slow computer with pop ups

[jraes71]

My computer is running extremely slow and has all of sudden started getting so many pop ups.

[flashh4]

Howdy Jraes and welcome to BestTechie !!!  

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!
Do Not Remove anything or run any tools/programs until advised to do so !

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !  

Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.  

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.  


===================================


AdwCleaner
       
Please download adwcleaner by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished .......
    
    This time, click on the Clean button.
    
    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.



NEXT


    Please download Junkware Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!


NEXT


MALWAREBYTES with Pics:

Please download Malwarebytes' Anti-Malware to your desktop.


    * Double-click  mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to  Update Malwarebytes' Anti-Malware and  Launch Malwarebytes' Anti-Malware, then click  Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select  Perform quick scan, then click Scan.




When the scan is complete, click  OK, then  Show Results to view the results.



    *  Then click  Remove Selected .
    * When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
    * Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    Or via the Logs tab when the application is started.



Please don't attach the scans / logs, use "copy/paste".


Post next:
1. AdwCleaner Log
2. Junkware Removal Log
3. Malwarebytes log

 

Thanks
Chuck

[jraes71]

# AdwCleaner v3.012 - Report created 10/11/2013 at 18:47:02
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : jelli - JELLI-PC
# Running from : C:\Users\jelli\Downloads\adwcleaner(1).exe
# Option : Scan

***** [ Services ] *****

Service Found : CltMngSvc
Service Found : Updater Service for StartNow Toolbar
Service Found : WajamUpdater

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Found : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Found : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Found : C:\windows\System32\Tasks\BackgroundContainer Startup Task
File Found : C:\windows\System32\Tasks\LyricsParty-16-chromeinstaller
File Found : C:\windows\System32\Tasks\LyricsParty-16-codedownloader
File Found : C:\windows\System32\Tasks\LyricsParty-16-enabler
File Found : C:\windows\System32\Tasks\LyricsParty-16-firefoxinstaller
File Found : C:\windows\System32\Tasks\LyricsParty-16-updater
File Found : C:\windows\System32\Tasks\UpdaterEX
File Found : C:\windows\Tasks\LyricsParty-16-chromeinstaller.job
File Found : C:\windows\Tasks\LyricsParty-16-codedownloader.job
File Found : C:\windows\Tasks\LyricsParty-16-enabler.job
File Found : C:\windows\Tasks\LyricsParty-16-firefoxinstaller.job
File Found : C:\windows\Tasks\LyricsParty-16-updater.job
File Found : C:\windows\Tasks\UpdaterEX.job
Folder Found : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpfboklmeiefoedekjeigdcnfbpjeaii
Folder Found : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\incfcgceegpikennjoplhfghaaikdgei
Folder Found : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Found : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\kghaibkaafjfmcnfiokfdnijnkpeggam
Folder Found : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Folder Found : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcajpdcjfekhfnapaiphaecoajeollnc
Folder Found : C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\w0my9bij.default-1382630008201\Extensions\2cdc03be-623f-472d-b42f-8ddee82a46dc@d40b0eaa-58ba-4e09-9ae6-37ca59633d47.com
Folder Found C:\Program Files (x86)\Amazon Browser Bar
Folder Found C:\Program Files (x86)\BabylonToolbar
Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\driver-soft
Folder Found C:\Program Files (x86)\entrusted11
Folder Found C:\Program Files (x86)\LyricsParty-16
Folder Found C:\Program Files (x86)\MixiDJ_V44
Folder Found C:\Program Files (x86)\Mysearchdial
Folder Found C:\Program Files (x86)\Playbryte
Folder Found C:\Program Files (x86)\Searchprotect
Folder Found C:\Program Files (x86)\StartNow Toolbar
Folder Found C:\Program Files (x86)\Wajam
Folder Found C:\ProgramData\Anti-phishing Domain Advisor
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\blekko toolbars
Folder Found C:\ProgramData\Conduit
Folder Found C:\ProgramData\IBUpdaterService
Folder Found C:\ProgramData\SpeedyPC Software
Folder Found C:\ProgramData\VisualBee
Folder Found C:\Searchprotect
Folder Found C:\Users\jelli\AppData\Local\apn
Folder Found C:\Users\jelli\AppData\Local\Babylon
Folder Found C:\Users\jelli\AppData\Local\Conduit
Folder Found C:\Users\jelli\AppData\Local\Temp\AirInstaller
Folder Found C:\Users\jelli\AppData\Local\visualbeeexe
Folder Found C:\Users\jelli\AppData\Local\Wajam
Folder Found C:\Users\jelli\AppData\LocalLow\AskToolbar
Folder Found C:\Users\jelli\AppData\LocalLow\Conduit
Folder Found C:\Users\jelli\AppData\LocalLow\entrusted11
Folder Found C:\Users\jelli\AppData\LocalLow\MixiDJ_V44
Folder Found C:\Users\jelli\AppData\LocalLow\Playbryte
Folder Found C:\Users\jelli\AppData\LocalLow\PriceGong
Folder Found C:\Users\jelli\AppData\Roaming\Babylon
Folder Found C:\Users\jelli\AppData\Roaming\DriverCure
Folder Found C:\Users\jelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpecialSavings
Folder Found C:\Users\jelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Found C:\Users\jelli\AppData\Roaming\Mysearchdial
Folder Found C:\Users\jelli\AppData\Roaming\OpenCandy
Folder Found C:\Users\jelli\AppData\Roaming\registry mechanic
Folder Found C:\Users\jelli\AppData\Roaming\Searchprotect
Folder Found C:\Users\jelli\AppData\Roaming\SpeedyPC Software
Folder Found C:\Users\jelli\AppData\Roaming\StartNow Toolbar
Folder Found C:\Users\jelli\AppData\Roaming\UpdaterEX
Folder Found C:\Users\jelli\Documents\PC Health Kit

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Alexa Internet
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\DynConIE
Key Found : HKCU\Software\AppDataLow\Software\entrusted11
Key Found : HKCU\Software\AppDataLow\Software\LyricsParty-16
Key Found : HKCU\Software\AppDataLow\Software\MixiDJ_V44
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\RewardsArcade
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\distromatic
Key Found : HKCU\Software\Google\Chrome\Extensions\bpfboklmeiefoedekjeigdcnfbpjeaii
Key Found : HKCU\Software\Google\Chrome\Extensions\incfcgceegpikennjoplhfghaaikdgei
Key Found : HKCU\Software\Google\Chrome\Extensions\pcajpdcjfekhfnapaiphaecoajeollnc
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\InstalledThirdPartyPrograms
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{91607FA7-3C2F-4F90-93E3-D5337A6B0AC2}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{204DF522-9A96-4A72-ABB0-60F7A216D6D2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{77BEECE6-3997-403A-92FA-0055BFCF88E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{90A1B331-C2B4-4933-9F63-BA7B84D60D58}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{204DF522-9A96-4A72-ABB0-60F7A216D6D2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77BEECE6-3997-403A-92FA-0055BFCF88E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90A1B331-C2B4-4933-9F63-BA7B84D60D58}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA282E8F-1D48-4A7B-A8BC-86A292F7B8A9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\mysearchdial
Key Found : HKCU\Software\SearchProtect
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\SpeedyPC Software
Key Found : HKCU\Software\visualbee
Key Found : HKCU\Software\Wajam
Key Found : HKCU\Software\Zugo
Key Found : [x64] HKCU\Software\Alexa Internet
Key Found : [x64] HKCU\Software\BabylonToolbar
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Cr_Installer
Key Found : [x64] HKCU\Software\distromatic
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\InstalledThirdPartyPrograms
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{91607FA7-3C2F-4F90-93E3-D5337A6B0AC2}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\mysearchdial
Key Found : [x64] HKCU\Software\SearchProtect
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\SpeedyPC Software
Key Found : [x64] HKCU\Software\visualbee
Key Found : [x64] HKCU\Software\Wajam
Key Found : [x64] HKCU\Software\Zugo
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\b
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{204DF522-9A96-4A72-ABB0-60F7A216D6D2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{77BEECE6-3997-403A-92FA-0055BFCF88E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{90A1B331-C2B4-4933-9F63-BA7B84D60D58}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CEF5A3EF-2F71-468B-A2E5-777F09EFA4F5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DA282E8F-1D48-4A7B-A8BC-86A292F7B8A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0044176.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0044176.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0044176.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0044176.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AB4DA692-F26B-403C-AF8F-FD87D121F8F1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\RewardsArcade.BHO
Key Found : HKLM\SOFTWARE\Classes\RewardsArcade.Sandbox
Key Found : HKLM\SOFTWARE\Classes\RewardsArcade.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Found : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3298580
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3299568
Key Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8B0295E2-967E-439E-9560-807D9F625B57}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Found : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
Key Found : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\entrusted11
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bpfboklmeiefoedekjeigdcnfbpjeaii
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pcajpdcjfekhfnapaiphaecoajeollnc
Key Found : HKLM\Software\InstallCore
Key Found : HKLM\Software\LyricsParty-16
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01bfd945-5b85-4cf7-a1c5-4fea33073826}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01bfd945-5b85-4cf7-a1c5-4fea33073826}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d181359-dab3-4277-91cf-4bc842b0157b}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d181359-dab3-4277-91cf-4bc842b0157b}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{519ab401-332b-4f4d-a623-3d01590aa0dd}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{519ab401-332b-4f4d-a623-3d01590aa0dd}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{665F9065-F091-4114-BAD3-5DCE33F9B16B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AE7C846-ED09-4C9E-A6F9-99CFD19482E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9EA49436-BD35-402F-ABCD-B6B233FDF67B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B10478A8-5D82-43AE-A7F7-FECA4D52DD71}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dd158ab2-b664-40fc-b88a-1ffa074953a1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dd158ab2-b664-40fc-b88a-1ffa074953a1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f96d5ea9-c052-43f1-bd04-2f6faf8e3679}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f96d5ea9-c052-43f1-bd04-2f6faf8e3679}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_bpm-studio_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_bpm-studio_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_free-audio-editor_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_free-audio-editor_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{204DF522-9A96-4A72-ABB0-60F7A216D6D2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77BEECE6-3997-403A-92FA-0055BFCF88E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90A1B331-C2B4-4933-9F63-BA7B84D60D58}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CEF5A3EF-2F71-468B-A2E5-777F09EFA4F5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DA282E8F-1D48-4A7B-A8BC-86A292F7B8A9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Bar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\entrusted11 Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LyricsParty-16
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Found : HKLM\Software\MixiDJ_V44
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\Playbryte
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\SpeedyPC Software
Key Found : HKLM\Software\StartNow Toolbar
Key Found : HKLM\Software\visualbee
Key Found : HKLM\Software\Wajam
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AB4DA692-F26B-403C-AF8F-FD87D121F8F1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01bfd945-5b85-4cf7-a1c5-4fea33073826}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01bfd945-5b85-4cf7-a1c5-4fea33073826}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d181359-dab3-4277-91cf-4bc842b0157b}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d181359-dab3-4277-91cf-4bc842b0157b}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{519ab401-332b-4f4d-a623-3d01590aa0dd}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{519ab401-332b-4f4d-a623-3d01590aa0dd}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dd158ab2-b664-40fc-b88a-1ffa074953a1}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dd158ab2-b664-40fc-b88a-1ffa074953a1}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f96d5ea9-c052-43f1-bd04-2f6faf8e3679}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f96d5ea9-c052-43f1-bd04-2f6faf8e3679}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{77BEECE6-3997-403A-92FA-0055BFCF88E5}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{90A1B331-C2B4-4933-9F63-BA7B84D60D58}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{77BEECE6-3997-403A-92FA-0055BFCF88E5}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{90A1B331-C2B4-4933-9F63-BA7B84D60D58}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [backgroundContainer]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchProtect]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [updater]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5911488E-9D1E-40EC-8CBB-06B231CC153F}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{77BEECE6-3997-403A-92FA-0055BFCF88E5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{90A1B331-C2B4-4933-9F63-BA7B84D60D58}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B278D9F8-0FA9-465E-9938-0C392605D8E3}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{77BEECE6-3997-403A-92FA-0055BFCF88E5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{90A1B331-C2B4-4933-9F63-BA7B84D60D58}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Anti-phishing Domain Advisor]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [startNowToolbarHelper]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Found : HKLM\SOFTWARE\mozilla\Firefox\Extensions [[email protected]]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720






