kim parrish
-
Content Count
16 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by kim parrish
-
-
All processes killed
========== OTL ==========
Error: No service named CAATT was found to stop!
Service\Driver key CAATT not found.
File C:\Program Files\AT&T\Communication Manager\ConAppsSvc.exe /n CAATT not found.
Error: No service named ATTRcAppSvc was found to stop!
Service\Driver key ATTRcAppSvc not found.
File C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe /n ATTRcAppSvc not found.
Error: No service named swmsflt was found to stop!
Service\Driver key swmsflt not found.
File C:\Windows\System32\drivers\swmsflt.sys not found.
Error: No service named PTUMWVsp was found to stop!
Service\Driver key PTUMWVsp not found.
File system32\DRIVERS\PTUMWVsp.sys not found.
Error: No service named PTUMWNET was found to stop!
Service\Driver key PTUMWNET not found.
File system32\DRIVERS\PTUMWNET.sys not found.
Error: No service named PTUMWMdm was found to stop!
Service\Driver key PTUMWMdm not found.
File system32\DRIVERS\PTUMWMdm.sys not found.
Error: No service named PTUMWFLT was found to stop!
Service\Driver key PTUMWFLT not found.
File system32\DRIVERS\PTUMWFLT.sys not found.
Error: No service named PTUMWCDF was found to stop!
Service\Driver key PTUMWCDF not found.
File system32\DRIVERS\PTUMWCDF.sys not found.
Error: No service named PTUMWBus was found to stop!
Service\Driver key PTUMWBus not found.
File system32\DRIVERS\PTUMWBus.sys not found.
Error: No service named PCTINDIS5 was found to stop!
Service\Driver key PCTINDIS5 not found.
File C:\Windows\system32\PCTINDIS5.SYS not found.
Error: No service named NwlnkFwd was found to stop!
Service\Driver key NwlnkFwd not found.
File system32\DRIVERS\nwlnkfwd.sys not found.
Error: No service named NwlnkFlt was found to stop!
Service\Driver key NwlnkFlt not found.
File system32\DRIVERS\nwlnkflt.sys not found.
Error: No service named IpInIp was found to stop!
Service\Driver key IpInIp not found.
File system32\DRIVERS\ipinip.sys not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}\ not found.
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}\ not found.
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}\ not found.
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}\ not found.
HKEY_USERS\S-1-5-21-3708714885-1391371732-529881198-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3708714885-1391371732-529881198-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3708714885-1391371732-529881198-1000\Software\Microsoft\Internet Explorer\SearchScopes\{131B573A-C00D-82EC-098E-145BB127FA4F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{131B573A-C00D-82EC-098E-145BB127FA4F}\ not found.
Registry key HKEY_USERS\S-1-5-21-3708714885-1391371732-529881198-1000\Software\Microsoft\Internet Explorer\SearchScopes\{56AF48AF-2F9E-47FD-855C-07B02EEE9281}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56AF48AF-2F9E-47FD-855C-07B02EEE9281}\ not found.
Registry key HKEY_USERS\S-1-5-21-3708714885-1391371732-529881198-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-3708714885-1391371732-529881198-1000\Software\Microsoft\Internet Explorer\SearchScopes\{898691B5-789A-F88E-D09B-76CD111DD182}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898691B5-789A-F88E-D09B-76CD111DD182}\ not found.
Registry key HKEY_USERS\S-1-5-21-3708714885-1391371732-529881198-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B5952A2E-8E58-45DF-A74A-23D5DC073215}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5952A2E-8E58-45DF-A74A-23D5DC073215}\ not found.
Registry key HKEY_USERS\S-1-5-21-3708714885-1391371732-529881198-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found.
C:\Users\kim\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\chrome folder moved successfully.
C:\Users\kim\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] folder moved successfully.
C:\Users\kim\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\kim\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\kim\AppData\Roaming\Mozilla\Firefox\extensions folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{627af46b-2076-42ae-a2fd-8428734d3e74} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{627af46b-2076-42ae-a2fd-8428734d3e74}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\lxdcmon.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3708714885-1391371732-529881198-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{45F17D5A-2D09-406B-A811-FFC5354B3695} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45F17D5A-2D09-406B-A811-FFC5354B3695}\ not found.
Registry value HKEY_USERS\S-1-5-21-3708714885-1391371732-529881198-1000\Software\Microsoft\Windows\CurrentVersion\Run\\lime pro deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3708714885-1391371732-529881198-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ZedgeToneSync deleted successfully.
========== COMMANDS ==========
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: kim
->Java cache emptied: 0 bytes
User: Public
Total Java Files Cleaned = 0.00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: kim
->Flash cache emptied: 492 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: kim
->Temp folder emptied: 646343 bytes
->Temporary Internet Files folder emptied: 19441269 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 529660 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 20.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 01102014_084836Files\Folders moved on Reboot...
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XQ5OCUWQ\fastbutton[1].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XQ5OCUWQ\postmessageRelay[1].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XQ5OCUWQ\zrt_lookup[1].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G17KNLDY\ads[4].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G17KNLDY\ai[7].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G17KNLDY\like[2].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FQM0H04X\12[1].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FQM0H04X\2q6dNtNfG1YHziVjQ1hUSA[1].woff moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FQM0H04X\ai[4].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FQM0H04X\xd_arbiter[1].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1JNUP8GP\ads[5].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1JNUP8GP\ads[6].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1JNUP8GP\facebook_com[1].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1JNUP8GP\page-2[1].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1JNUP8GP\sNpRL69iYnSa-pHm90cZTA[1].woff moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1JNUP8GP\xd_arbiter[1].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
File\Folder C:\Windows\temp\TMP000000841101389FD1090896 not found!PendingFileRenameOperations files...
Registry entries deleted on Reboot...
-
All processes killed
Error: Unable to interpret <. :OTL> in the current context!
Error: Unable to interpret <SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AT&T\Communication Manager\ConAppsSvc.exe /n CAATT -- (CAATT)> in the current context!
Error: Unable to interpret <SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe /n ATTRcAppSvc -- (ATTRcAppSvc)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWVsp.sys -- (PTUMWVsp)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWNET.sys -- (PTUMWNET)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWMdm.sys -- (PTUMWMdm)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWFLT.sys -- (PTUMWFLT)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWCDF.sys -- (PTUMWCDF)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWBus.sys -- (PTUMWBus)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\PCTINDIS5.SYS -- (PCTINDIS5)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope => in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.google.co...g}&sourceid=ie7> in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope => in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo....ei=utf-8&fr=ysp> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope => in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo....ei=utf-8&fr=ysp> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope => in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-19\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo....ei=utf-8&fr=ysp> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope => in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-20\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo....ei=utf-8&fr=ysp> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.google.co...1I7ADRA_enUS479> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\..\SearchScopes\{898691B5-789A-F88E-D09B-76CD111DD182}: "URL" = http://www.bing.com/...003&form=ZGAIDF> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\..\SearchScopes\{B5952A2E-8E58-45DF-A74A-23D5DC073215}: "URL" = http://www.flickr.co...?q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....?p={searchTerms}> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found> in the current context!
Error: Unable to interpret <[2011/01/02 20:22:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kim\AppData\Roaming\Mozilla\Extensions> in the current context!
Error: Unable to interpret <[2013/12/28 20:08:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kim\AppData\Roaming\Mozilla\Firefox\extensions> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Simppull Toolbar) - {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files\simppulltoolbar\simppulldx.dll File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [lxdcmon.exe] "C:\Program Files\Lexmark 1300 Series\lxdcmon.exe" File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-3708714885-1391371732-529881198-1000..\Run: [{45F17D5A-2D09-406B-A811-FFC5354B3695}] rundll32 "C:\Users\kim\AppData\Local\ArcadeParlor\{45F17D5A-2D09-406B-A811-FFC5354B3695}\hnkonp.dll",DllRegisterServer File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-3708714885-1391371732-529881198-1000..\Run: [lime pro] "C:\Program Files\Lime PRO\LimePro.exe" -h File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-3708714885-1391371732-529881198-1000..\Run: [ZedgeToneSync] C:\Users\kim\AppData\Local\Apps\2.0\Data\6QCZBE65.30G\195P796N.7VP\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms -startup File not found> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
========== COMMANDS ==========
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: kim
->Java cache emptied: 582320 bytes
User: Public
Total Java Files Cleaned = 1.00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: kim
->Flash cache emptied: 66546 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: kim
->Temp folder emptied: 1255404762 bytes
->Temporary Internet Files folder emptied: 1341503805 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 441250651 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 741 bytes
RecycleBin emptied: 152257614 bytes
Total Files Cleaned = 3,043.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 01092014_152525Files\Folders moved on Reboot...
