760 bytes	[05:53 19/07/2010]	[04:28 20/05/2010] A2162244C42228FD857A2B7786B4DF9D
C:\Users\Lynne\Desktop\Desk Drawer\FILE CAB\~Lynne\Lynne\Lynne\Desktop\Utilities2\new\Ad-AwareInstaller.exe	--a---- 97364760 bytes	[05:53 19/07/2010]	[23:46 19/02/2010] A2162244C42228FD857A2B7786B4DF9D
C:\Users\Lynne\Desktop\Desk Drawer\FILE CAB\~Lynne\Lynne\Lynne\Desktop\Utilities2\New utilities\Ad-AwareInstallation.exe	--a---- 77086488 bytes	[05:53 19/07/2010]	[22:46 14/10/2009] A79004C06D357F9BD34BEDAFDE5A71AB
C:\Users\Lynne\Desktop\Utilities\Ad-Aware.lnk	--a---- 908 bytes	[14:47 07/11/2011]	[06:45 22/11/2011] 0EAB5799DDAA69E780A0316524B2A061
C:\Users\Lynne\Desktop\Utilities\Ad-Aware96Install.msi	--a---- 12021760 bytes	[14:52 07/11/2011]	[06:37 22/11/2011] 509F0ED75FFEF3D74A44B98DF1694265
C:\Windows\System32\Tasks\Ad-Aware Update (Weekly)	--a---- 3596 bytes	[23:27 19/02/2012]	[00:06 27/02/2013] ADDCDF1872029F70AFD131045B5BB34F

Searching for "*lavasoft*"
C:\Program Files\Lavasoft\Ad-Aware\Lavasoft Ad-Aware Manual.url	--a---- 175 bytes	[16:05 19/05/2011]	[16:05 19/05/2011] F9CEA9ED5BD1AE88AF13FE3D137B8F73
C:\Program Files\Lavasoft\Ad-Aware\Lavasoft Homepage.url	--a---- 79 bytes	[17:01 02/03/2011]	[17:01 02/03/2011] BF3ADFAE02ED4721BD3FF810F938893C
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware\Lavasoft Homepage.lnk	--a---- 1941 bytes	[04:48 15/02/2013]	[04:48 15/02/2013] BEEC429D39DA585AE7374CD8E715F0A0
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware\Lavasoft Homepage.lnk	--a---- 1941 bytes	[04:48 15/02/2013]	[04:48 15/02/2013] BEEC429D39DA585AE7374CD8E715F0A0
C:\Users\Lynne\Desktop\Desk Drawer\FILE CAB\UTil 4 now\Utilities2\Rogue List at Lavasoft...txt	--a---- 407 bytes	[11:31 03/12/2009]	[11:31 03/12/2009] 90BAD3A4918A14A8C59E3891FA103FA8
C:\Users\Lynne\Desktop\Desk Drawer\FILE CAB\UTil 4 now\Utilities2\The Rogue List at Lavasoft...txt	--a---- 407 bytes	[11:25 03/12/2009]	[11:25 03/12/2009] 90BAD3A4918A14A8C59E3891FA103FA8
C:\Users\Lynne\Desktop\Desk Drawer\FILE CAB\~Lynne\Lynne\Lynne\Desktop\Utilities2\Rogue List at Lavasoft...txt	--a---- 407 bytes	[05:53 19/07/2010]	[11:31 03/12/2009] 90BAD3A4918A14A8C59E3891FA103FA8
C:\Users\Lynne\Desktop\Desk Drawer\FILE CAB\~Lynne\Lynne\Lynne\Desktop\Utilities2\The Rogue List at Lavasoft...txt	--a---- 407 bytes	[05:53 19/07/2010]	[11:25 03/12/2009] 90BAD3A4918A14A8C59E3891FA103FA8