-\\ Mozilla Firefox v25.0 (en-US)

[ File : C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\w0my9bij.default-1382630008201\prefs.js ]



Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.InstallationThankYouPage", true);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.InstallationTime", 1382632823);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.active", true);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.addressbar", "NA");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.addressbarenhanced", "");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.asyncdb_dbWasSet", true);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.asyncdb_dbWasSet_FF25_FIX", true);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.asyncinternaldb_dbWasSet", true);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.asyncinternaldb_dbWasSet_FF25_FIX", true);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.backgroundver", 1);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.certdomaininstaller", "");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.changeprevious", false);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Daylight Time)")[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.cookie.InstallationTime.value", "1382632823");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.description", "LyricsParty will find any lyrics on YouTube and display\n them alongside the music [...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.domain", "");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.enablesearch", false);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.homepage", "");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.iframe", false);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Daylight[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22077E45AF0FAC47B796903024DB37B[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000580%22%2C%22sub_id%22%3A%22106[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%22077E45AF0FAC47B79690[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Tim[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_appVer.value", "19");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standar[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_lastVersion.value", "1");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_meta.value", "%7B%7D");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_nextCheck.expiration", "Sun Nov 10 2013 23:27:21 GMT-0700 (Mountain Standard [...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_nextCheck.value", "true");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_queue.value", "%7B%7D");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain St[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb._country_code_.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Daylight Time)[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb._country_code_.value", "%22US%22");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Daylight Time)");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22077E45AF[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.monetization_plugin_last_executable_request.expiration", "Sun Nov 10 2013 21:50:03 GMT-[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.monetization_plugin_last_executable_request.value", "%22hxxp%3A//secure.oi-installer9.c[...]
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.lastDailyReport", "1384129641732");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.lastUpdate", "1384129639573");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.manifesturl", "");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.name", "LyricsParty-16");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.newtab", "");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.opensearch", "");

Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.pluginsversion", 15);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.publisher", "dealscompare");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.searchstatus", 0);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.setnewtab", false);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.thankyou", "");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.updateinterval", 360);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.ver", 19);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.apps", "44176");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.bic", "141eb56973bd0084782fc71631c372bb");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.cid", 44176);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.firstrun", false);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.hadappinstalled", true);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.installationdate", 1382632823);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.modetype", "production");
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.reportInstall", true);
Line Found : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.statsDailyCounter", 26);
Line Found : user_pref("extensions.crossrider.bic", "141eb56973bd0084782fc71631c372bb");


-\\ Google Chrome v

[ File : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : icon_url
Found : keyword
Found : homepage
Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword
Found : urls_to_restore_on_startup
Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword
Found : homepage
Found : urls_to_restore_on_startup
Found : homepage
Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword
Found : urls_to_restore_on_startup
Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword
Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword

*************************

AdwCleaner[R0].txt - [50151 octets] - [10/11/2013 18:47:02]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [50212 octets] ##########
 

[jraes71]

# AdwCleaner v3.012 - Report created 10/11/2013 at 18:51:03
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : jelli - JELLI-PC
# Running from : C:\Users\jelli\Downloads\adwcleaner(1).exe
# Option : Clean

***** [ Services ] *****

Service Deleted : CltMngSvc
Service Deleted : Updater Service for StartNow Toolbar
Service Deleted : WajamUpdater

***** [ Files / Folders ] *****

Folder Deleted : C:\Searchprotect
Folder Deleted : C:\ProgramData\Anti-phishing Domain Advisor
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\SpeedyPC Software
Folder Deleted : C:\ProgramData\VisualBee
Folder Deleted : C:\Program Files (x86)\Amazon Browser Bar
Folder Deleted : C:\Program Files (x86)\BabylonToolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\driver-soft
Folder Deleted : C:\Program Files (x86)\Mysearchdial
Folder Deleted : C:\Program Files (x86)\Playbryte
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\StartNow Toolbar
Folder Deleted : C:\Program Files (x86)\Wajam
Folder Deleted : C:\Program Files (x86)\LyricsParty-16
Folder Deleted : C:\Program Files (x86)\entrusted11
Folder Deleted : C:\Program Files (x86)\MixiDJ_V44
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\jelli\AppData\Local\apn
Folder Deleted : C:\Users\jelli\AppData\Local\Babylon
Folder Deleted : C:\Users\jelli\AppData\Local\Conduit
Folder Deleted : C:\Users\jelli\AppData\Local\visualbeeexe
Folder Deleted : C:\Users\jelli\AppData\Local\Wajam
Folder Deleted : C:\Users\jelli\AppData\Local\Temp\AirInstaller
Folder Deleted : C:\Users\jelli\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\jelli\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\jelli\AppData\LocalLow\Playbryte
Folder Deleted : C:\Users\jelli\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\jelli\AppData\LocalLow\entrusted11
Folder Deleted : C:\Users\jelli\AppData\LocalLow\MixiDJ_V44
Folder Deleted : C:\Users\jelli\AppData\Roaming\Babylon
Folder Deleted : C:\Users\jelli\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\jelli\AppData\Roaming\Mysearchdial
Folder Deleted : C:\Users\jelli\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\jelli\AppData\Roaming\registry mechanic
Folder Deleted : C:\Users\jelli\AppData\Roaming\Searchprotect
Folder Deleted : C:\Users\jelli\AppData\Roaming\SpeedyPC Software
Folder Deleted : C:\Users\jelli\AppData\Roaming\StartNow Toolbar
Folder Deleted : C:\Users\jelli\AppData\Roaming\UpdaterEX
Folder Deleted : C:\Users\jelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpecialSavings
Folder Deleted : C:\Users\jelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\Users\jelli\Documents\PC Health Kit
Folder Deleted : C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\w0my9bij.default-1382630008201\Extensions\2cdc03be-623f-472d-b42f-8ddee82a46dc@d40b0eaa-58ba-4e09-9ae6-37ca59633d47.com
Folder Deleted : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\incfcgceegpikennjoplhfghaaikdgei
Folder Deleted : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Deleted : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Folder Deleted : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\kghaibkaafjfmcnfiokfdnijnkpeggam
Folder Deleted : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpfboklmeiefoedekjeigdcnfbpjeaii
Folder Deleted : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcajpdcjfekhfnapaiphaecoajeollnc
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\windows\System32\Tasks\BackgroundContainer Startup Task
File Deleted : C:\windows\Tasks\UpdaterEX.job
File Deleted : C:\windows\System32\Tasks\UpdaterEX
File Deleted : C:\windows\Tasks\LyricsParty-16-chromeinstaller.job
File Deleted : C:\windows\System32\Tasks\LyricsParty-16-chromeinstaller
File Deleted : C:\windows\Tasks\LyricsParty-16-codedownloader.job
File Deleted : C:\windows\System32\Tasks\LyricsParty-16-codedownloader
File Deleted : C:\windows\Tasks\LyricsParty-16-enabler.job
File Deleted : C:\windows\System32\Tasks\LyricsParty-16-enabler
File Deleted : C:\windows\Tasks\LyricsParty-16-firefoxinstaller.job
File Deleted : C:\windows\System32\Tasks\LyricsParty-16-firefoxinstaller
File Deleted : C:\windows\Tasks\LyricsParty-16-updater.job
File Deleted : C:\windows\System32\Tasks\LyricsParty-16-updater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\incfcgceegpikennjoplhfghaaikdgei
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Key Deleted : HKCU\Software\Google\Chrome\Extensions\bpfboklmeiefoedekjeigdcnfbpjeaii
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bpfboklmeiefoedekjeigdcnfbpjeaii
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pcajpdcjfekhfnapaiphaecoajeollnc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pcajpdcjfekhfnapaiphaecoajeollnc
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [backgroundContainer]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchProtect]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\RewardsArcade.BHO
Key Deleted : HKLM\SOFTWARE\Classes\RewardsArcade.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\RewardsArcade.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Anti-phishing Domain Advisor]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [startNowToolbarHelper]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044176.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044176.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044176.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044176.Sandbox.1
Value Deleted : HKLM\SOFTWARE\mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298580
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3299568
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_bpm-studio_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_bpm-studio_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_free-audio-editor_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_free-audio-editor_RASMANCS
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [updater]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{204DF522-9A96-4A72-ABB0-60F7A216D6D2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{77BEECE6-3997-403A-92FA-0055BFCF88E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DA282E8F-1D48-4A7B-A8BC-86A292F7B8A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{90A1B331-C2B4-4933-9F63-BA7B84D60D58}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CEF5A3EF-2F71-468B-A2E5-777F09EFA4F5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AB4DA692-F26B-403C-AF8F-FD87D121F8F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8B0295E2-967E-439E-9560-807D9F625B57}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{204DF522-9A96-4A72-ABB0-60F7A216D6D2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77BEECE6-3997-403A-92FA-0055BFCF88E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90A1B331-C2B4-4933-9F63-BA7B84D60D58}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{204DF522-9A96-4A72-ABB0-60F7A216D6D2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77BEECE6-3997-403A-92FA-0055BFCF88E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA282E8F-1D48-4A7B-A8BC-86A292F7B8A9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90A1B331-C2B4-4933-9F63-BA7B84D60D58}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{204DF522-9A96-4A72-ABB0-60F7A216D6D2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{77BEECE6-3997-403A-92FA-0055BFCF88E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{90A1B331-C2B4-4933-9F63-BA7B84D60D58}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DA282E8F-1D48-4A7B-A8BC-86A292F7B8A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CEF5A3EF-2F71-468B-A2E5-777F09EFA4F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01bfd945-5b85-4cf7-a1c5-4fea33073826}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d181359-dab3-4277-91cf-4bc842b0157b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{519ab401-332b-4f4d-a623-3d01590aa0dd}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dd158ab2-b664-40fc-b88a-1ffa074953a1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f96d5ea9-c052-43f1-bd04-2f6faf8e3679}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AE7C846-ED09-4C9E-A6F9-99CFD19482E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9EA49436-BD35-402F-ABCD-B6B233FDF67B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B10478A8-5D82-43AE-A7F7-FECA4D52DD71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{665F9065-F091-4114-BAD3-5DCE33F9B16B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{91607FA7-3C2F-4F90-93E3-D5337A6B0AC2}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5911488E-9D1E-40EC-8CBB-06B231CC153F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B278D9F8-0FA9-465E-9938-0C392605D8E3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{77BEECE6-3997-403A-92FA-0055BFCF88E5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{90A1B331-C2B4-4933-9F63-BA7B84D60D58}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{77BEECE6-3997-403A-92FA-0055BFCF88E5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{90A1B331-C2B4-4933-9F63-BA7B84D60D58}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{77BEECE6-3997-403A-92FA-0055BFCF88E5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{90A1B331-C2B4-4933-9F63-BA7B84D60D58}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{77BEECE6-3997-403A-92FA-0055BFCF88E5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{90A1B331-C2B4-4933-9F63-BA7B84D60D58}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AB4DA692-F26B-403C-AF8F-FD87D121F8F1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01bfd945-5b85-4cf7-a1c5-4fea33073826}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d181359-dab3-4277-91cf-4bc842b0157b}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{519ab401-332b-4f4d-a623-3d01590aa0dd}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dd158ab2-b664-40fc-b88a-1ffa074953a1}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f96d5ea9-c052-43f1-bd04-2f6faf8e3679}
Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\InstalledThirdPartyPrograms
Key Deleted : HKCU\Software\mysearchdial
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SpeedyPC Software
Key Deleted : HKCU\Software\visualbee
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\RewardsArcade
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKCU\Software\AppDataLow\Software\LyricsParty-16
Key Deleted : HKCU\Software\AppDataLow\Software\entrusted11
Key Deleted : HKCU\Software\AppDataLow\Software\MixiDJ_V44
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\Playbryte
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\SpeedyPC Software
Key Deleted : HKLM\Software\StartNow Toolbar
Key Deleted : HKLM\Software\visualbee
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\Software\LyricsParty-16
Key Deleted : HKLM\Software\entrusted11
Key Deleted : HKLM\Software\MixiDJ_V44
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Bar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LyricsParty-16
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\entrusted11 Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]