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TYFKHQWD\2q6dNtNfG1YHziVjQ1hUSA[1].woff moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SAO2PKLV\12[1].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SAO2PKLV\fastbutton[4].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SAO2PKLV\postmessageRelay[2].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SAO2PKLV\xd_arbiter[2].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SAO2PKLV\xd_arbiter[3].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RXNQUYRY\ai[4].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RXNQUYRY\sNpRL69iYnSa-pHm90cZTA[1].woff moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NDXP001R\ads[7].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NDXP001R\facebook_com[3].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NDXP001R\page-2[1].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NDXP001R\zrt_lookup[1].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JRTLR2IO\ads[8].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JRTLR2IO\ai[1].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IV227WN2\adsCAF13R8C.htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ILV6DCYZ\like[7].htm moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.PendingFileRenameOperations files...
Registry entries deleted on Reboot...
-
OTL Extras logfile created on: 1/9/2014 9:32:44 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kim\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.57 Gb Available Physical Memory | 28.80% Memory free
4.21 Gb Paging File | 2.18 Gb Available in Paging File | 51.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 131.49 Gb Total Space | 60.75 Gb Free Space | 46.21% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 10.21 Gb Free Space | 68.07% Space Free | Partition Type: NTFS
Computer Name: KIM-PC | User Name: kim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistPlayItAll] -- "C:\Program Files\PlayItAll\playitall.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithPlayItAll] -- "C:\Program Files\PlayItAll\playitall.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015CB9A1-9CC2-421F-BD5C-7BCF06394F6B}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{099117BE-341A-4D3F-8BDA-7311CF2208EF}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdctime.exe |
"{20CE6FB5-B72E-46E9-BC0E-58DC97DBA1C2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{22965F6B-2F63-4C9E-BB69-376E79DC4833}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{22F33E9C-866A-4834-84C0-9EB050119C7B}" = dir=in | app=c:\users\kim\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{43715DCD-636A-4E12-BBA3-35E0EC88F511}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{513AD346-7EE7-469E-95A8-5DC57A8CF73D}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{5B3434A4-C1A7-4ABA-AC13-19C5C8B419C1}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdcjswx.exe |
"{5ED8A57E-8A8B-4391-89BD-33F0565459D8}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdcpswx.exe |
"{5F72F689-9038-40C8-9F2D-0190ED5EE388}" = protocol=6 | dir=in | app=c:\program files\lexmark 1300 series\app4r.exe |
"{5FFD1B48-54E2-4154-86A9-0F47AF843A79}" = protocol=6 | dir=in | app=c:\windows\system32\lxdccoms.exe |
"{692CD500-63C7-4A45-ABBC-0F76368817C5}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdcjswx.exe |
"{6A3795FB-BBB8-4E58-9DE7-B186C45D6BC9}" = protocol=17 | dir=in | app=c:\program files\lexmark 1300 series\lxdcamon.exe |
"{70340C1D-D34A-4583-BF30-B76A1FDC04D3}" = protocol=6 | dir=in | app=c:\program files\lexmark 1300 series\lxdcamon.exe |
"{7EB34F4F-3C9A-4FD8-8DE5-9B1070980505}" = protocol=17 | dir=in | app=c:\program files\frostwire 5\frostwire.exe |
"{8312AB66-9207-471D-97E8-CA9E9C63EA86}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{931C0E0B-B2C3-406D-9F6B-5C006E03AF09}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{98E71C8B-1786-4BD6-B092-B37832C313B4}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{9F33EC0D-E735-4D23-AA10-48132F052573}" = protocol=6 | dir=in | app=c:\program files\frostwire 5\frostwire.exe |
"{AE4F8663-9C66-4DC9-BE54-69FF083CD918}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{C20E4AEA-181B-43AE-8871-94711CCE620E}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdctime.exe |
"{C60AECBE-A187-44A1-9430-C75783D46474}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{D4016CB1-0ED6-4E2C-B357-FC4AE7CADA81}" = protocol=17 | dir=in | app=c:\windows\system32\lxdccoms.exe |
"{DC7EBD30-0A74-44EF-9D60-22667F111180}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{DE564962-5F47-47D4-B284-F3A960D50456}" = protocol=17 | dir=in | app=c:\program files\lexmark 1300 series\app4r.exe |
"{EAB9DE95-B535-4439-ADD6-5368029FCA6C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{EE1A98D8-151E-449F-A831-8E92C4A2C222}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdcpswx.exe |
"TCP Query User{04B1F7FD-4C1C-41EF-A278-872F31A5BBCB}C:\program files\lexmark 1300 series\lxdcamon.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 1300 series\lxdcamon.exe |
"TCP Query User{184A6D5C-C002-436A-9CAE-C39879BA6DD3}C:\program files\lexmark 1300 series\app4r.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 1300 series\app4r.exe |
"TCP Query User{3C7A6FDB-4072-4D9F-9092-CD491013F2DB}C:\program files\frostwire 5\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire 5\frostwire.exe |
"TCP Query User{5A530FBE-CE66-4AD1-925F-3AFF6A973061}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{6374871F-DB64-417F-A54C-F9D7FB33AE62}C:\program files\lime pro\limepro.exe" = protocol=6 | dir=in | app=c:\program files\lime pro\limepro.exe |
"UDP Query User{092ED117-0E80-4ADD-B843-3C1825111859}C:\program files\lime pro\limepro.exe" = protocol=17 | dir=in | app=c:\program files\lime pro\limepro.exe |
"UDP Query User{44882363-E9AA-4B26-B21B-5001188A2718}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{473CD232-9547-4708-B984-33C6178CAAE0}C:\program files\lexmark 1300 series\lxdcamon.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 1300 series\lxdcamon.exe |
"UDP Query User{AF243CC0-FDF1-4C80-8D1B-AE1B91AEE6B3}C:\program files\frostwire 5\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire 5\frostwire.exe |
"UDP Query User{D5A79C26-6984-4B89-950C-820100ACC9C4}C:\program files\lexmark 1300 series\app4r.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 1300 series\app4r.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0228288D-975E-42F7-9993-E91A82E6BBD9}" = CWA Reminder by We-Care.com v4.1.24.3
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series" = Canon MG2100 series MP Drivers
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C095AE6-74D9-47A3-9039-4F142BA7B319}" = Fisher-Price iXL - Cars 2
"{1D301950-EA2F-4882-9AA0-49467756842A}" = SweetIM for Messenger 3.3
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24C4A041-9136-43DB-8C26-3060FC8CFFF8}" = Fisher-Price iXL Computer Software
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31
"{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{38151262-FAF8-4778-9AAB-33E90B60D8E9}" = CA Anti-Virus Plus
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{8E1CB0F1-67BF-4052-AA23-FA22E94804C1}" = InstallIQ Updater
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C197BC08-3D82-4651-8886-E68C21578A38}" = iTunes
"{C778BD4F-0DEA-4D39-B7C1-992E1BFFD351}" = Photo Explosion 3.0 Special Edition
"{C864C994-2957-4FE3-A72B-36C5E507B4AA}" = FacePaint Plugin
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}" = Updater
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"26062_2009_1223_1719_is1" = Uninstall Dual Mode Camera (26062)
"7-Zip 9.20" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"BFGC" = Big Fish Games: Game Manager
"BFG-Fishdom 2" = Fishdom 2
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"Canon MG2100 series On-screen Manual" = Canon MG2100 series On-screen Manual
"Canon MG2100 series User Registration" = Canon MG2100 series User Registration
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"eTrust Suite Personal" = Total Defense Internet Security Suite
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"FileAssociationManager" = File Association Manager
"FrostWire 5" = FrostWire 5.4.0
"HaaliMkx" = Haali Media Splitter
"InstallConverter" = InstallConverter
"InstallShield_{1C095AE6-74D9-47A3-9039-4F142BA7B319}" = Fisher-Price iXL - Cars 2
"InstallShield_{24C4A041-9136-43DB-8C26-3060FC8CFFF8}" = Fisher-Price iXL Computer Software
"Lexmark 1300 Series" = Lexmark 1300 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"Nursing Assistant CD" = Nursing Assistant CD
"PlayItAll media player" = PlayItAll media player 1.0.5
"Search Toolbar" = Search Toolbar
"SecureWeb" = Secure Web
"simppulltoolbar" = Simppull Toolbar (Remove Toolbar Only)
"WebPost" = Microsoft Web Publishing Wizard 1.52
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3708714885-1391371732-529881198-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"c2c9648a374f64d1" = ToneSync for Windows
"RewardsArcadeSuite" = RewardsArcadeSuite
"ValueApps" = ValueApps
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 1/8/2014 8:08:44 PM | Computer Name = kim-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 22
Error - 1/8/2014 8:08:44 PM | Computer Name = kim-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 23
Error - 1/8/2014 8:08:44 PM | Computer Name = kim-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 24
Error - 1/8/2014 9:50:05 PM | Computer Name = kim-PC | Source = Application Error | ID = 1000
Description = Faulting application Updater.exe, version 0.0.0.0, time stamp 0x524e36bc,
faulting module Updater.exe, version 0.0.0.0, time stamp 0x524e36bc, exception
code 0xc0000005, fault offset 0x0000331c, process id 0x2fd8, application start time
0x01cf0cdd1de24a8a.