========== folderfind ==========

Searching for "*lavasoft*"
C:\Program Files\Lavasoft	d------	[08:58 23/02/2010]
C:\ProgramData\Lavasoft	d------	[23:24 10/06/2008]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft	d------	[23:24 10/06/2008]
C:\Users\All Users\Lavasoft	d------	[23:24 10/06/2008]
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Lavasoft	d------	[23:24 10/06/2008]

Searching for "*Ad-aware*"
C:\Program Files\Lavasoft\Ad-Aware	d------	[04:47 15/02/2013]
C:\ProgramData\Lavasoft\Ad-Aware	d------	[04:47 15/02/2013]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware	d------	[04:47 15/02/2013]
C:\Users\All Users\Lavasoft\Ad-Aware	d------	[04:47 15/02/2013]
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware	d------	[04:47 15/02/2013]

========== regfind ==========

Searching for "lavasoft"
[HKEY_CURRENT_USER\Software\Lavasoft]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Lavasoft]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lavasoftfirewall.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lavasoftpersonalfirewall.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lavasoftpersonallfirewall.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lavasoftupdate.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\lavasoftupdate.com]
[HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Windows\CurrentVersion\internet settings\ZoneMap\Domains\lavasoftupdate.com]
[HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Windows\CurrentVersion\internet settings\ZoneMap\EscDomains\lavasoftupdate.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\LavasoftShellExt]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F}]
@="Lavasoft Shell Extension"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F}\InprocServer32]
@="C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\LavasoftShellExt]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\LavasoftShellExt]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1CE668E6-8DCB-43A1-AEA3-6A012ADBBC76}\1.0\0\win32]
@="C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1CE668E6-8DCB-43A1-AEA3-6A012ADBBC76}\1.0\HELPDIR]
@="C:\Program Files\Lavasoft\Ad-Aware"
[HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\HIPS\Gemini]
"\\?\c:\program files\lavasoft\ad-aware\dbghelp.dll"="1045128d,1243020502d,0d,1d"
[HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\HIPS\Gemini]
"\\?\c:\program files\lavasoft\ad-aware\shellext.dll"="493344d,1243020178d,0d,1d"
[HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\HIPS\Gemini]
"\\?\c:\program files\lavasoft\ad-aware\resources.dll"="1645912d,1243020179d,0d,1d"
[HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\HIPS\MStrings]
"\\?\c:\program files\lavasoft\ad-aware\dbghelp.dll"="1045128d,1243020502d,0d,1d"
[HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Lavasoft\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Lavasoft\Ad-Aware\update\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Lavasoft\Ad-Aware\logs\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Lavasoft\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Lavasoft\Email Scanner\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware\Toolbox\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Lavasoft\Ad-Aware\Drivers\32\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Lavasoft\Ad-Aware\Drivers\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Lavasoft\Ad-Aware\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Lavasoft\Ad-Aware\Drivers\64\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Lavasoft\Ad-Aware\Defs\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Lavasoft\Ad-Aware\Resources\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Lavasoft\Ad-Aware\Languages\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01990BEDB54F54246927567692F3F459]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\32\lbd.inf"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\041F518945635C9499BF3CDA8D27A027]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\64\lbd.inf"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\047D6FFAE58C7E649B78345FFA677190]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\32\DIFxAPI.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12E665E76F9E0F04FBDAB86ADD0B0D89]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\64\DIFxAPI.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\13CA3A552D52F9F4CBE1EC6B54FD8A40]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\sbap.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\147A93A2B17D3CA42A22F7D1B7F17BD8]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\SBRE.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\25BF8E45E0FC14E47A87D02A6FB9A61B]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\ProgramData\Lavasoft\Ad-Aware\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2A43890DF20E4654D8DD41D771937B0C]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Resources\default.egl"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2A757EFEE9E78FD4CA634538B68D65A7]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Languages\resource_fr-FR.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B20792C754A24F488ACDBE3758787E3]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="01:\Software\Lavasoft\Ad-Aware\Toolbox\installed"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2CD0E1BD7B44ED248BE132D42EEC1839]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Vipre.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E1A715D5C00DF74DB1061ADD95430CB]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\PrivacyClean.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32EA6412D22D6854EB29F24D4FAC5202]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Neutralize.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34FC6068DDAE1154AAF9D6403C9FD1A8]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\36F0F97C3715A6C42B88F75878C1EB79]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="01:\Software\Lavasoft\installed"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3E42DB38CA8096A4B9A8DDF672F9E01D]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\unrar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42753A6676D3CC94CB8713D5840BAFCB]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\32\AAWDriverTool.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\453EFFEEBC32F5E42ABE52E884EEB8C4]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46AEC7C705127064690777AF1C86AA3E]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Languages\resource_en-US.