-\\ Mozilla Firefox v25.0 (en-US)

[ File : C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\w0my9bij.default-1382630008201\prefs.js ]



Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.InstallationThankYouPage", true);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.InstallationTime", 1382632823);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.active", true);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.addressbar", "NA");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.addressbarenhanced", "");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.asyncdb_dbWasSet", true);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.asyncdb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.asyncinternaldb_dbWasSet", true);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.asyncinternaldb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.backgroundver", 1);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.certdomaininstaller", "");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.changeprevious", false);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Daylight Time)")[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.cookie.InstallationTime.value", "1382632823");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.description", "LyricsParty will find any lyrics on YouTube and display\n them alongside the music [...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.domain", "");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.enablesearch", false);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.homepage", "");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.iframe", false);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Daylight[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22077E45AF0FAC47B796903024DB37B[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000580%22%2C%22sub_id%22%3A%22106[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%22077E45AF0FAC47B79690[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Tim[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_appVer.value", "19");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standar[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_lastVersion.value", "1");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_meta.value", "%7B%7D");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_nextCheck.expiration", "Sun Nov 10 2013 23:27:21 GMT-0700 (Mountain Standard [...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_nextCheck.value", "true");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_queue.value", "%7B%7D");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain St[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb._country_code_.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Daylight Time)[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb._country_code_.value", "%22US%22");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Daylight Time)");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22077E45AF[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.monetization_plugin_last_executable_request.expiration", "Sun Nov 10 2013 21:50:03 GMT-[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.internaldb.monetization_plugin_last_executable_request.value", "%22hxxp%3A//secure.oi-installer9.c[...]
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.lastDailyReport", "1384129641732");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.lastUpdate", "1384129639573");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.manifesturl", "");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.name", "LyricsParty-16");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.newtab", "");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.opensearch", "");

Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.pluginsversion", 15);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.publisher", "dealscompare");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.searchstatus", 0);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.setnewtab", false);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.thankyou", "");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.updateinterval", 360);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.44176.ver", 19);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.apps", "44176");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.bic", "141eb56973bd0084782fc71631c372bb");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.cid", 44176);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.firstrun", false);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.hadappinstalled", true);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.installationdate", 1382632823);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.modetype", "production");
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.reportInstall", true);
Line Deleted : user_pref("extensions.a2cdc03be623f472db42f8ddee82a46dcd40b0eaa58ba4e099ae637ca59633d47com44176.statsDailyCounter", 26);
Line Deleted : user_pref("extensions.crossrider.bic", "141eb56973bd0084782fc71631c372bb");


-\\ Google Chrome v

[ File : C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : homepage

*************************

AdwCleaner[R0].txt - [50537 octets] - [10/11/2013 18:47:02]
AdwCleaner[s0].txt - [47944 octets] - [10/11/2013 18:51:03]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [48005 octets] ##########
 

[flashh4]

Jraes, that was a ton ! We gonna clean this all up & make it run smooth !!

 

Post the logs as you get them !!

 

Chuck

[jraes71]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.11.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
jelli :: JELLI-PC [administrator]

11/10/2013 7:07:34 PM
mbam-log-2013-11-10 (19-07-34).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 227166
Time elapsed: 34 minute(s), 57 second(s)

Memory Processes Detected: 4
C:\ProgramData\Updater\updater.exe (PUP.Optional.TubeDimmer) -> 2680 -> No action taken.
C:\ProgramData\RHelpers\CHROMEHELPER\CHROMEHELPER.EXE (PUP.Optional.Searchagent) -> 3720 -> No action taken.
C:\ProgramData\RHelpers\FIREFOXHELPER\FIREFOXHELPER.EXE (PUP.Optional.Searchagent) -> 5408 -> No action taken.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.Searchagent) -> 5788 -> No action taken.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 7
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TubeDimmer (PUP.Optional.TubeDimmer) -> No action taken.
HKCR\TypeLib\{781CA792-9B6E-400B-B36F-15C097D2CA54} (PUP.Optional.TubeDimmer) -> No action taken.
HKCR\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85} (PUP.Optional.TubeDimmer) -> No action taken.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE} (PUP.Optional.Adpeak) -> No action taken.

Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Updater (PUP.Optional.TubeDimmer) -> Data: C:\ProgramData\Updater\Updater.exe -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Updater (PUP.Optional.TubeDimmer) -> Data: C:\ProgramData\Updater\updater.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE}|DisplayName (PUP.Optional.Adpeak) -> Data: Level Quality Watcher -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 22
C:\ProgramData\TUBEDIMMER (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Chrome (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Chrome\unzip (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Firefox (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Firefox\chrome (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Firefox\chrome\content (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\IE (PUP.Optional.TubeDimmer) -> No action taken.
C:\Program Files (x86)\LEVEL QUALITY WATCHER (PUP.Optional.Adpeak) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3287811 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3287811\xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580\plugins (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580\xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580\xpi\defaults (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3299568 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3299568\xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3299568\xpi\defaults (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3299568\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\RHelpers\CHROMEHELPER (PUP.Optional.Searchagent) -> No action taken.
C:\ProgramData\RHelpers\FIREFOXHELPER (PUP.Optional.Searchagent) -> No action taken.
C:\ProgramData\RHelpers\IeHelper (PUP.Optional.Searchagent) -> No action taken.