Error - 1/8/2014 10:50:04 PM | Computer Name = kim-PC | Source = Application Error | ID = 1000
Description = Faulting application Updater.exe, version 0.0.0.0, time stamp 0x524e36bc,
faulting module Updater.exe, version 0.0.0.0, time stamp 0x524e36bc, exception
code 0xc0000005, fault offset 0x0000331c, process id 0x2e98, application start time
0x01cf0ce57f7b5cca.
Error - 1/8/2014 11:39:06 PM | Computer Name = kim-PC | Source = Google Update | ID = 20
Description =
Error - 1/9/2014 12:19:58 AM | Computer Name = kim-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module AboutDLL.dll_unloaded, version 0.0.0.0, time stamp
0x2a425e19, exception code 0xc0000005, fault offset 0x008f6720, process id 0x2a24,
application start time 0x01cf0cce8634d35a.
Error - 1/9/2014 12:21:10 AM | Computer Name = kim-PC | Source = UmxAgent | ID = 99
Description = Sync event client C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe
registration timeout
Error - 1/9/2014 12:08:23 PM | Computer Name = kim-PC | Source = UmxAgent | ID = 99
Description = Sync event client C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe
registration timeout
Error - 1/9/2014 12:15:38 PM | Computer Name = kim-PC | Source = UmxAgent | ID = 99
Description = Sync event client C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe
registration timeout
[ Broadcom Wireless LAN Events ]
Error - 1/5/2013 7:57:34 PM | Computer Name = kim-PC | Source = WLAN-Tray | ID = 0
Description = 16:57:34, Sat, Jan 05, 13 Error - Unable to gain access to user store
[ System Events ]
Error - 1/9/2014 12:07:18 PM | Computer Name = kim-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 1/9/2014 12:07:18 PM | Computer Name = kim-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 1/9/2014 12:09:42 PM | Computer Name = kim-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:08:43 AM on 1/9/2014 was unexpected.
Error - 1/9/2014 12:10:55 PM | Computer Name = kim-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 1/9/2014 12:10:55 PM | Computer Name = kim-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 1/9/2014 12:10:55 PM | Computer Name = kim-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 1/9/2014 12:13:07 PM | Computer Name = kim-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:11:36 AM on 1/9/2014 was unexpected.
Error - 1/9/2014 12:14:42 PM | Computer Name = kim-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 1/9/2014 12:14:42 PM | Computer Name = kim-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 1/9/2014 12:14:42 PM | Computer Name = kim-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report > -
OTL logfile created on: 1/9/2014 9:32:44 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kim\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.57 Gb Available Physical Memory | 28.80% Memory free
4.21 Gb Paging File | 2.18 Gb Available in Paging File | 51.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 131.49 Gb Total Space | 60.75 Gb Free Space | 46.21% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 10.21 Gb Free Space | 68.07% Space Free | Partition Type: NTFS
Computer Name: KIM-PC | User Name: kim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/01/09 09:30:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kim\Downloads\OTL.com
PRC - [2013/12/17 15:09:32 | 000,590,312 | ---- | M] (Zedge.net) -- C:\Users\kim\AppData\Local\Apps\2.0\GX7QB04V.YTB\JRL0M2YR.YXR\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\ZedgeTonesync.exe
PRC - [2013/12/11 13:20:45 | 000,309,328 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013/12/11 13:17:29 | 000,839,560 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
PRC - [2013/10/09 16:39:09 | 001,621,512 | ---- | M] (Total Defense, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\casc.exe
PRC - [2013/10/09 16:39:07 | 001,207,816 | ---- | M] (Total Defense, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe
PRC - [2013/10/09 16:39:07 | 000,257,544 | ---- | M] (Total Defense, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
PRC - [2013/10/09 16:39:07 | 000,208,392 | ---- | M] (Total Defense, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/01/18 14:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/08/04 17:06:12 | 001,612,920 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2011/08/04 09:57:18 | 000,056,376 | ---- | M] (Fisher-Price) -- C:\Program Files\Fisher-Price\iXL\iXL.Middleware.exe
PRC - [2011/07/30 15:59:55 | 000,222,544 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
PRC - [2011/07/30 15:59:54 | 000,206,152 | ---- | M] (CA) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\CAAMSvc.exe
PRC - [2011/04/04 11:42:28 | 000,662,096 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe
PRC - [2011/03/14 19:09:00 | 002,565,520 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2011/02/07 09:56:11 | 000,138,192 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/05/04 02:25:32 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/05/04 02:25:26 | 000,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/05/04 02:25:26 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/05/04 02:25:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008/01/20 19:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/11/12 04:07:24 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2007/11/12 04:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/11/12 04:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/11/01 14:39:28 | 000,189,736 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/08/27 22:51:42 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/07/27 15:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
PRC - [2007/05/25 08:38:20 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxdccoms.exe
PRC - [2007/04/30 07:19:54 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 1300 Series\lxdcamon.exe
PRC - [2007/03/21 12:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/21 12:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/11/02 02:45:35 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\regsvr32.exe
PRC - [2006/09/20 11:54:24 | 000,069,632 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Nova Development\Photo Explosion 3.0 SE\CalCheck.exe
========== Modules (No Company Name) ==========
MOD - [2013/12/16 18:54:59 | 000,486,912 | ---- | M] () -- C:\Users\kim\AppData\Local\RRBsoft\AboutDLL.dll
MOD - [2013/12/07 13:09:57 | 000,400,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\a1e51eb4da5fb91ed23a54401ef8b5db\System.Xml.Linq.ni.dll
MOD - [2013/12/07 13:08:51 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\76f8a75eb9332ddd4351ca66b0dc88e4\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2013/12/07 13:07:47 | 001,801,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3a5dc60ef43ec06078a9d6b762c2e88b\System.Deployment.ni.dll
MOD - [2013/12/06 18:03:18 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll
MOD - [2013/11/06 11:37:21 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll
MOD - [2013/11/06 11:37:01 | 002,295,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\ab40b51ac49fbee9a48b5b74ff78d5d6\System.Core.ni.dll
MOD - [2013/10/09 16:39:10 | 000,589,824 | ---- | M] () -- C:\Program Files\CA\CA Internet Security Suite\log4cplusU.dll
MOD - [2013/09/13 19:51:44 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/09/13 19:51:20 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/08/24 21:42:01 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e77e7cdf3072d5a658832b8863ff439e\System.Management.ni.dll
MOD - [2013/08/24 21:41:15 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1bf91944c0a39048bb079c5d81f90529\System.Runtime.Serialization.ni.dll
MOD - [2013/08/24 21:40:36 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll
MOD - [2013/08/24 21:40:24 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll
MOD - [2013/08/24 21:38:42 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll
MOD - [2013/08/24 21:38:10 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
MOD - [2013/08/24 21:37:51 | 006,622,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1eff630f4194c74287d1dd4a859693f7\System.Data.ni.dll
MOD - [2013/08/24 21:36:50 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