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\491C237504CDF004484742F7E5A32E53]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\555A1C561D430414D8C82623588B9157]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\32\lbd.sys"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B23324B56150D544A5C953C972B20C0]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Lavasoft Homepage.url"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C0B3421EF15EDD4C8E1342BB33137D3]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\SBTE.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6D390B31A98F4544093CE96E64095757]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6E443418D14DBA64396A1A7FB3FC72D0]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\CEAPI.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\72D56BB3E95F51E42A47E5D9BDD411FD]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\dbghelp.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7539BDCBAD3BEE24EB880CC5765DF50F]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Lavasoft Ad-Aware Manual.url"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75F472393DE7DE240AEB576A4A6BAF45]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BC13EEA2AF5F144A83C6904AA3882AF]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BFBC8588742E1541BF830552B8F65DD]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Resources_64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7C37B73CB845E9D49A3A01713DB04286]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\64\AAWDriverTool.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\85FCC9B8DF3F88141A7559AE64B5A29A]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\64\lbd.sys"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\99511508817816B41A590FFC9E0E8630]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Languages\resource_it-IT.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A2BADC5F9B53B154898764784DC26E8E]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\ProgramData\Lavasoft\Ad-Aware\Defs\pubkey.dat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8DD67944F013594491E904F9415B2A6]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Languages\resource_es-ES.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B3CF29ED434DDFD4281902B286F0B67A]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\64\lbd.cat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B961A0677C3689C4480B67B93D2697F5]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Viprebridge.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BBAFBD52E562E2B4C81D95CDE749A410]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\ProgramData\Lavasoft\Ad-Aware\Defs\core.aawdef"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C45442FD95932924383B8A1EA086F4EC]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="01:\Software\Lavasoft\Ad-Aware\installed"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C86637F7461C44D42806D5E33C6A08FA]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\32\lbd.cat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA9609E762EB85149BF77CED709B954A]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\AWSC.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CDC138EBE4F02EE4E8F50D7A9C674214]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\rebrand.dat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D21BA43F4F4287E438158C603B5592D8]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3CCFE82F8127DF48B364B17AAACC49E]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\lavamessage.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD20AB0B7F5E5334F912577760A446C9]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Languages\resource_de-DE.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3FD3561FE77B6B42BC92F5C93B7D80A]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\UpdateManager.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E7D5A4E7FE02EF44AB5B7853F363D260]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\ProgramData\Lavasoft\Ad-Aware\Defs\cert.car"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EB96149D2D374A74CA1BF8F0B5727FDD]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="01:\Software\Lavasoft\Ad-Aware\installed"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F36A8C28F1DDC714D8F9786D7811D0C6]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\AWSCUpdate.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F84BF37A13D621C40988F00E773F33AD]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\lavalicense.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA7E9C5FD7C4C664387FC0D75B507075]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FAB62842B34513243952E60994E1551F]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lavasoftupdate.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\lavasoftupdate.com]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\controlset002\control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\controlset002\control\SafeBoot\Network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lavasoftupdate.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\lavasoftupdate.com]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Lavasoft]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Lavasoft]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lavasoftfirewall.com]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lavasoftpersonalfirewall.com]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lavasoftpersonallfirewall.com]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lavasoftupdate.com]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\lavasoftupdate.com]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Classes\Software\Microsoft\Windows\CurrentVersion\internet settings\ZoneMap\Domains\lavasoftupdate.com]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Classes\Software\Microsoft\Windows\CurrentVersion\internet settings\ZoneMap\EscDomains\lavasoftupdate.com]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000_Classes\Software\Microsoft\Windows\CurrentVersion\internet settings\ZoneMap\Domains\lavasoftupdate.com]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000_Classes\Software\Microsoft\Windows\CurrentVersion\internet settings\ZoneMap\EscDomains\lavasoftupdate.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lavasoftupdate.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\lavasoftupdate.com]