Files Detected: 116
C:\ProgramData\Updater\updater.exe (PUP.Optional.TubeDimmer) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\1989M6Tg.exe.part (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\air4E1C.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\airC2B5.exe (PUP.Optional.AdLyrics) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\airF69D.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\bZmMUfqy.exe.part (PUP.Optional.iBryte) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\checktbexist.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\f0v0yhv4.exe.part (PUP.Optional.AirInstaller) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\mOm3F0RD.exe.part (PUP.Optional.Smart) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\nsa7F06.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\nsa8A0E.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\nsaF23F.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\nsh5938.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\nshF5E7.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\nsk5FDF.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\nslDF0A.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\nsm62CC.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\nsmE84D.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\nsp6896.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\nsq4C8E.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\nsvBBB.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\QY70_eD_.exe.part (PUP.Optional.Smart) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\SecondStepInstaller.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\zJM04TxD.exe.part (PUP.Optional.AirInstaller) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3287811\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3287811\ffLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3287811\stub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3298580\chLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3298580\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3298580\ffLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3298580\ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3298580\spch.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3298580\spff.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3298580\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3298580\stub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3299568\chLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3299568\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3299568\ffLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3299568\ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3299568\spch.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3299568\spff.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3299568\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\ct3299568\stub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\is105010450\mysearchdial.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\is105010450\mysearchdialApp.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\is105010450\mysearchdialEng.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\is105010450\mysearchdialsrv.exe (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\is105010450\mysearchdialTlbr.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\is105010450\MySearchDialUpdate.exe (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\is357113909\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\jelli\Downloads\Browser_Updater_01_8398.exe (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\jelli\Downloads\Firefox_Setup(1).exe (PUP.Optional.iBryte) -> No action taken.
C:\Users\jelli\Downloads\Firefox_Setup(2).exe (PUP.Optional.iBryte) -> No action taken.
C:\Users\jelli\Downloads\FlashPlayer__3650_i107210796_il73.exe (PUP.Optional.Amonetize.A) -> No action taken.
C:\Users\jelli\Downloads\FlvPlayerSetup.exe (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\jelli\Downloads\FPP_Setup.exe (PUP.Optional.AirInstaller) -> No action taken.
C:\Users\jelli\Downloads\Setup.exe (PUP.Optional.Firseria) -> No action taken.
C:\Users\jelli\Downloads\Updater_Setup(1).exe (PUP.Optional.iBryte) -> No action taken.
C:\Users\jelli\Downloads\Updater_Setup.exe (PUP.Optional.ExpressInstall.A) -> No action taken.
C:\Windows\Installer\6431d16.msi (PUP.Optional.Adpeak) -> No action taken.
C:\ProgramData\TUBEDIMMER\app.dat (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\TubeDimmer.ico (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Uninstall.exe (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Chrome\common.crx (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Chrome\_common.crx (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\announce.js (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\background.html (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\common.js (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\contentscript.js (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\icon.png (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\icon128.png (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\icon16.png (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\icon48.png (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\iframecontentscript.js (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\manifest.json (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Firefox\chrome.manifest (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Firefox\install.rdf (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Firefox\chrome\content\main.js (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\Firefox\chrome\content\overlay.xul (PUP.Optional.TubeDimmer) -> No action taken.
C:\ProgramData\TUBEDIMMER\IE\common.dll (PUP.Optional.TubeDimmer) -> No action taken.
C:\Program Files (x86)\LEVEL QUALITY WATCHER\LEVELQUALITYWATCHER64.EXE (PUP.Optional.Adpeak) -> No action taken.
C:\Program Files (x86)\LEVEL QUALITY WATCHER\LevelQualityWatcher32.exe (PUP.Optional.Adpeak) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3287811\chromeid.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3287811\conduit.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3287811\CT3287811.xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3287811\setup.ini.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3287811\xpi\install.rdf (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580\chromeid.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580\conduit.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580\CT3298580.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580\CT3298580.xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580\initdata.json (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580\manifest.json (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580\setup.ini.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580\version.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580\plugins\TBVerifier.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580\xpi\install.rdf (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3298580\xpi\defaults\PREFERENCES\defaults.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3299568\chromeid.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3299568\conduit.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3299568\CT3299568.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3299568\CT3299568.xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3299568\initData.json (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3299568\manifest.json (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3299568\setup.ini.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3299568\version.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3299568\xpi\install.rdf (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\CT3299568\xpi\defaults\PREFERENCES\defaults.js (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\RHelpers\CHROMEHELPER\ChromeHelper.exe (PUP.Optional.Searchagent) -> No action taken.
C:\ProgramData\RHelpers\FIREFOXHELPER\FirefoxHelper.exe (PUP.Optional.Searchagent) -> No action taken.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.Searchagent) -> No action taken.
C:\Users\jelli\AppData\Local\Temp\GetCC.dll (MSIL.Solimba) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\vbmz6.exe (MSIL.Solimba) -> Quarantined and deleted successfully.

(end)
 

[flashh4]

Now run Malwarebytes and Select remove all !!

 

Chuck

[jraes71]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.11.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
jelli :: JELLI-PC [administrator]

11/10/2013 7:49:49 PM
mbam-log-2013-11-10 (19-49-49).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 227163
Time elapsed: 16 minute(s), 12 second(s)

Memory Processes Detected: 4
C:\ProgramData\Updater\updater.exe (PUP.Optional.TubeDimmer) -> 2680 -> Delete on reboot.
C:\ProgramData\RHelpers\CHROMEHELPER\CHROMEHELPER.EXE (PUP.Optional.Searchagent) -> 3720 -> Delete on reboot.
C:\ProgramData\RHelpers\FIREFOXHELPER\FIREFOXHELPER.EXE (PUP.Optional.Searchagent) -> 5408 -> Delete on reboot.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.Searchagent) -> 5788 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 7
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TubeDimmer (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
HKCR\TypeLib\{781CA792-9B6E-400B-B36F-15C097D2CA54} (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
HKCR\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85} (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE} (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Updater (PUP.Optional.TubeDimmer) -> Data: C:\ProgramData\Updater\updater.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Updater (PUP.Optional.TubeDimmer) -> Data: C:\ProgramData\Updater\Updater.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE}|DisplayName (PUP.Optional.Adpeak) -> Data: Level Quality Watcher -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 22
C:\ProgramData\TUBEDIMMER (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Chrome (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Chrome\unzip (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Firefox (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Firefox\chrome (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Firefox\chrome\content (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\IE (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LEVEL QUALITY WATCHER (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3287811 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3287811\xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580\plugins (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580\xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580\xpi\defaults (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3299568 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3299568\xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3299568\xpi\defaults (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3299568\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\RHelpers\CHROMEHELPER (PUP.Optional.Searchagent) -> Delete on reboot.
C:\ProgramData\RHelpers\FIREFOXHELPER (PUP.Optional.Searchagent) -> Delete on reboot.
C:\ProgramData\RHelpers\IeHelper (PUP.Optional.Searchagent) -> Delete on reboot.

Files Detected: 114
C:\ProgramData\Updater\updater.exe (PUP.Optional.TubeDimmer) -> Delete on reboot.
C:\Users\jelli\AppData\Local\Temp\1989M6Tg.exe.part (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\air4E1C.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\airC2B5.exe (PUP.Optional.AdLyrics) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\airF69D.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\bZmMUfqy.exe.part (PUP.Optional.iBryte) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\checktbexist.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\f0v0yhv4.exe.part (PUP.Optional.AirInstaller) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\mOm3F0RD.exe.part (PUP.Optional.Smart) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\nsa7F06.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\nsa8A0E.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\nsaF23F.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\nsh5938.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\nshF5E7.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\nsk5FDF.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\nslDF0A.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\nsm62CC.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\nsmE84D.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\nsp6896.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\nsq4C8E.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\nsvBBB.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\QY70_eD_.exe.part (PUP.Optional.Smart) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\SecondStepInstaller.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\zJM04TxD.exe.part (PUP.Optional.AirInstaller) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3287811\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3287811\ffLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3287811\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3298580\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3298580\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3298580\ffLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3298580\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3298580\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3298580\spff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3298580\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3298580\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3299568\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3299568\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3299568\ffLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3299568\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3299568\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3299568\spff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3299568\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\ct3299568\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\is105010450\mysearchdial.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\is105010450\mysearchdialApp.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\is105010450\mysearchdialEng.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\is105010450\mysearchdialsrv.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\is105010450\mysearchdialTlbr.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\is105010450\MySearchDialUpdate.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\is357113909\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\jelli\Downloads\Browser_Updater_01_8398.exe (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\jelli\Downloads\Firefox_Setup(1).exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully.
C:\Users\jelli\Downloads\Firefox_Setup(2).exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully.
C:\Users\jelli\Downloads\FlashPlayer__3650_i107210796_il73.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Users\jelli\Downloads\FlvPlayerSetup.exe (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\jelli\Downloads\FPP_Setup.exe (PUP.Optional.AirInstaller) -> Quarantined and deleted successfully.
C:\Users\jelli\Downloads\Setup.exe (PUP.Optional.Firseria) -> Quarantined and deleted successfully.
C:\Users\jelli\Downloads\Updater_Setup(1).exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully.
C:\Users\jelli\Downloads\Updater_Setup.exe (PUP.Optional.ExpressInstall.A) -> Quarantined and deleted successfully.
C:\Windows\Installer\6431d16.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\app.dat (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\TubeDimmer.ico (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Uninstall.exe (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Chrome\common.crx (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Chrome\_common.crx (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\announce.js (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\background.html (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\common.js (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\contentscript.js (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\icon.png (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\icon128.png (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\icon16.png (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\icon48.png (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\iframecontentscript.js (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Chrome\unzip\manifest.json (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Firefox\chrome.manifest (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Firefox\install.rdf (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Firefox\chrome\content\main.js (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\Firefox\chrome\content\overlay.xul (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\ProgramData\TUBEDIMMER\IE\common.dll (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LEVEL QUALITY WATCHER\LEVELQUALITYWATCHER64.EXE (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LEVEL QUALITY WATCHER\LevelQualityWatcher32.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3287811\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3287811\conduit.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3287811\CT3287811.xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3287811\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3287811\xpi\install.rdf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580\conduit.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580\CT3298580.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580\CT3298580.xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580\initdata.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580\manifest.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580\version.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580\plugins\TBVerifier.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580\xpi\install.rdf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3298580\xpi\defaults\PREFERENCES\defaults.js (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3299568\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3299568\conduit.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3299568\CT3299568.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3299568\CT3299568.xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3299568\initData.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3299568\manifest.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3299568\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3299568\version.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3299568\xpi\install.rdf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\jelli\AppData\Local\Temp\CT3299568\xpi\defaults\PREFERENCES\defaults.js (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\RHelpers\CHROMEHELPER\ChromeHelper.exe (PUP.Optional.Searchagent) -> Delete on reboot.
C:\ProgramData\RHelpers\FIREFOXHELPER\FirefoxHelper.exe (PUP.Optional.Searchagent) -> Delete on reboot.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.Searchagent) -> Delete on reboot.