MOD - [2013/08/04 13:57:25 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2009/03/29 21:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/12/18 02:55:28 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
MOD - [2007/05/02 04:11:56 | 000,040,960 | ---- | M] () -- C:\Program Files\Lexmark 1300 Series\App4R.Monitor.Core.dll
MOD - [2007/05/02 04:11:56 | 000,028,672 | ---- | M] () -- C:\Program Files\Lexmark 1300 Series\App4R.Monitor.Common.dll
MOD - [2007/05/02 04:10:58 | 000,057,344 | ---- | M] () -- C:\Program Files\Lexmark 1300 Series\App4R.DevMons.MCMDevMon.dll
MOD - [2007/04/30 07:20:26 | 000,011,776 | ---- | M] () -- C:\Program Files\Lexmark 1300 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll
MOD - [2007/04/30 07:19:54 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 1300 Series\lxdcamon.exe
MOD - [2007/04/30 07:19:52 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 1300 Series\App4R.DevMons.ScanDevMon.dll
MOD - [2007/04/30 07:19:48 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 1300 Series\App4R.DevMons.NetworkCardDevMon.dll
MOD - [2006/09/20 11:51:58 | 000,561,152 | ---- | M] () -- C:\Program Files\Nova Development\Photo Explosion 3.0 SE\uviplA6.dll
MOD - [2006/09/20 11:51:58 | 000,020,480 | ---- | M] () -- C:\Program Files\Nova Development\Photo Explosion 3.0 SE\uvipl.dll
MOD - [2006/09/20 11:51:28 | 000,019,968 | ---- | M] () -- C:\Program Files\Nova Development\Photo Explosion 3.0 SE\Cpuinf32.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AT&T\Communication Manager\ConAppsSvc.exe /n CAATT -- (CAATT)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe /n ATTRcAppSvc -- (ATTRcAppSvc)
SRV - [2013/12/11 13:17:32 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/09 16:39:07 | 000,257,544 | ---- | M] (Total Defense, Inc.) [On_Demand | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2013/10/09 16:39:07 | 000,208,392 | ---- | M] (Total Defense, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/07/30 15:59:55 | 000,222,544 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe -- (CAISafe)
SRV - [2011/07/30 15:59:54 | 000,206,152 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\CAAMSvc.exe -- (CAAMSvc)
SRV - [2011/04/04 11:42:28 | 000,662,096 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe -- (UmxEngine)
SRV - [2011/02/07 09:56:11 | 000,138,192 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/20 19:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/12 04:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/12 04:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/05/25 08:38:38 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdcserv.exe -- (lxdcCATSCustConnectService)
SRV - [2007/05/25 08:38:20 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdccoms.exe -- (lxdc_device)
SRV - [2007/03/21 12:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWVsp.sys -- (PTUMWVsp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWNET.sys -- (PTUMWNET)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWMdm.sys -- (PTUMWMdm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWFLT.sys -- (PTUMWFLT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWCDF.sys -- (PTUMWCDF)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWBus.sys -- (PTUMWBus)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\PCTINDIS5.SYS -- (PCTINDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/10/27 16:07:50 | 000,170,064 | ---- | M] (Total Defense) [File_System | Boot | Running] -- C:\Windows\System32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2011/10/26 12:51:22 | 000,083,536 | ---- | M] (CA) [File_System | System | Running] -- C:\Windows\System32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2011/09/06 22:03:36 | 000,331,344 | ---- | M] (CA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/08 20:44:08 | 000,008,832 | ---- | M] (LG Electronics Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgcpo.sys -- (lgcpo)
DRV - [2009/09/22 09:23:48 | 000,022,400 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdobex.sys -- (UsbSADObex)
DRV - [2009/09/22 09:23:46 | 000,027,520 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdmodem.sys -- (USBSADModem)
DRV - [2009/09/22 09:23:46 | 000,022,400 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbddiag.sys -- (UsbSADDiag)
DRV - [2009/09/22 09:23:44 | 000,058,624 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc_enum.sys -- (USBSANDIS)
DRV - [2009/09/22 09:23:42 | 000,045,568 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cdc_ecm.sys -- (cdc_ecm)
DRV - [2009/05/25 16:01:00 | 000,069,098 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jl2005c.sys -- (JL2005C)
DRV - [2009/04/10 21:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2008/12/18 02:55:10 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/06/23 05:45:44 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/05/04 02:25:24 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/03/06 00:58:44 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/01/20 19:32:52 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2008/01/20 19:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/11/12 04:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/10/10 17:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/06 09:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/06 09:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/06 09:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/08/27 22:51:44 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2006/11/02 00:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.dell.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ysp
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ysp
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ysp
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ysp
IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie9
IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/?ilc=1
IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\..\SearchScopes\{131B573A-C00D-82EC-098E-145BB127FA4F}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z037&form=ZGAIDF
IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\..\SearchScopes\{56AF48AF-2F9E-47FD-855C-07B02EEE9281}: "URL" = http://delicious.com/search?p={searchTerms}
IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_enUS479
IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\..\SearchScopes\{898691B5-789A-F88E-D09B-76CD111DD182}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z003&form=ZGAIDF
IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\..\SearchScopes\{B5952A2E-8E58-45DF-A74A-23D5DC073215}: "URL" = http://www.flickr.com/search/?q={searchTerms}
IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}
IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3708714885-1391371732-529881198-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\kim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\kim\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{31F37877-0076-4d26-8FD4-D9A7223FFC06}: C:\Program Files\FacePaint\FacePaintFF\{31F37877-0076-4d26-8FD4-D9A7223FFC06} [2011/02/24 08:43:53 | 000,000,000 | ---D | M]
[2011/01/02 20:22:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kim\AppData\Roaming\Mozilla\Extensions
[2013/12/28 20:08:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kim\AppData\Roaming\Mozilla\Firefox\extensions
O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Simppull Toolbar) - {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files\simppulltoolbar\simppulldx.dll File not found
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [{9AA8FE27-89A8-99BA-8b85-9AE9B9ABA99F}] "C:\Program Files\Alltel Broadband Connect\AvqAutoRun.exe" "C:\Program Files\Alltel Broadband Connect\mphonetools.exe" /OnPlug=%s File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (Total Defense, Inc.)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [iXL_MiddleWare] C:\Program Files\Fisher-Price\iXL\iXL.Middleware.exe (Fisher-Price)
O4 - HKLM..\Run: [lxdcamon] C:\Program Files\Lexmark 1300 Series\lxdcamon.exe ()
O4 - HKLM..\Run: [lxdcmon.exe] "C:\Program Files\Lexmark 1300 Series\lxdcmon.exe" File not found
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PhotoExplosionCalCheck] C:\Program Files\Nova Development\Photo Explosion 3.0 SE\CalCheck.exe (Ulead Systems, Inc.)