Searching for "ad-aware"
[HKEY_CURRENT_USER\Software\Lavasoft\Ad-Aware]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ad-Aware]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithList]
"c"="Ad-Aware.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Lavasoft\Ad-Aware]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-ad-aware.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-ad-aware.com]
[HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Windows\CurrentVersion\internet settings\ZoneMap\Domains\download-ad-aware.com]
[HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Windows\CurrentVersion\internet settings\ZoneMap\EscDomains\download-ad-aware.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
@="Ad-Aware Security Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F}\InprocServer32]
@="C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1CE668E6-8DCB-43A1-AEA3-6A012ADBBC76}\1.0\0\win32]
@="C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1CE668E6-8DCB-43A1-AEA3-6A012ADBBC76}\1.0\HELPDIR]
@="C:\Program Files\Lavasoft\Ad-Aware"
[HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\HIPS\Gemini]
"\\?\c:\program files\lavasoft\ad-aware\dbghelp.dll"="1045128d,1243020502d,0d,1d"
[HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\HIPS\Gemini]
"\\?\c:\program files\lavasoft\ad-aware\shellext.dll"="493344d,1243020178d,0d,1d"
[HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\HIPS\Gemini]
"\\?\c:\program files\lavasoft\ad-aware\resources.dll"="1645912d,1243020179d,0d,1d"
[HKEY_LOCAL_MACHINE\SOFTWARE\Data Fellows\F-Secure\HIPS\MStrings]
"\\?\c:\program files\lavasoft\ad-aware\dbghelp.dll"="1045128d,1243020502d,0d,1d"
[HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Lavasoft\Ad-Aware\update\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Lavasoft\Ad-Aware\logs\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware\Toolbox\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\Ad-Aware\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Lavasoft\Ad-Aware\Drivers\32\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Lavasoft\Ad-Aware\Drivers\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Lavasoft\Ad-Aware\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Lavasoft\Ad-Aware\Drivers\64\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Lavasoft\Ad-Aware\Defs\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Lavasoft\Ad-Aware\Resources\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Lavasoft\Ad-Aware\Languages\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01990BEDB54F54246927567692F3F459]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\32\lbd.inf"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\041F518945635C9499BF3CDA8D27A027]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\64\lbd.inf"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\047D6FFAE58C7E649B78345FFA677190]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\32\DIFxAPI.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12E665E76F9E0F04FBDAB86ADD0B0D89]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\64\DIFxAPI.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\13CA3A552D52F9F4CBE1EC6B54FD8A40]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\sbap.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\147A93A2B17D3CA42A22F7D1B7F17BD8]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\SBRE.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\25BF8E45E0FC14E47A87D02A6FB9A61B]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\ProgramData\Lavasoft\Ad-Aware\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2A43890DF20E4654D8DD41D771937B0C]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Resources\default.egl"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2A757EFEE9E78FD4CA634538B68D65A7]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Languages\resource_fr-FR.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B20792C754A24F488ACDBE3758787E3]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="01:\Software\Lavasoft\Ad-Aware\Toolbox\installed"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2CD0E1BD7B44ED248BE132D42EEC1839]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Vipre.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E1A715D5C00DF74DB1061ADD95430CB]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\PrivacyClean.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32EA6412D22D6854EB29F24D4FAC5202]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Neutralize.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3E42DB38CA8096A4B9A8DDF672F9E01D]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\unrar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42753A6676D3CC94CB8713D5840BAFCB]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\32\AAWDriverTool.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\453EFFEEBC32F5E42ABE52E884EEB8C4]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46AEC7C705127064690777AF1C86AA3E]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Languages\resource_en-US.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\491C237504CDF004484742F7E5A32E53]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\555A1C561D430414D8C82623588B9157]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\32\lbd.sys"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B23324B56150D544A5C953C972B20C0]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Lavasoft Homepage.url"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C0B3421EF15EDD4C8E1342BB33137D3]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\SBTE.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6D390B31A98F4544093CE96E64095757]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6E443418D14DBA64396A1A7FB3FC72D0]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\CEAPI.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\72D56BB3E95F51E42A47E5D9BDD411FD]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\dbghelp.