(end)
 

[flashh4]

Jraes, lets continue with the cleaning !! Your doing good so far !

 

 

 

 

Security Check

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link 1 >>> http://screen317.spywareinfoforum.org/SecurityCheck.exe.

Link 2 >>> http://screen317.changelog.fr/SecurityCheck.exe

    * Double click SecurityCheck.exe and follow the onscreen instructions inside the black box.
    * A Notepad document should open automatically called checkup.txt
    * Please post the contents of that document in your next reply.


NEXT


Run RogueKiller

IMPORTANT: Do not reboot your computer if at all possible otherwise the malware will reactivate and you will have to run RogueKiller again

Download RogueKiller to your desktop. >>> http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

    close all running programs
    for Windows Vista/Seven, right click -> run as administrator, for XP simply double-click on RogueKiller.exe
    when the prescan is finished, click on Scan
    click on Report and copy/paste the content in your next post.[/list
    If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe

Please post the contents of the RKreport.txt in your next reply.


NEXT


Download DDS and save it to your Desktop.  >>> DDS


    Double click dds.scr to run the tool.
    If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt.
    DDS will now scan your computer.
    When the scan is complete, DDS will open two (2) logs:
        DDS.txt
        Attach.txt
    If not saved these logs will be automatically deleted when closed, so save both to your Desktop.
    Please note it is important that you post BOTH logs in your topic.


Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.


Any problems downloading or running DDS.scr, try THIS alternate (DDS.com) version of DDS http://download.bleepingcomputer.com/sUBs/dds.com
 

 

 

Post Next:

1. SecurityCheck Log

2. RogueKiller Log

3. DDS logs (2)

 

Thanks

Chuck

 

Do not remove any tools/programs before i tell you, this is in case we need to re-run one or them !!

[jraes71]

Results of screen317's Security Check version 0.99.76  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 6 Update 45  
 Java version out of Date!
 Adobe Flash Player 11.9.900.117  
 Adobe Reader XI  
 Mozilla Firefox (25.0)
 Google Chrome 30.0.1599.101  
 Google Chrome 30.0.1599.69  
 Google Chrome plugins...  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

[jraes71]

RogueKiller V8.7.6 [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : jelli [Admin rights]
Mode : Scan -- Date : 11/10/2013 20:57:17
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[sUSP PATH] SmileboxTray.exe -- C:\Users\jelli\AppData\Roaming\Smilebox\SmileboxTray.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : SmileboxTray ("C:\Users\jelli\AppData\Roaming\Smilebox\SmileboxTray.exe" [7]) -> FOUND
[RUN][sUSP PATH] HKCU\[...]\Run : Updater (C:\ProgramData\Updater\updater.exe [x]) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-920890388-3952254803-1851345295-1001\[...]\Run : SmileboxTray ("C:\Users\jelli\AppData\Roaming\Smilebox\SmileboxTray.exe" [7]) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-920890388-3952254803-1851345295-1001\[...]\Run : Updater (C:\ProgramData\Updater\updater.exe [x]) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 5 ¤¤¤
[V1][sUSP PATH] Arcadesafari.job : C:\Users\jelli\AppData\Local\Arcadesafari\ArcadesafariUpdater.exe [-] -> FOUND
[V1][sUSP PATH] CandyUpdater.job : C:\Users\jelli\AppData\Local\ArcadeCandy\candyUpdater.exe [7] -> FOUND
[V2][sUSP PATH] Arcadesafari : C:\Users\jelli\AppData\Local\Arcadesafari\ArcadesafariUpdater.exe [-] -> FOUND
[V2][sUSP PATH] CandyUpdater : C:\Users\jelli\AppData\Local\ArcadeCandy\candyUpdater.exe [7] -> FOUND
[V2][sUSP PATH] VisualBeeRecovery : C:\Users\jelli\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe - /s [x] -> FOUND

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD6400BPVT-75HXZT1 +++++
--- User ---
[MBR] 37cadad5b6437cdb9b4e5f51d306db1c
[bSP] c0cd953a18d31b3867b8430805f10cea : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 595378 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_11102013_205717.txt >>



 

[jraes71]

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16720  BrowserJavaVersion: 1.6.0_45
Run by jelli at 21:01:41 on 2013-11-10
.
============== Running Processes ================
.
C:\Program Files (x86)\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.7\ccSvcHst.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\TechSmith\Jing\Jing.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\SysWOW64\mmrtkrnl.exe
C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 7.0\ReminderApp.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
C:\Users\jelli\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\jelli\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Users\jelli\Downloads\RogueKiller.exe
C:\windows\SysWOW64\notepad.exe
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
.
============== Pseudo HJT Report ===============
.


mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: ScorpionSaver: {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\ScorpionSaver\IECore.dll
BHO: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: ArcadeCandy Games: {AB6BD08C-DB6B-4F02-8A22-4BD343E990FF} - C:\Users\jelli\AppData\Local\ArcadeCandy\candyEX.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Querius Search Bar: {edb8602e-fa77-4d58-ab9f-97ac1f6ee12f} -
BHO: PowerInbox: {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\Program Files (x86)\PowerInbox\PowerInbox\PowerInboxBHO.dll
BHO: Norton Safe Web Lite BHO: {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.7\CoIEPlg.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Safe Web Lite: {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.7\CoIEPlg.dll
TB: Querius Search Bar: {edb8602e-fa77-4d58-ab9f-97ac1f6ee12f} -
TB: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: E-Web Print: {A60C1DC7-64B3-4AD9-8E67-035D11B8B2B0} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
uRun: [Facebook Update] "C:\Users\jelli\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Google Update] "C:\Users\jelli\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Jing] C:\Program Files (x86)\TechSmith\Jing\Jing.exe
uRun: [smileboxTray] "C:\Users\jelli\AppData\Roaming\Smilebox\SmileboxTray.exe"
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [DW7] "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [updater] C:\ProgramData\Updater\updater.exe
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [TaskTray] <no file>
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
dRun: [searchProtect] \SearchProtect\bin\cltmng.exe
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll






TCP: NameServer = 192.168.1.1
TCP: Interfaces\{0618027E-F00E-44D4-9CDA-608B75FC2EDD} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{0618027E-F00E-44D4-9CDA-608B75FC2EDD}\2656C6B696E6534376 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{0618027E-F00E-44D4-9CDA-608B75FC2EDD}\C4974696165333 : DHCPNameServer = 67.215.21.202 72.21.70.3
TCP: Interfaces\{0618027E-F00E-44D4-9CDA-608B75FC2EDD}\C4F46554C4C4 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{0618027E-F00E-44D4-9CDA-608B75FC2EDD}\E4164796F6E616C693F533 : DHCPNameServer = 69.145.232.32 69.144.49.29
TCP: Interfaces\{0618027E-F00E-44D4-9CDA-608B75FC2EDD}\E4164796F6E616C693F543 : DHCPNameServer = 69.145.232.32 69.144.49.29
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>

x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: PowerInbox: {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\Program Files (x86)\PowerInbox\PowerInbox\PowerInboxBHO64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll



x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - <orphaned>
x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\w0my9bij.default-1382630008201\
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: C:\Users\jelli\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll
FF - plugin: C:\Users\jelli\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\jelli\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Users\jelli\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - plugin: C:\windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R? androidusb;SAMSUNG Android Composite ADB Interface Driver
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? GamesAppService;GamesAppService
R? McComponentHostService;McAfee Security Scan Component Host Service
R? NisDrv;Microsoft Network Inspection System
R? NisSrv;Microsoft Network Inspection
R? RdpVideoMiniport;Remote Desktop Video Miniport Driver
R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader
R? SkypeUpdate;Skype Updater
R? ssadbus;SAMSUNG Android USB Composite Device driver (WDM)
R? ssadmdfl;SAMSUNG Android USB Modem (Filter)
R? ssadmdm;SAMSUNG Android USB Modem Drivers
R? TsUsbFlt;TsUsbFlt
R? TsUsbGD;Remote Desktop Generic USB Device
R? USBAAPL64;Apple Mobile USB Driver
R? vToolbarUpdater17.1.0;vToolbarUpdater17.1.0
R? WatAdminSvc;Windows Activation Technologies Service
R? WDC_SAM;WD SCSI Pass Thru driver
R? wlcrasvc;Windows Live Mesh remote connections service
S? AdobeActiveFileMonitor;Adobe Active File Monitor
S? AESTFilters;Andrea ST Filters Service
S? AtherosSvc;AtherosSvc
S? avgtp;avgtp
S? BTATH_BUS;Atheros Bluetooth Bus
S? CtClsFlt;Creative Camera Class Upper Filter Driver
S? EpsonCustomerParticipation;EpsonCustomerParticipation
S? HECIx64;Intel® Management Engine Interface
S? IAStorDataMgrSvc;Intel® Rapid Storage Technology
S? Impcd;Impcd
S? IntcDAud;Intel® Display Audio
S? Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service
S? Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service
S? Level Quality Watcher;Level Quality Watcher
S? MBAMProtector;MBAMProtector
S? MBAMScheduler;MBAMScheduler
S? MBAMService;MBAMService
S? MpFilter;Microsoft Malware Protection Driver
S? NOBU;Dell DataSafe Online
S? NSL;Norton Safe Web Lite
S? PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service
S? PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect
S? PxHlpa64;PxHlpa64
S? QBVSS;QBIDPService
S? RTL8167;Realtek 8167 NT Driver
S? SftService;SoftThinks Agent Service
S? UNS;Intel® Management & Security Application User Notification Service
S? ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent
S? ZAtheros Wlan Agent;ZAtheros Wlan Agent
.
=============== Created Last 30 ================
.
2013-11-11 02:00:07    --------    d-----w-    C:\Users\jelli\AppData\Roaming\Registry Mechanic
2013-11-11 01:45:24    --------    d-----w-    C:\AdwCleaner
2013-11-10 16:59:36    75888    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CD38A069-41DD-4461-A0B4-C3D48FBC4991}\offreg.dll
2013-11-10 16:50:12    10280728    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CD38A069-41DD-4461-A0B4-C3D48FBC4991}\mpengine.dll
2013-11-07 20:46:14    10280728    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-11-06 20:23:31    965000    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-11-06 20:23:30    965000    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F7DB17B6-7C5F-4EA0-A607-83B97C7DCABD}\gapaengine.dll
2013-10-28 02:26:08    --------    d-----w-    C:\Users\jelli\AppData\Local\{799EF2A0-3AE8-4492-80C4-72B0608F6F24}
2013-10-25 01:15:16    --------    d-----w-    C:\Users\jelli\AppData\Local\assembly
2013-10-24 14:42:30    --------    d-----w-    C:\Program Files (x86)\Microsoft Security Client
2013-10-24 14:41:49    --------    d-----w-    C:\Program Files\Microsoft Security Client
2013-10-24 14:39:24    458712    ----a-w-    C:\windows\System32\drivers\cng.sys
2013-10-24 14:39:24    340992    ----a-w-    C:\windows\System32\schannel.dll
2013-10-24 14:39:24    247808    ----a-w-    C:\windows\SysWow64\schannel.dll
2013-10-24 14:39:24    154480    ----a-w-    C:\windows\System32\drivers\ksecpkg.sys
2013-10-24 14:39:24    1448448    ----a-w-    C:\windows\System32\lsasrv.dll
2013-10-24 14:39:23    96768    ----a-w-    C:\windows\SysWow64\sspicli.dll
2013-10-24 14:39:23    22016    ----a-w-    C:\windows\SysWow64\secur32.dll
2013-10-23 01:12:24    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FCB8D2B1-48C0-4037-AFA9-BD18B3EB0BA5}\offreg.dll
2013-10-22 19:14:14    --------    d-----w-    C:\ProgramData\Updater
2013-10-22 19:14:14    --------    d-----w-    C:\ProgramData\RHelpers
2013-10-22 19:04:25    --------    d-----w-    C:\Users\jelli\AppData\Local\SySaver
2013-10-22 19:01:33    --------    d-----w-    C:\Program Files (x86)\ScorpionSaver
2013-10-22 19:01:20    --------    d-----w-    C:\temp
2013-10-22 18:56:11    --------    d-----w-    C:\Program Files (x86)\Flash Player Pro
2013-10-22 18:28:57    10280728    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FCB8D2B1-48C0-4037-AFA9-BD18B3EB0BA5}\mpengine.dll
2013-10-19 21:32:49    --------    d-----w-    C:\Program Files\McAfee Security Scan
2013-10-19 17:32:21    --------    d-----w-    C:\Users\jelli\AppData\Roaming\Roxio Log Files
2013-10-18 21:23:51    --------    d-----w-    C:\Users\jelli\AppData\Local\WordOv
2013-10-18 21:23:40    --------    d-----w-    C:\Users\jelli\AppData\Local\VisualBeeClient
2013-10-18 18:16:21    99840    ----a-w-    C:\windows\System32\drivers\usbccgp.sys
2013-10-18 18:16:21    7808    ----a-w-    C:\windows\System32\drivers\usbd.sys
2013-10-18 18:16:21    52736    ----a-w-    C:\windows\System32\drivers\usbehci.sys
2013-10-18 18:16:21    343040    ----a-w-    C:\windows\System32\drivers\usbhub.sys
2013-10-18 18:16:21    325120    ----a-w-    C:\windows\System32\drivers\usbport.sys
2013-10-18 18:16:21    30720    ----a-w-    C:\windows\System32\drivers\usbuhci.sys
2013-10-18 18:16:20    25600    ----a-w-    C:\windows\System32\drivers\usbohci.sys
.
==================== Find3M  ====================
.
2013-10-10 21:19:43    45856    ----a-w-    C:\windows\System32\drivers\avgtpx64.sys
2013-10-10 14:53:29    71048    ------w-    C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-10 14:53:29    692616    ------w-    C:\windows\SysWow64\FlashPlayerApp.exe
2013-09-22 23:28:06    1767936    ----a-w-    C:\windows\SysWow64\wininet.dll
2013-09-22 23:27:49    2876928    ----a-w-    C:\windows\SysWow64\jscript9.dll
2013-09-22 23:27:48    61440    ----a-w-    C:\windows\SysWow64\iesetup.dll
2013-09-22 23:27:48    109056    ----a-w-    C:\windows\SysWow64\iesysprep.dll
2013-09-22 22:55:10    2241024    ----a-w-    C:\windows\System32\wininet.dll
2013-09-22 22:54:51    3959296    ----a-w-    C:\windows\System32\jscript9.dll
2013-09-22 22:54:50    67072    ----a-w-    C:\windows\System32\iesetup.dll
2013-09-22 22:54:50    136704    ----a-w-    C:\windows\System32\iesysprep.dll
2013-09-21 03:38:39    2706432    ----a-w-    C:\windows\System32\mshtml.tlb
2013-09-21 03:30:24    2706432    ----a-w-    C:\windows\SysWow64\mshtml.tlb
2013-09-21 02:48:36    89600    ----a-w-    C:\windows\System32\RegisterIEPKEYs.exe
2013-09-21 02:39:47    71680    ----a-w-    C:\windows\SysWow64\RegisterIEPKEYs.exe
2013-09-14 01:10:19    497152    ----a-w-    C:\windows\System32\drivers\afd.sys
2013-09-08 02:30:37    1903552    ----a-w-    C:\windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14    327168    ----a-w-    C:\windows\System32\mswsock.dll
2013-09-08 02:03:58    231424    ----a-w-    C:\windows\SysWow64\mswsock.dll
2013-08-29 02:17:48    5549504    ----a-w-    C:\windows\System32\ntoskrnl.exe
2013-08-29 02:16:35    1732032    ----a-w-    C:\windows\System32\ntdll.dll
2013-08-29 02:16:28    243712    ----a-w-    C:\windows\System32\wow64.dll
2013-08-29 02:16:14    859648    ----a-w-    C:\windows\System32\tdh.dll
2013-08-29 02:13:28    878080    ----a-w-    C:\windows\System32\advapi32.dll
2013-08-29 01:51:45    3969472    ----a-w-    C:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45    3914176    ----a-w-    C:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31    5120    ----a-w-    C:\windows\SysWow64\wow32.dll
2013-08-29 01:50:30    1292192    ----a-w-    C:\windows\SysWow64\ntdll.dll
2013-08-29 01:50:16    619520    ----a-w-    C:\windows\SysWow64\tdh.dll
2013-08-29 01:48:17    640512    ----a-w-    C:\windows\SysWow64\advapi32.dll
2013-08-29 01:48:15    44032    ----a-w-    C:\windows\apppatch\acwow64.dll
2013-08-29 00:49:53    25600    ----a-w-    C:\windows\SysWow64\setup16.exe
2013-08-29 00:49:52    7680    ----a-w-    C:\windows\SysWow64\instnm.exe
2013-08-29 00:49:52    14336    ----a-w-    C:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49    2048    ----a-w-    C:\windows\SysWow64\user.exe
2013-08-28 01:21:06    3155968    ----a-w-    C:\windows\System32\win32k.sys
2013-08-28 01:12:33    461312    ----a-w-    C:\windows\System32\scavengeui.dll
.
============= FINISH: 21:04:02.85 ===============
 

[jraes71]

.
==== Installed Programs ======================
.
4500_G510gm_Help
4500G510gm
4500G510gm_Software_Min
64 Bit HP CIO Components Installer
Accidental Damage Services Agreement
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 3.0
Adobe Reader XI (11.0.05)
Adobe Shockwave Player 11.6
Advanced Audio FX Engine
aioscnnr
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcadeCandy
Arcadesafari
Atheros Bluetooth Suite (64)
AVG SafeGuard toolbar
Banctec Service Agreement
Bejeweled 2 Deluxe
Blackhawk Striker 2
Bonjour
Bounce Symphony
BPM-Studio 4 Demo
BufferChm
Build-a-lot 2
C4USelfUpdater
Cake Mania
center
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Complete Care Business Service Agreement
Consumer In-Home Service Agreement
Coupon Printer for Windows
Cozi
CutePDF Writer 3.0
D3DX10
DealCabby
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Driver Download Manager
Dell Edoc Viewer
Dell Getting Started Guide
Dell Home Systems Service Agreement
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell Stage Remote
Dell Support Center
Dell Touchpad
Dell VideoStage
Dell Webcam Central
Dell Wireless Driver Installation
Dell WLAN and Bluetooth Client Installation
Destinations
DeviceDiscovery
Digital Line Detect
Diner Dash 2 Restaurant Rescue
DocMgr
DocProc
Dora's World Adventure
Driver Performer
Dropbox
eBay
Epson Connect Printer Setup
EPSON Connect version 1.0
Epson Customer Participation
Epson E-Web Print
Epson Event Manager
Epson FAX Utility
Epson PC-FAX Driver
EPSON Printer Finder
EPSON WF-2540 Series Printer Uninstall
EpsonNet Print
Escape Whisper Valley
essentials
Extended Update
Facebook Messenger 2.1.4814.0
Facebook Video Calling 1.2.0.287
Farm Frenzy
FATE
Fax
Final Drive Fury
Final Drive Nitro
Flash Player Pro V5.4
Free Audio Editor
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
Greeting Card Factory Deluxe 7.0
Hewlett-Packard ACLM.NET v1.1.0.0
HP Customer Participation Program 13.0
HP Document Manager 2.0
HP Imaging Device Functions 13.0
HP Officejet 4500 G510g-m
HP Product Detection
HP Smart Web Printing 4.5
HP Solution Center 13.0
HP Update
HPDiagnosticAlert
HPProductAssistant
HPSSupply
IDT Audio
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
iTunes
J2SE Runtime Environment 5.0
Java Auto Updater
Java 6 Update 24 (64-bit)
Java 6 Update 45
JDownloader 0.9
Jewel Quest
Jewel Quest Solitaire 2
Jing
Juniper Networks Host Checker
Juniper Networks Setup Client
Junk Mail filter update
Kodak AIO Printer
KODAK AiO Software
LTCM Client
Luxor
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
McAfee Security Scan Plus
Media Player
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
MixiDJ V44 Toolbar for IE
Modem Diagnostic Tool
Mozilla Firefox 25.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Musicnotes Player V1.32.2 and Viewer V1.19.0
Namco All-Stars PAC-MAN
Netwaiting
Network64
Norton Safe Web Lite
Norton Security Scan
ocr
OCR Software by I.R.I.S. 13.0
PC Tools Registry Mechanic 11.0
Penguins!
Plants vs. Zombies - Game of the Year
Poker Superstars III
Polar Bowler
Polar Golfer
PowerInbox
Premium Service Agreement
PreReq
Print Artist Photo Projects
PrintProjects
QualxServ Service Agreement
QuickBooks
QuickBooks Pro 2013
Quickset64
QuickTime
Realtek Ethernet Controller Driver
Realtek USB 2.0 Card Reader
Samantha Swift
SAMSUNG USB Driver for Mobile Phones
Scan
ScorpionSaver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shared C Run-time for x64
Shop for HP Supplies
Skype Click to Call
Skypeâ„¢ 6.9
SmartWebPrinting
Smilebox
Software Updater
SolutionCenter
Status
swMSM
SySaver
The Weather Channel App
Toolbox
TrayApp
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)
VisualBee for Microsoft PowerPoint
VitalSource Bookshelf
WebReg
Wedding Dash - Ready, Aim, Love!
WildTangent Games
WildTangent Games App (Dell Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Toolbar
Zuma Deluxe
.
==== End Of File ===========================
 