O4 - HKLM..\Run: [sigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3708714885-1391371732-529881198-1000..\Run: [{45F17D5A-2D09-406B-A811-FFC5354B3695}] rundll32 "C:\Users\kim\AppData\Local\ArcadeParlor\{45F17D5A-2D09-406B-A811-FFC5354B3695}\hnkonp.dll",DllRegisterServer File not found
O4 - HKU\S-1-5-21-3708714885-1391371732-529881198-1000..\Run: [Facebook Update] C:\Users\kim\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3708714885-1391371732-529881198-1000..\Run: [lime pro] "C:\Program Files\Lime PRO\LimePro.exe" -h File not found
O4 - HKU\S-1-5-21-3708714885-1391371732-529881198-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-3708714885-1391371732-529881198-1000..\Run: [RRBsoft Update] C:\Windows\System32\regsvr32.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3708714885-1391371732-529881198-1000..\Run: [ZedgeToneSync] C:\Users\kim\AppData\Local\Apps\2.0\Data\6QCZBE65.30G\195P796N.7VP\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms -startup File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\VetRedir.dll (Computer Associates International, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8532DF7F-5036-4E07-8FE0-EFFD14825062}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B453CD91-A862-4D87-9414-65E513EF9F62}: DhcpNameServer = 209.183.50.151 209.183.50.151
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\kim\Pictures\2010-12-21\218.JPG
O24 - Desktop BackupWallPaper: C:\Users\kim\Pictures\2010-12-21\218.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3951a629-0c72-11e0-8aa1-001644d3ff7f}\Shell - "" = AutoRun
O33 - MountPoints2\{3951a629-0c72-11e0-8aa1-001644d3ff7f}\Shell\AutoRun\command - "" = F:\Start.exe
O33 - MountPoints2\{3951a629-0c72-11e0-8aa1-001644d3ff7f}\Shell\menu1\command - "" = F:\Start.exe
O33 - MountPoints2\{fe9f4182-7420-11e0-8945-001644d3ff7f}\Shell - "" = AutoRun
O33 - MountPoints2\{fe9f4182-7420-11e0-8945-001644d3ff7f}\Shell\AutoRun\command - "" = F:\ATTPreCopy.exe /-L -d:LGEUSB2100T1 -7
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/01/08 15:20:36 | 000,000,000 | ---D | C] -- C:\Users\kim\Desktop\RK_Quarantine
[2014/01/08 10:41:09 | 000,000,000 | ---D | C] -- C:\Users\kim\AppData\Roaming\Malwarebytes
[2014/01/08 10:40:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/08 10:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/08 10:40:45 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/01/08 10:40:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/01/08 10:08:51 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/01/08 09:41:06 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/12/28 20:01:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/12/17 15:09:37 | 000,000,000 | ---D | C] -- C:\Users\kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zedge Europe AS
[2013/12/17 15:05:47 | 000,000,000 | ---D | C] -- C:\Users\kim\AppData\Local\Deployment
[2013/12/17 15:05:47 | 000,000,000 | ---D | C] -- C:\Users\kim\AppData\Local\Apps
[2013/12/17 14:05:09 | 000,000,000 | ---D | C] -- C:\Users\kim\AppData\Roaming\Apple Computer
[2013/12/17 14:05:09 | 000,000,000 | ---D | C] -- C:\Users\kim\AppData\Local\Apple Computer
[2013/12/17 14:04:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/12/17 14:04:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2013/12/17 14:02:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/12/17 14:02:33 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/12/17 14:02:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/12/17 14:02:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/12/17 13:59:36 | 000,000,000 | ---D | C] -- C:\Users\kim\AppData\Local\Apple
[2013/12/17 13:59:19 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2013/12/17 13:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/12/17 13:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/12/17 13:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/12/16 18:42:17 | 000,000,000 | ---D | C] -- C:\Users\kim\AppData\Local\RRBsoft
[2013/12/16 18:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks
[2013/12/16 17:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\SecureWeb
[2013/12/16 17:50:05 | 000,000,000 | ---D | C] -- C:\Users\kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Association Manager
[2013/12/16 17:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Association Manager
[2013/12/16 17:49:37 | 000,000,000 | ---D | C] -- C:\Users\kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/12/16 17:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/12/16 17:49:30 | 000,000,000 | ---D | C] -- C:\Users\kim\AppData\Roaming\FileAssociationManager
[2013/12/16 17:49:30 | 000,000,000 | ---D | C] -- C:\Program Files\FileAssociationManager
[2013/12/16 17:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\InternetUpdater
[2013/12/16 17:18:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater
[2013/12/16 17:18:38 | 000,000,000 | ---D | C] -- C:\ProgramData\RHelpers
[2013/12/16 17:16:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter
[2013/12/16 17:16:14 | 000,000,000 | ---D | C] -- C:\Program Files\InstallConverter
[2013/12/13 16:49:54 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/12/13 16:49:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/12/13 16:49:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/12/13 16:49:47 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/12/13 16:49:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/12/13 16:49:42 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/12/13 16:49:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/12/13 16:49:38 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/12/11 13:13:26 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/12/11 13:13:23 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2013/12/11 13:13:22 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2013/12/11 13:13:22 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2013/12/11 13:13:13 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2013/12/11 13:13:13 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/01/09 09:19:57 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/09 09:19:41 | 000,604,752 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/09 09:19:41 | 000,104,420 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/09 09:17:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/09 09:13:53 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/09 09:13:17 | 000,004,000 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/09 09:13:17 | 000,004,000 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/09 09:13:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/09 09:13:00 | 2137,042,944 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/08 21:32:46 | 000,075,484 | ---- | M] () -- C:\Windows\System32\drivers\KmxAgent.asc
[2014/01/08 21:32:46 | 000,048,169 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k0
[2014/01/08 21:32:46 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k7
[2014/01/08 21:32:46 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k6
[2014/01/08 21:32:46 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k5
[2014/01/08 21:32:46 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k4
[2014/01/08 21:32:46 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k3
[2014/01/08 21:32:46 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k2
[2014/01/08 21:32:46 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k1
[2014/01/08 21:32:46 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k7
[2014/01/08 21:32:46 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k6
[2014/01/08 21:32:46 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k5
[2014/01/08 21:32:46 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k4
[2014/01/08 21:32:46 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k3
[2014/01/08 21:32:46 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k2
[2014/01/08 21:32:46 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k1
[2014/01/08 21:32:46 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k0
[2014/01/08 20:39:06 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3708714885-1391371732-529881198-1000UA.job
[2014/01/08 14:39:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3708714885-1391371732-529881198-1000Core.job
[2014/01/08 14:04:15 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/12/23 07:57:20 | 000,005,972 | ---- | M] () -- C:\Users\kim\AppData\Local\d3d9caps.dat
[2013/12/17 15:09:37 | 000,000,336 | ---- | M] () -- C:\Users\kim\Desktop\ToneSync for Windows.appref-ms
[2013/12/17 14:04:36 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/12/16 17:16:15 | 000,001,751 | ---- | M] () -- C:\Users\Public\Desktop\InstallConverter.lnk
[2013/12/15 16:28:37 | 000,275,712 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/12/11 13:17:30 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/12/11 13:17:30 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/01/08 10:40:48 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/12/18 10:07:52 | 2137,042,944 | -HS- | C] () -- C:\hiberfil.sys
[2013/12/17 15:09:37 | 000,000,336 | ---- | C] () -- C:\Users\kim\Desktop\ToneSync for Windows.appref-ms
[2013/12/17 14:04:36 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/12/17 13:59:22 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/12/16 17:16:15 | 000,001,751 | ---- | C] () -- C:\Users\Public\Desktop\InstallConverter.lnk
[2011/02/02 13:29:25 | 000,005,972 | ---- | C] () -- C:\Users\kim\AppData\Local\d3d9caps.dat
[2011/01/05 17:49:35 | 000,000,577 | ---- | C] () -- C:\ProgramData\lxdc
[2010/12/20 18:42:18 | 000,007,680 | ---- | C] () -- C:\Users\kim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006/11/02 05:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/02/15 14:27:42 | 000,000,000 | ---D | M] -- C:\Users\kim\AppData\Roaming\Canon
[2012/01/16 13:06:15 | 000,000,000 | ---D | M] -- C:\Users\kim\AppData\Roaming\com.w3i.musicrockstar
[2011/01/05 13:04:34 | 000,000,000 | ---D | M] -- C:\Users\kim\AppData\Roaming\Driver Smith
[2013/12/16 17:49:30 | 000,000,000 | ---D | M] -- C:\Users\kim\AppData\Roaming\FileAssociationManager
[2011/12/25 06:31:31 | 000,000,000 | ---D | M] -- C:\Users\kim\AppData\Roaming\Fisher-Price
[2011/02/24 08:34:03 | 000,000,000 | ---D | M] -- C:\Users\kim\AppData\Roaming\FrostWire
[2011/07/16 07:46:43 | 000,000,000 | ---D | M] -- C:\Users\kim\AppData\Roaming\Lexmark Productivity Studio
[2012/01/16 13:11:52 | 000,000,000 | ---D | M] -- C:\Users\kim\AppData\Roaming\playitall
[2011/05/01 11:43:46 | 000,000,000 | ---D | M] -- C:\Users\kim\AppData\Roaming\Sierra Wireless
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 210 bytes -> C:\ProgramData\TEMP:661DC753
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:373E1720< End of report >
-
Results of screen317's Security Check version 0.99.78
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Total Defense Anti-Virus Plus
Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java 6 Update 31
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 10.1.8 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSASCui.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
CA CA Internet Security Suite CA Anti-Virus Plus caamsvc.exe
CA CA Internet Security Suite CA Anti-Virus Plus isafe.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
Windows Defender MSASCui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1 %
````````````````````End of Log``````````````````````
-
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume3
Install Date: 12/20/2010 6:00:06 AM
System Uptime: 1/8/2014 2:06:52 PM (7 hours ago)
.