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7539BDCBAD3BEE24EB880CC5765DF50F]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Lavasoft Ad-Aware Manual.url"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75F472393DE7DE240AEB576A4A6BAF45]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BC13EEA2AF5F144A83C6904AA3882AF]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BFBC8588742E1541BF830552B8F65DD]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Resources_64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7C37B73CB845E9D49A3A01713DB04286]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\64\AAWDriverTool.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\85FCC9B8DF3F88141A7559AE64B5A29A]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\64\lbd.sys"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\99511508817816B41A590FFC9E0E8630]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Languages\resource_it-IT.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A2BADC5F9B53B154898764784DC26E8E]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\ProgramData\Lavasoft\Ad-Aware\Defs\pubkey.dat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8DD67944F013594491E904F9415B2A6]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Languages\resource_es-ES.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B3CF29ED434DDFD4281902B286F0B67A]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\64\lbd.cat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B961A0677C3689C4480B67B93D2697F5]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Viprebridge.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BBAFBD52E562E2B4C81D95CDE749A410]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\ProgramData\Lavasoft\Ad-Aware\Defs\core.aawdef"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C45442FD95932924383B8A1EA086F4EC]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="01:\Software\Lavasoft\Ad-Aware\installed"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C86637F7461C44D42806D5E33C6A08FA]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Drivers\32\lbd.cat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA9609E762EB85149BF77CED709B954A]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\AWSC.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CDC138EBE4F02EE4E8F50D7A9C674214]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\rebrand.dat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D21BA43F4F4287E438158C603B5592D8]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3CCFE82F8127DF48B364B17AAACC49E]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\lavamessage.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD20AB0B7F5E5334F912577760A446C9]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Languages\resource_de-DE.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3FD3561FE77B6B42BC92F5C93B7D80A]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\UpdateManager.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E7D5A4E7FE02EF44AB5B7853F363D260]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\ProgramData\Lavasoft\Ad-Aware\Defs\cert.car"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EB96149D2D374A74CA1BF8F0B5727FDD]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="01:\Software\Lavasoft\Ad-Aware\installed"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F36A8C28F1DDC714D8F9786D7811D0C6]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\AWSCUpdate.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F84BF37A13D621C40988F00E773F33AD]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\lavalicense.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA7E9C5FD7C4C664387FC0D75B507075]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FAB62842B34513243952E60994E1551F]
"7CF0D2391FD663142ACE61E6D8FE6D4A"="C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2306436940-2863512269-2261584765-1000\Components\607A2AA1CB949F94A9F19ADC941B9155]
"33478999A38F9064BB16DBE650A70266"="C:\Users\Lynne\AppData\Local\Temp\AAWInstallerTemp\v9.5.0\Ad-Aware.msi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2306436940-2863512269-2261584765-1000\Components\607A2AA1CB949F94A9F19ADC941B9155]
"335B6D338ED46694BB9916C58E3BA5D5"="C:\Users\Lynne\AppData\Local\Temp\AAWInstallerTemp\v9.6.0\Ad-Aware.msi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-ad-aware.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-ad-aware.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0D49E9D-6843-4B68-A6A2-14BB8701817D}]
"Path"="\Ad-Aware Update (Weekly)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Update (Weekly)]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Lbd]
"Description"="Ad-Aware mini-filter driver"
[HKEY_LOCAL_MACHINE\SYSTEM\controlset002\control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\controlset002\control\SafeBoot\Network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\controlset002\Services\Lbd]
"Description"="Ad-Aware mini-filter driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Lbd]
"Description"="Ad-Aware mini-filter driver"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-ad-aware.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-ad-aware.com]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Lavasoft\Ad-Aware]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ad-Aware]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithList]
"c"="Ad-Aware.exe"
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Lavasoft\Ad-Aware]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-ad-aware.com]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-ad-aware.com]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Classes\Software\Microsoft\Windows\CurrentVersion\internet settings\ZoneMap\Domains\download-ad-aware.com]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000\Software\Classes\Software\Microsoft\Windows\CurrentVersion\internet settings\ZoneMap\EscDomains\download-ad-aware.com]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000_Classes\Software\Microsoft\Windows\CurrentVersion\internet settings\ZoneMap\Domains\download-ad-aware.com]
[HKEY_USERS\S-1-5-21-2306436940-2863512269-2261584765-1000_Classes\Software\Microsoft\Windows\CurrentVersion\internet settings\ZoneMap\EscDomains\download-ad-aware.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-ad-aware.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\download-ad-aware.com]