[flashh4]

Jraes .........

 

 

Open RogueKiller :     
* Quit all programs that you may have started.
* Please disconnect any USB or external drives from the computer before you run this scan!
* For Vista or Windows 7, right-click and select "Run as Administrator to start"
* For Windows XP, double-click to start.
* Wait until Prescan has finished ...
* Then Click on "Scan" button
* Wait until the Status box shows "Scan Finished"
* click on "delete"
* Wait until the Status box shows "Deleting Finished"
* Click on "Report" and copy/paste the content of the Notepad into your next reply.
* The log should be found in RKreport[1].txt on your Desktop
* Exit/Close RogueKiller

 

 

Post that log when done !!

 

Chuck

[jraes71]

RogueKiller V8.7.6 [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : jelli [Admin rights]
Mode : Remove -- Date : 11/10/2013 21:22:54
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[sUSP PATH] SmileboxTray.exe -- C:\Users\jelli\AppData\Roaming\Smilebox\SmileboxTray.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : SmileboxTray ("C:\Users\jelli\AppData\Roaming\Smilebox\SmileboxTray.exe" [7]) -> DELETED
[RUN][sUSP PATH] HKCU\[...]\Run : Updater (C:\ProgramData\Updater\updater.exe [x]) -> DELETED
[RUN][sUSP PATH] HKUS\S-1-5-21-920890388-3952254803-1851345295-1001\[...]\Run : SmileboxTray ("C:\Users\jelli\AppData\Roaming\Smilebox\SmileboxTray.exe" [7]) -> [0x2] The system cannot find the file specified.
[RUN][sUSP PATH] HKUS\S-1-5-21-920890388-3952254803-1851345295-1001\[...]\Run : Updater (C:\ProgramData\Updater\updater.exe [x]) -> [0x2] The system cannot find the file specified.
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> [0x2] The system cannot find the file specified.
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified.
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 5 ¤¤¤
[V1][sUSP PATH] Arcadesafari.job : C:\Users\jelli\AppData\Local\Arcadesafari\ArcadesafariUpdater.exe [-] -> DELETED
[V1][sUSP PATH] CandyUpdater.job : C:\Users\jelli\AppData\Local\ArcadeCandy\candyUpdater.exe [7] -> DELETED
[V2][sUSP PATH] Arcadesafari : C:\Users\jelli\AppData\Local\Arcadesafari\ArcadesafariUpdater.exe [-] -> DELETED
[V2][sUSP PATH] CandyUpdater : C:\Users\jelli\AppData\Local\ArcadeCandy\candyUpdater.exe [7] -> ERROR DELETING TASK
[V2][sUSP PATH] VisualBeeRecovery : C:\Users\jelli\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe - /s [x] -> DELETED

¤¤¤ Startup Entries : 0 ¤¤¤
 

[flashh4]

Good Jraes, very good !

 

Brb with another fix !

 

 

Chuck

[flashh4]

Jraes, on to the next step !

 

 

Go to add/remove uninstall these if present !!

Javaâ„¢ 6 Update 24 (64-bit)
Javaâ„¢ 6 Update 45
AVG SafeGuard toolbar and anything with AVG in it !!

============================

 

Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr  
 
If you already have a copy of OTL delete it and use this version.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList  

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post ! 

 

 

 

Thanks

Chuck
 

[jraes71]

OTL logfile created on: 11/10/2013 9:42:01 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\jelli\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.80 Gb Total Physical Memory | 1.23 Gb Available Physical Memory | 32.26% Memory free
7.61 Gb Paging File | 4.54 Gb Available in Paging File | 59.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.42 Gb Total Space | 446.59 Gb Free Space | 76.81% Space Free | Partition Type: NTFS
 