Motherboard: Dell Inc. | | 0U990C
Processor: Intel® Pentium® Dual CPU T2390 @ 1.86GHz | Microprocessor | 1867/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 131 GiB total, 60.763 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 10.21 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0001
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0001
Service: tunnel
.
Class GUID: {6bdd1fc5-810f-11d0-bec7-08002be2092f}
Description: Serial Cable using IrDA Protocol
Device ID: ROOT\INFRARED\0000
Manufacturer: (Standard Infrared Port)
Name: Serial Cable using IrDA Protocol
PNP Device ID: ROOT\INFRARED\0000
Service: irsir
.
Class GUID: {bc103702-dd72-406f-9b28-95c868337b59}
Description: Belkin USB Easy Transfer Cable
Device ID: ROOT\TRANSFER_CABLE\0000
Manufacturer: Microsoft
Name: Belkin USB Easy Transfer Cable
PNP Device ID: ROOT\TRANSFER_CABLE\0000
Service: winusb
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
7-Zip 9.20
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.8)
Advanced Audio FX Engine
Advanced Video FX Engine
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Big Fish Games: Game Manager
Bonjour
CA Anti-Virus Plus
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MG2100 series MP Drivers
Canon MG2100 series On-screen Manual
Canon MG2100 series User Registration
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CWA Reminder by We-Care.com v4.1.24.3
Dell Edoc Viewer
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card Utility
Digital Line Detect
Facebook Video Calling 1.2.0.287
FacePaint Plugin
ffdshow [rev 2527] [2008-12-19]
File Association Manager
Fishdom 2
Fisher-Price iXL - Cars 2
Fisher-Price iXL Computer Software
FrostWire 5.4.0
Google Toolbar for Internet Explorer
Google Update Helper
Haali Media Splitter
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
InstallConverter
InstallIQ Updater
Intel® Matrix Storage Manager
Itibiti RTC
iTunes
Java Auto Updater
Java 6 Update 31
Laptop Integrated Webcam Driver (1.04.01.1011)
Lexmark 1300 Series
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
Malwarebytes Anti-Malware version 1.75.0.1300
MediaDirect
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Web Publishing Wizard 1.52
Modem Diagnostic Tool
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NetWaiting
Nursing Assistant CD
OutlookAddinSetup
Photo Explosion 3.0 Special Edition
PlayItAll media player 1.0.5
QuickSet
RewardsArcadeSuite
Search Toolbar
Secure Web
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Simppull Toolbar (Remove Toolbar Only)
SweetIM for Messenger 3.3
ToneSync for Windows
Total Defense Internet Security Suite
Uninstall Dual Mode Camera (26062)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Updater
ValueApps
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar
.
==== End Of File ===========================
-
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16526
Run by kim at 21:00:24 on 2014-01-08
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2037.885 [GMT -7:00]
.
AV: Total Defense Anti-Virus Plus *Disabled/Outdated* {57B5C44D-AAB5-DBC9-741B-542BE5A132EA}
SP: Total Defense Anti-Virus Plus *Disabled/Outdated* {ECD425A9-8C8F-D447-4EAB-6F599E267857}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\caamsvc.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Windows\system32\lxdccoms.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Windows\system32\STacSV.exe
C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\CA\CA Internet Security Suite\casc.exe
C:\Program Files\Lexmark 1300 Series\lxdcamon.exe
C:\Program Files\Nova Development\Photo Explosion 3.0 SE\CalCheck.exe
C:\Program Files\Fisher-Price\iXL\iXL.Middleware.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\regsvr32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
C:\Windows\Explorer.EXE
C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uWindow Title = Windows Internet Explorer provided by Yahoo!
BHO: Yahooo Search Protection: {25BC7718-0BFA-40EA-B381-4B2D9732D686} - c:\program files\yahoo!\search protection\ysp.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: FacePaint.Plugin: {A15C7D2D-9A4C-4c9a-9BD4-CC4815B28EBC} -
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Simppull Toolbar: {627af46b-2076-42ae-a2fd-8428734d3e74} -
TB: FacePaint Toolbar: {CCCC7D2D-9A4C-4C9A-9BD4-CC4815B28CCC} -
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
EB: FacePaint Toolbar: {cccc7d2d-9a4c-4c9a-9bd4-cc4815b28ccc} -
uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Messenger (Yahoo!)] ~"c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [lime pro] "c:\program files\lime pro\LimePro.exe" -h
uRun: [Facebook Update] "c:\users\kim\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [{45F17D5A-2D09-406B-A811-FFC5354B3695}] rundll32 "c:\users\kim\appdata\local\arcadeparlor\{45f17d5a-2d09-406b-a811-ffc5354b3695}\hnkonp.dll",DllRegisterServer
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [RRBsoft Update] regsvr32.exe c:\users\kim\appdata\local\rrbsoft\AboutDLL.dll
uRun: [ZedgeToneSync] c:\users\kim\appdata\local\apps\2.0\data\6qczbe65.30g\195p796n.7vp\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\data\ZedgeToneSync.appref-ms -startup
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [{9AA8FE27-89A8-99BA-8b85-9AE9B9ABA99F}] "c:\program files\alltel broadband connect\avqautorun.exe" "c:\program files\alltel broadband connect\mphonetools.exe" /OnPlug=%s
mRun: [cctray] "c:\program files\ca\ca internet security suite\casc.exe"
mRun: [lxdcmon.exe] "c:\program files\lexmark 1300 series\lxdcmon.exe"
mRun: [lxdcamon] "c:\program files\lexmark 1300 series\lxdcamon.exe"
mRun: [PhotoExplosionCalCheck] c:\program files\nova development\photo explosion 3.0 se\calcheck.exe
mRun: [iXL_MiddleWare] c:\program files\fisher-price\ixl\iXL.Middleware.exe
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logon
mRun: [sigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
LSP: c:\windows\system32\VetRedir.dll
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{8532DF7F-5036-4E07-8FE0-EFFD14825062} : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{B453CD91-A862-4D87-9414-65E513EF9F62} : DHCPNameServer = 209.183.50.151 209.183.50.151
Notify: igfxcui - igfxdev.dll
AppInit_DLLs=
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
============= SERVICES / DRIVERS ===============
.
R0 KmxAMRT;KmxAMRT;c:\windows\system32\drivers\KmxAMRT.sys [2011-10-27 170064]
R1 KmxAgent;KmxAgent;c:\windows\system32\drivers\KmxAgent.sys [2011-10-26 83536]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2010-12-20 73728]
R2 CAAMSvc;CAAMSvc;c:\program files\ca\ca internet security suite\ca anti-virus plus\CAAMSvc.exe [2011-2-2 206152]
R2 CAISafe;CAISafe;c:\program files\ca\ca internet security suite\ca anti-virus plus\isafe.exe [2010-12-20 222544]
R2 ccSchedulerSVC;CA Common Scheduler Service;c:\program files\ca\ca internet security suite\ccschedulersvc.exe [2010-12-20 208392]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 lxdc_device;lxdc_device;c:\windows\system32\lxdccoms.exe -service --> c:\windows\system32\lxdccoms.exe -service [?]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2014-1-8 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2014-1-8 701512]
R2 UmxEngine;TM Engine;c:\program files\ca\sharedcomponents\tmengine\UmxEngine.exe [2011-4-4 662096]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2010-12-17 111616]
R3 KmxCfg;KmxCfg;c:\windows\system32\drivers\KmxCfg.sys [2011-9-6 331344]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-1-8 22856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 lxdcCATSCustConnectService;lxdcCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdcserv.exe [2007-5-25 99248]
S3 ATTRcAppSvc;AT&T RcAppSvc;"c:\program files\at&t\communication manager\rcappsvc.exe" /n "attrcappsvc" --> c:\program files\at&t\communication manager\RcAppSvc.exe [?]
S3 CAATT;AT&T Con App Svc;"c:\program files\at&t\communication manager\conappssvc.exe" /n "caatt" --> c:\program files\at&t\communication manager\ConAppsSvc.exe [?]