-= EOF =-


----------



## Cookiegal (Aug 27, 2003)

Please go * here* to download *HijackThis*.

Click on the button that says *Download Now EXE Version* and save the *HijackThis.exe* file to your desktop.
Double-click the * HijackThis.exe* file on your desktop to launch the program. If you get a security warning asking if you want to run this software because the publisher couldn't be verified click on Run to allow it.
Click on the *Scan* button. The scan will not take long and when it's finished the resulting log will open automatically in Notepad.
Click on the *Save log* button and save the log file to your desktop. Copy and paste the contents of the log in your post.
*Please do not fix anything with HijackThis unless you are instructed to do so. Most of what appears in the log will be harmless and/or necessary.*

Also, using HijackThis for a different type of report, please do the following:

Open HijackThis and click on the *Open Misc Tools section* button. Click on the *Open Uninstall Manager* button. Click the *Save List* button. Save the list then copy and paste it here.

and this as well:

Please open HijackThis.
Click on *Open Misc Tools Section*
Make sure that both boxes beside "Generate StartupList Log" are checked:

*List all minor sections(Full)*
*List Empty Sections(Complete)*
Click *Generate StartupList Log*.
Click *Yes* at the prompt.
It will open a text file. Please copy the entire contents of that page and paste it here.


----------



## lynne2322 (Feb 7, 2008)

Hi CookieGal..

Now I'm a bit confused; Does your post include 3 commands, to be done1 after the other; or am I going to do 1 command and report back to you before I precede with the other one ?
Thanks Lynne


----------



## Cookiegal (Aug 27, 2003)

There are three tasks to perform and post the logs in your next reply.


----------



## lynne2322 (Feb 7, 2008)

Hi CookieGal...

I have been very sick since last Thursday Feb 28th. And I haven't been able to be on the computer for a bit, but I hope you won't give up on me. As soon as I feel a bit better: i hope to do the run's you requested and get then back to you. 
Thanks for everything.
Lynne


----------



## Cookiegal (Aug 27, 2003)

I'm sorry to hear that and hope you feel better soon.

Take your time and post back when you feel up to it.


----------



## lynne2322 (Feb 7, 2008)

Hi Cookiegal...
Sorry about the long break. I was admitted to the hospital with the flu and pneumonia last Week and just got home today. Give me a few day to recoup and maybe we can finish this up.
Lynne


----------



## Cookiegal (Aug 27, 2003)

I'm sorry to hear that and hope you feel better soon. Take all the time you need. I'll be ready when you are.


----------



## lynne2322 (Feb 7, 2008)

Thanks!!


----------



## Cookiegal (Aug 27, 2003)

lynne2322 said:


> Thanks!!


You're welcome.


----------