S3 cdc_ecm;LGE WirelessSA USB NDIS REVD Device Driver;c:\windows\system32\drivers\cdc_ecm.sys [2011-5-1 45568]
S3 lgcpo;LGE Configuration Policy Owner Service Install;c:\windows\system32\drivers\lgcpo.sys [2011-5-1 8832]
S3 UsbSADDiag;LGE WirelessSA USB Serial01 REVD Device;c:\windows\system32\drivers\lgusbddiag.sys [2011-5-1 22400]
S3 USBSADModem;LGE WirelessSA USB REVD Modem;c:\windows\system32\drivers\lgusbdmodem.sys [2011-5-1 27520]
S3 UsbSADObex;LGE WirelessSA USB Serial02 REVD Device;c:\windows\system32\drivers\lgusbdobex.sys [2011-5-1 22400]
S3 USBSANDIS;LGE WirelessSA USB NDIS Device Enumerator REVD Service;c:\windows\system32\drivers\dc_enum.sys [2011-5-1 58624]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
.
=============== Created Last 30 ================
.
2014-01-08 21:04:15 712264 ----a-w- c:\windows\isRS-000.tmp
2014-01-08 17:41:09 -------- d-----w- c:\users\kim\appdata\roaming\Malwarebytes
2014-01-08 17:40:47 -------- d-----w- c:\programdata\Malwarebytes
2014-01-08 17:40:45 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-08 17:40:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-08 17:08:51 -------- d-----w- c:\windows\ERUNT
2014-01-08 16:41:06 -------- d-----w- C:\AdwCleaner
2014-01-08 15:36:41 7760024 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{41198c74-afed-4360-97e1-cfaf3499d892}\mpengine.dll
2013-12-17 22:05:47 -------- d-----w- c:\users\kim\appdata\local\Deployment
2013-12-17 22:05:47 -------- d-----w- c:\users\kim\appdata\local\Apps
2013-12-17 21:05:09 -------- d-----w- c:\users\kim\appdata\local\Apple Computer
2013-12-17 21:04:20 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-12-17 21:02:38 -------- d-----w- c:\program files\iPod
2013-12-17 21:02:33 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-12-17 21:02:30 -------- d-----w- c:\program files\iTunes
2013-12-17 20:59:36 -------- d-----w- c:\users\kim\appdata\local\Apple
2013-12-17 20:55:59 -------- d-----w- c:\program files\Bonjour
2013-12-17 01:42:17 -------- d-----w- c:\users\kim\appdata\local\RRBsoft
2013-12-17 00:58:09 -------- d-----w- c:\programdata\SecureWeb
2013-12-17 00:49:30 -------- d-----w- c:\users\kim\appdata\roaming\FileAssociationManager
2013-12-17 00:49:30 -------- d-----w- c:\program files\FileAssociationManager
2013-12-17 00:30:47 -------- d-----w- c:\programdata\InternetUpdater
2013-12-17 00:18:38 -------- d-----w- c:\programdata\Updater
2013-12-17 00:18:38 -------- d-----w- c:\programdata\RHelpers
2013-12-17 00:16:14 -------- d-----w- c:\program files\InstallConverter
2013-12-11 20:13:26 2050560 ----a-w- c:\windows\system32\win32k.sys
2013-12-11 20:13:23 335360 ----a-w- c:\windows\system32\SysFxUI.dll
2013-12-11 20:13:22 167936 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-11 20:13:22 130048 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-11 20:13:13 36864 ----a-w- c:\windows\system32\wshcon.dll
2013-12-11 20:13:13 172032 ----a-w- c:\windows\system32\scrrun.dll
2013-12-11 20:13:13 155648 ----a-w- c:\windows\system32\wscript.exe
2013-12-11 20:13:13 135168 ----a-w- c:\windows\system32\cscript.exe
2013-12-11 20:13:13 131072 ----a-w- c:\windows\system32\wshom.ocx
2013-12-11 20:13:09 158208 ----a-w- c:\windows\system32\imagehlp.dll
.
==================== Find3M ====================
.
2013-12-11 20:17:30 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 20:17:30 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-19 10:33:38 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-11-14 22:50:50 1806848 ----a-w- c:\windows\system32\jscript9.dll
2013-11-14 22:42:41 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-11-14 22:42:32 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-14 22:38:54 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-14 22:38:16 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-11-14 22:35:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-10-30 02:13:01 1304064 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
.
============= FINISH: 21:06:24.74 ===============
-
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.orgDatabase version: v2014.01.08.05
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
kim :: KIM-PC [administrator]Protection: Enabled
1/8/2014 11:32:42 AM
MBAM-log-2014-01-08 (11-47-01).txtScan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213586
Time elapsed: 13 minute(s), 12 second(s)Memory Processes Detected: 3
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.Searchagent) -> 4812 -> No action taken.
C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.Searchagent) -> 5536 -> No action taken.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.Searchagent) -> 5612 -> No action taken.Memory Modules Detected: 0
(No malicious items detected)Registry Keys Detected: 0
(No malicious items detected)!
-
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.orgDatabase version: v2014.01.08.05
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
kim :: KIM-PC [administrator]Protection: Enabled
1/8/2014 11:32:42 AM
MBAM-log-2014-01-08 (11-47-01).txtScan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213586
Time elapsed: 13 minute(s), 12 second(s)Memory Processes Detected: 3
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.Searchagent) -> 4812 -> No action taken.
C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.Searchagent) -> 5536 -> No action taken.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.Searchagent) -> 5612 -> No action taken.Memory Modules Detected: 0
(No malicious items detected)Registry Keys Detected: 0
(No malicious items detected)Registry Values Detected: 0
(No malicious items detected)Registry Data Items Detected: 0
(No malicious items detected)Folders Detected: 10
C:\Users\kim\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] (Adware.GamesVance) -> No action taken.
C:\Users\kim\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\chrome (Adware.GamesVance) -> No action taken.
C:\Users\kim\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components (Adware.GamesVance) -> No action taken.
C:\Users\kim\AppData\Local\Temp\ct3311333 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\kim\AppData\Local\Temp\CT3317209 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\kim\AppData\Local\Temp\CT3317212 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\kim\AppData\Local\Temp\CT3319613 (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\RHelpers\ChromeHelper (PUP.Optional.Searchagent) -> No action taken.
C:\ProgramData\RHelpers\FirefoxHelper (PUP.Optional.Searchagent) -> No action taken.
C:\ProgramData\RHelpers\IeHelper (PUP.Optional.Searchagent) -> No action taken.Files Detected: 3
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.Searchagent) -> No action taken.
C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.Searchagent) -> No action taken.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.Searchagent) -> No action taken.(end)
-
ok i am back sorry had to take a brake and go and get my books from the collage
I am ready to try this agane
-
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.orgDatabase version: v2014.01.08.05
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
kim :: KIM-PC [administrator]Protection: Enabled
1/8/2014 11:32:42 AM
MBAM-log-2014-01-08 (11-47-01).txtScan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213586
Time elapsed: 13 minute(s), 12 second(s)Memory Processes Detected: 3
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.Searchagent) -> 4812 -> No action taken.
C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.Searchagent) -> 5536 -> No action taken.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.Searchagent) -> 5612 -> No action taken.Memory Modules Detected: 0
(No malicious items detected)Registry Keys Detected: 0
(No malicious items detected)Registry Values Detected: 0
(No malicious items detected)Registry Data Items Detected: 0
(No malicious items detected)Folders Detected: 10
C:\Users\kim\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] (Adware.GamesVance) -> No action taken.
C:\Users\kim\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\chrome (Adware.GamesVance) -> No action taken.
C:\Users\kim\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components (Adware.GamesVance) -> No action taken.
C:\Users\kim\AppData\Local\Temp\ct3311333 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\kim\AppData\Local\Temp\CT3317209 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\kim\AppData\Local\Temp\CT3317212 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\kim\AppData\Local\Temp\CT3319613 (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\RHelpers\ChromeHelper (PUP.Optional.Searchagent) -> No action taken.
C:\ProgramData\RHelpers\FirefoxHelper (PUP.Optional.Searchagent) -> No action taken.
C:\ProgramData\RHelpers\IeHelper (PUP.Optional.Searchagent) -> No action taken.Files Detected: 3
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.Searchagent) -> No action taken.
C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.Searchagent) -> No action taken.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.Searchagent) -> No action taken.(end)
-
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows Vista Home Basic x86
Ran by kim on Wed 01/08/2014 at 10:08:59.17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\selectrebates
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F0F12903-DE76-4DF7-BCDC-0A0689151189}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\dynconie
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3708714885-1391371732-529881198-1000\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\savevalet_ie
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A5350CA8-00EF-4ECB-49C8-1AC91895C705}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{627AF46B-2076-42AE-A2FD-8428734D3E74}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4B8BAB4-1667-11DF-A242-BA9455D89593}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4E6BF2A-1667-11DF-A01F-1F9655D89593}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0F12903-DE76-4DF7-BCDC-0A0689151189}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\kim\appdata\locallow\simppulltoolbar"
Successfully deleted: [Folder] "C:\Program Files\simppulltoolbar"
Successfully deleted: [Folder] "C:\Program Files\sweetpacks"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\kim\appdata\local\{45F17D5A-2D09-406B-A811-FFC5354B3695}
Successfully deleted: [Empty Folder] C:\Users\kim\appdata\local\{506D6020-114A-42A4-B42B-2B91E564F86B}
Successfully deleted: [Empty Folder] C:\Users\kim\appdata\local\{857FD2FA-FFCF-468B-A108-FF3C8A691F03}
Successfully deleted: [Empty Folder] C:\Users\kim\appdata\local\{92EC6D29-3240-450D-A5D2-68280B304644}
Successfully deleted: [Empty Folder] C:\Users\kim\appdata\local\{DEBB1BE1-E516-462C-B964-412F0044CA49}~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 01/08/2014 at 10:24:41.91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -
# AdwCleaner v3.016 - Report created 08/01/2014 at 09:56:52
# Updated 23/12/2013 by Xplode
# Operating System : Windows Vista Home Basic Service Pack 2 (32 bits)
# Username : kim - KIM-PC
# Running from : C:\Users\kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0W9TFSIF\adwcleaner.exe
# Option : Clean***** [ Services ] *****
Service Deleted : CltMngSvc
Service Deleted : WajamUpdaterV3***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\w3i
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\ConduitEngine
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\Program Files\FunWebProducts
Folder Deleted : C:\Program Files\RewardsArcadeSuite
Folder Deleted : C:\Program Files\SaveValet
Folder Deleted : C:\Program Files\Search Toolbar
Folder Deleted : C:\Program Files\Searchprotect
Folder Deleted : C:\Program Files\Surf Canyon
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Program Files\w3i
Folder Deleted : C:\Program Files\Wajam
Folder Deleted : C:\Program Files\Zynga
Folder Deleted : C:\Program Files\Elf_1.12
Folder Deleted : C:\Program Files\Elf_1.13
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\kim\AppData\Local\Babylon
Folder Deleted : C:\Users\kim\AppData\Local\Conduit
Folder Deleted : C:\Users\kim\AppData\Local\RewardsArcadeSuite
Folder Deleted : C:\Users\kim\AppData\Local\Searchprotect
Folder Deleted : C:\Users\kim\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\kim\AppData\Local\Temp\OpenCandy
Folder Deleted : C:\Users\kim\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\kim\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\kim\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\kim\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\kim\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\kim\AppData\LocalLow\Zynga
Folder Deleted : C:\Users\kim\AppData\LocalLow\Elf_1.12
Folder Deleted : C:\Users\kim\AppData\LocalLow\Elf_1.13
Folder Deleted : C:\Users\kim\AppData\Roaming\Babylon
Folder Deleted : C:\Users\kim\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\kim\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\kim\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\kim\AppData\Roaming\ValueApps
Folder Deleted : C:\Users\kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\Users\kim\Documents\optimizer pro
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar***** [ Shortcuts ] *****
***** [ Registry ] *****
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E7FC2C2-8D86-474D-8E05-998120A5783F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E7FC2C2-8D86-474D-8E05-998120A5783F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduitapps.com
Key Deleted : HKLM\SOFTWARE\Classes\.bdc
Key Deleted : HKLM\SOFTWARE\Classes\.bgl
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\surfcanyon.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [sweetIM]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F
Value Deleted : HKLM\SOFTWARE\mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2857572
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2857573
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [updater]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [installIQUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A3514F71-E63F-440B-8076-14226E21B2BF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6EF6C45-5E8D-4C3B-B580-A5073261A381}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4F7224F-314D-4999-AB73-D192E17F4D7F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{38542454-DFB6-44F5-B052-D4E071A3D073}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C517EAD3-2259-4211-B064-ADBAEDF82AAE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED2B9201-87B4-47FD-BC3A-28935620F246}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B80F591E-FE9A-46CF-A13E-180377240586}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C5CF932-9160-4FBF-9284-E97036A028CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5F8BA2ED-A529-40F4-8B27-85BE4C5D64C8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9CDB3A01-584C-4E7E-BD8B-B2802E8D6E83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FF05681B-3CE9-4F50-9A39-F8694D72DD00}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BA3105E9-5DE6-4A1E-A819-6F5046AB67F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D425283-D487-4337-BAB6-AB8354A81457}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6EF6C45-5E8D-4C3B-B580-A5073261A381}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38542454-DFB6-44F5-B052-D4E071A3D073}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B80F591E-FE9A-46CF-A13E-180377240586}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6EF6C45-5E8D-4C3B-B580-A5073261A381}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4F7224F-314D-4999-AB73-D192E17F4D7F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38542454-DFB6-44F5-B052-D4E071A3D073}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C517EAD3-2259-4211-B064-ADBAEDF82AAE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED2B9201-87B4-47FD-BC3A-28935620F246}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B80F591E-FE9A-46CF-A13E-180377240586}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5F8BA2ED-A529-40F4-8B27-85BE4C5D64C8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CDB3A01-584C-4E7E-BD8B-B2802E8D6E83}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF05681B-3CE9-4F50-9A39-F8694D72DD00}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D425283-D487-4337-BAB6-AB8354A81457}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6EF6C45-5E8D-4C3B-B580-A5073261A381}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C4F7224F-314D-4999-AB73-D192E17F4D7F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{38542454-DFB6-44F5-B052-D4E071A3D073}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C517EAD3-2259-4211-B064-ADBAEDF82AAE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B80F591E-FE9A-46CF-A13E-180377240586}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CDB3A01-584C-4E7E-BD8B-B2802E8D6E83}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED2B9201-87B4-47FD-BC3A-28935620F246}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5F8BA2ED-A529-40F4-8B27-85BE4C5D64C8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FF05681B-3CE9-4F50-9A39-F8694D72DD00}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3491B4B7-A1C3-4FBD-89A4-70E03532F5C5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8711E63D-37DD-42DB-BF9A-5E8B90B8D395}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{568702F5-41F8-49E8-8D2C-3F11AC5FB14F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA5C9457-2065-4DA8-9DE5-DAF6D2B99C1E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E781F44-53F4-4C0F-A361-630889AC4BC4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95B3C18B-5108-415B-82F0-2AB700069D79}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9D425283-D487-4337-BAB6-AB8354A81457}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{38542454-DFB6-44F5-B052-D4E071A3D073}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B80F591E-FE9A-46CF-A13E-180377240586}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{9D425283-D487-4337-BAB6-AB8354A81457}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{38542454-DFB6-44F5-B052-D4E071A3D073}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B80F591E-FE9A-46CF-A13E-180377240586}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{38542454-DFB6-44F5-B052-D4E071A3D073}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B80F591E-FE9A-46CF-A13E-180377240586}]
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\PerformerSoft
Key Deleted : HKCU\Software\SocialBit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Elf_1.13
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Surf Canyon
Key Deleted : HKCU\Software\AppDataLow\Software\Elf_1.12
Key Deleted : HKCU\Software\AppDataLow\Software\Elf_1.13
Key Deleted : HKCU\Software\AppDataLow\Software\Zynga
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Surf Canyon
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\Software\Elf_1.12
Key Deleted : HKLM\Software\Elf_1.13
Key Deleted : HKLM\Software\Zynga
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Surf Canyon
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Elf_1.12 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Elf_1.13 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Zynga Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Surf Canyon
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Elf_1.12 Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Elf_1.13 Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Zynga Toolbar
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - iesearchplugin32.dll
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16526
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]
*************************
AdwCleaner[R0].txt - [31983 octets] - [08/01/2014 09:41:18]
AdwCleaner[s0].txt - [30808 octets] - [08/01/2014 09:56:52]########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [30869 octets] ##########
-
it says pending please uncheck elements you dont want removed
-
keeps giving me pop up and frezing up on me and making a lod beeping sound
need help with pop-up
in Malware Removal
Posted
Ok I think we got it. It is running a lot faster and it is not frezing up and I have no pop up comming up thank you for fixing my pc