Computer Name: JELLI-PC | User Name: jelli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/11/10 21:40:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jelli\Downloads\OTL.com
PRC - [2013/11/06 15:02:53 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/11/01 15:29:06 | 029,769,432 | ---- | M] (Dropbox, Inc.) -- C:\Users\jelli\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/10/10 07:53:29 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
PRC - [2013/10/01 05:57:18 | 001,182,536 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2013/10/01 05:55:16 | 001,185,096 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE
PRC - [2013/10/01 04:42:44 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2013/08/14 11:56:52 | 013,103,104 | ---- | M] (The Weather Channel) -- C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe
PRC - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/15 14:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2013/03/07 21:32:38 | 000,248,240 | ---- | M] (Facebook) -- C:\Users\jelli\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
PRC - [2013/01/15 12:07:42 | 002,750,840 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
PRC - [2013/01/15 12:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
PRC - [2013/01/07 13:56:16 | 002,909,640 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Jing\Jing.exe
PRC - [2012/08/18 17:55:30 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2012/03/28 16:56:20 | 000,077,824 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
PRC - [2012/03/08 18:47:18 | 000,159,360 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2012/02/29 15:47:32 | 000,863,360 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
PRC - [2012/02/29 15:47:30 | 000,502,912 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
PRC - [2012/02/01 11:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
PRC - [2012/01/26 16:07:52 | 001,058,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
PRC - [2012/01/04 22:24:50 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012/01/04 22:24:50 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2011/09/06 10:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 08:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 08:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/01 10:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/02/25 20:54:00 | 000,046,592 | ---- | M] (AlcaTech) -- C:\Windows\SysWOW64\mmrtkrnl.exe
PRC - [2011/02/14 14:02:36 | 000,495,746 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2011/01/12 17:00:42 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/01/12 17:00:38 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/11/23 19:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.7\ccSvcHst.exe
PRC - [2010/07/02 02:10:28 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/07/02 02:10:24 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2007/08/25 00:03:20 | 000,185,664 | ---- | M] () -- C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 7.0\ReminderApp.exe
PRC - [2004/10/04 03:47:04 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
PRC - [2004/10/04 02:40:50 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/11/06 15:02:44 | 003,368,048 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/11/01 15:27:52 | 003,558,400 | ---- | M] () -- C:\Users\jelli\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/10/10 07:53:28 | 016,233,864 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
MOD - [2013/10/10 07:17:09 | 001,079,296 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\51ffeacb880d9c15fecc1c74f83e8973\System.IdentityModel.ni.dll
MOD - [2013/10/10 07:17:07 | 018,109,952 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\60608b811724b2711cb96817043c4dd8\System.ServiceModel.ni.dll
MOD - [2013/10/10 07:13:59 | 000,189,440 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\17e7f8ef847e92778b1bdd3886c268c9\System.Windows.Input.Manipulations.ni.dll
MOD - [2013/10/10 07:13:51 | 001,021,952 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\10ef07233e429503b5bc942aa6194fe8\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/10/10 07:13:51 | 000,393,216 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f58dc6b661c4fb91c68945da9b701135\System.Xml.Linq.ni.dll
MOD - [2013/10/10 07:13:50 | 002,659,328 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
MOD - [2013/10/10 07:13:26 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\46863d4abf7db3e009962abc8710c945\System.Runtime.Remoting.ni.dll
MOD - [2013/10/10 07:13:25 | 001,880,576 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\50ff73d7b2903b00d86f91eefa62d1c9\System.Deployment.ni.dll
MOD - [2013/10/10 07:09:54 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll
MOD - [2013/10/10 07:01:03 | 014,340,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013/10/10 07:00:49 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/10 07:00:42 | 012,238,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013/10/10 07:00:32 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/10/10 07:00:28 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/10/09 19:53:14 | 018,003,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\464a76a3fdc9ee7456cb4baaea3e503a\PresentationFramework.ni.dll
MOD - [2013/10/09 19:52:58 | 011,451,904 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b5b66869081b909d238fdea083cf3179\PresentationCore.ni.dll
MOD - [2013/10/09 19:52:51 | 013,199,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e40d894a772b2cff5ffd5a84ef20d2d4\System.Windows.Forms.ni.dll
MOD - [2013/10/09 19:52:47 | 007,070,720 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll
MOD - [2013/10/09 19:52:40 | 003,858,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0b37b2bafc33ef52282b9d7b217cabaf\WindowsBase.ni.dll
MOD - [2013/10/09 19:52:38 | 001,014,272 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll
MOD - [2013/10/01 05:56:22 | 000,141,640 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2013\QBMAPILibrary.dll
MOD - [2013/10/01 05:56:14 | 000,021,832 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2013\QBCompressor.DLL
MOD - [2013/10/01 05:55:56 | 000,042,824 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2013\mbpopup.dll
MOD - [2013/10/01 05:55:48 | 000,560,456 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2013\FeaturesBridge.DLL
MOD - [2013/10/01 05:55:48 | 000,415,560 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2013\FtuEngine.dll
MOD - [2013/10/01 05:55:30 | 000,176,968 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2013\boost_serialization-vc90-mt-p-1_33.dll
MOD - [2013/10/01 05:55:28 | 000,269,128 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2013\boost_regex-vc90-mt-p-1_33.dll
MOD - [2013/10/01 05:55:26 | 000,529,224 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2013\BackupLib.dll
MOD - [2013/10/01 04:56:24 | 000,128,328 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2013\QBProActiveCore.DLL
MOD - [2013/09/11 21:26:36 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2013/08/23 12:01:44 | 025,100,288 | ---- | M] () -- C:\Users\jelli\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/08/15 07:50:15 | 000,253,952 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\6a6925ae06bbe4b8e647e203597af47a\WindowsFormsIntegration.ni.dll
MOD - [2013/08/15 07:47:11 | 000,096,768 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\4b2e892995b8cdefb1e2cddb96f32736\UIAutomationProvider.ni.dll
MOD - [2013/08/15 07:46:55 | 000,143,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\af7d7a2e47e0ac57b4f0fe5e0c1cda9a\SMDiagnostics.ni.dll
MOD - [2013/08/15 07:46:47 | 001,801,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013/08/15 07:43:00 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6c1d55eed243331c944206f8608fb850\IAStorUtil.ni.dll
MOD - [2013/08/15 06:29:45 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/15 06:29:28 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/15 06:29:19 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/08/14 21:18:47 | 000,595,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\228b114c79c5d9024bdb4cc580e32c09\PresentationFramework.Aero.ni.dll
MOD - [2013/08/14 21:18:40 | 005,628,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013/08/14 21:18:34 | 001,667,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll
MOD - [2013/08/14 21:18:32 | 009,099,776 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013/07/11 13:09:47 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\571f0babf15ab38dc80829622caa99d3\IAStorCommon.ni.dll
MOD - [2013/07/11 12:03:51 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/07/11 12:02:36 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/07/11 10:06:21 | 000,196,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\cb5671235362c8e17b1a1f0b67bfc8d9\UIAutomationTypes.ni.dll
MOD - [2013/07/11 07:23:54 | 014,416,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013/03/07 21:32:40 | 021,014,960 | ---- | M] () -- C:\Users\jelli\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll
MOD - [2013/03/07 21:32:38 | 000,292,272 | ---- | M] () -- C:\Users\jelli\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll
MOD - [2013/03/07 21:32:38 | 000,179,632 | ---- | M] () -- C:\Users\jelli\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll
MOD - [2012/08/18 17:54:48 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Intuit\QuickBooks 2013\zlib1.dll
MOD - [2012/02/01 11:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
MOD - [2012/02/01 11:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
MOD - [2012/02/01 11:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/18 08:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2009/07/13 18:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2007/08/25 00:03:20 | 000,185,664 | ---- | M] () -- C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 7.0\ReminderApp.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013/09/06 09:32:06 | 000,288,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2013/08/12 13:11:04 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/08/12 13:11:04 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/05/10 13:00:00 | 000,608,864 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV:64bit: - [2011/05/27 12:06:16 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/09/22 16:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/03/03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2013/11/06 15:02:53 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/22 12:01:15 | 000,507,912 | ---- | M] () [Auto | Running] -- C:\windows\Installer\MSI38FB.tmp -- (Level Quality Watcher)
SRV - [2013/10/10 07:53:29 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/01 04:42:44 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/15 14:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2013/01/15 12:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2012/08/18 17:55:30 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2012/08/18 17:55:02 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2012/03/28 16:56:20 | 000,077,824 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2012/03/08 18:47:18 | 000,159,360 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2012/03/08 18:25:30 | 000,107,648 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/01/04 22:24:50 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2011/08/18 08:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/01/12 17:00:42 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/11/23 19:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.7\ccSvcHst.exe -- (NSL)
SRV - [2010/10/22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/08/25 18:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/07/02 02:10:28 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/07/02 02:10:24 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 11:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2004/10/04 03:47:04 | 000,098,304 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor)
SRV - [2004/10/04 02:40:50 | 000,118,784 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe -- (PhotoshopElementsDeviceConnect)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/10/10 14:19:43 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/06/18 20:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 07:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/21 20:43:02 | 002,808,832 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/03/08 18:34:06 | 000,030,848 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/27 12:06:16 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/05/13 03:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/05/13 02:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 02:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/05/13 02:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/31 20:35:12 | 000,355,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/03/25 19:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/20 09:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/01/12 15:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/29 15:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/15 02:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/03/19 01:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/26 17:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/18 04:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2006/11/01 10:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{58A31194-09D0-F4F1-ED58-09EA29129EB0}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=adkmsd&cd=2XzuyEtN2Y1L1QzutAzzyDzy0FzytDyE0CtA0EtAzzyC0DyEtN0D0Tzu0CyCyCtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu&cr=1990894807&ir=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{C8BFB880-B314-4F21-928E-C40C126E2791: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=adkmsd&cd=2XzuyEtN2Y1L1QzutAzzyDzy0FzytDyE0CtA0EtAzzyC0DyEtN0D0Tzu0CyCyCtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu&cr=1990894807&ir=
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{56AA9076-F01B-E7F5-FDE8-595510203E62}: "URL" = http://www.amazon.com/websearch/ref=bit_bds-amzn_serp_ie_us_display?ie=UTF8&tag=bds-amzn-serp-us-ie-20&tagbase=bds-amzn&tbrId=v1_abb-channel-15_3557ee0f114c4bf086bd9aa3fd7eaf82_15_15_20120516_US_ie_ds_W7&query={searchTerms}
IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{58A31194-09D0-F4F1-ED58-09EA29129EB0}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3299568&CUI=UN10252508861091313&UM=2
IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPT_enUS446
IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{C8BFB880-B314-4F21-928E-C40C126E2791}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3298580&CUI=UN38144912322218329&UM=2
IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028
IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z125&form=ZGAIDF&install_date=20111008&iesrc={referrer:source}
IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{EC23C1C8-47E1-22F0-FF5D-CD82BE4273C8}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z208&form=ZGAIDF&install_date=20111123&iesrc={referrer:source}
IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: support%40tubedimmerapp.com:2.6.43
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_45: C:\windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\jelli\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\jelli\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\jelli\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\jelli\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\jelli\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/08/21 09:41:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.7\coFFNST\ [2012/08/19 14:15:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2013/08/09 07:52:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/11/06 15:02:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/06 15:02:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/08/21 09:41:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles/rzazx41w.default\extensions\[email protected]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\jelli\AppData\Local\ArcadeCandy\[email protected]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/11/06 15:02:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/06 15:02:38 | 000,000,000 | ---D | M]
 
[2011/11/04 16:30:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jelli\AppData\Roaming\Mozilla\Extensions
[2013/10/24 09:31:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions
[2013/10/24 09:31:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\{90a1b331-c2b4-4933-9f63-ba7b84d60d58}
[2013/10/24 09:30:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\[email protected]
[2013/11/06 13:12:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\w0my9bij.default-1382630008201\extensions
[2013/10/24 11:21:55 | 000,000,000 | ---D | M] (Tube Dimmer) -- C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\w0my9bij.default-1382630008201\extensions\[email protected]
[2013/11/06 15:02:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/11/06 15:02:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/11/10 21:37:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}
[2013/11/06 15:02:10 | 000,000,000 | ---D | M] (SySaver) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/11/06 15:02:14 | 000,000,000 | ---D | M] (WordOv) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/11/06 15:02:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/06 15:02:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/03/18 11:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 11:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/09/28 17:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmccegemkphdolhcemhdfmbinbhagmcn\1.1_0\
CHR - Extension: No name found = C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.43_0\
CHR - Extension: No name found = C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\lenicmgjbmpgagkhghjmkikfoljdcbhi\4.0_0\
CHR - Extension: No name found = C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: No name found = C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnfegheljpcijmdgonkecjpcaopjlpac\1.30.455_0\
 
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120624185058.dll File not found
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2:64bit: - BHO: (PowerInbox) - {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\Program Files (x86)\PowerInbox\PowerInbox\PowerInboxBHO64.dll (PowerInbox Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (ScorpionSaver) - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\ScorpionSaver\IECore.dll ()
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120624185058.dll File not found
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (ArcadeCandy Games) - {AB6BD08C-DB6B-4F02-8A22-4BD343E990FF} - C:\Users\jelli\AppData\Local\ArcadeCandy\candyEX.dll (ArcadeCandy LLC)
O2 - BHO: (Querius Search Bar) - {edb8602e-fa77-4d58-ab9f-97ac1f6ee12f} - C:\Program Files (x86)\querius_001\querius_001X.dll File not found
O2 - BHO: (PowerInbox) - {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\Program Files (x86)\PowerInbox\PowerInbox\PowerInboxBHO.dll (PowerInbox Inc.)
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.7\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.7\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Querius Search Bar) - {edb8602e-fa77-4d58-ab9f-97ac1f6ee12f} - C:\Program Files (x86)\querius_001\querius_001X.dll File not found
O3:64bit: - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [Realtime Audio Engine] C:\windows\SysWow64\mmrtkrnl.exe (AlcaTech)
O4 - HKLM..\Run: [ReminderApp] C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 7.0\ReminderApp.exe ()
O4 - HKLM..\Run: [sSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [TaskTray]  File not found
O4 - HKU\.DEFAULT..\Run: [searchProtect] \SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-18..\Run: [searchProtect] \SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-920890388-3952254803-1851345295-1001..\Run: [DW7] C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe (The Weather Channel)
O4 - HKU\S-1-5-21-920890388-3952254803-1851345295-1001..\Run: [Facebook Update] C:\Users\jelli\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-920890388-3952254803-1851345295-1001..\Run: [Jing] C:\Program Files (x86)\TechSmith\Jing\Jing.exe (TechSmith Corporation)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKU\.DEFAULT..\RunOnce: [KodakHomeCenter] C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)
O4 - HKU\S-1-5-18..\RunOnce: [KodakHomeCenter] C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\jelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\jelli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\jelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\jelli\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.5.0\bin\NPJPI150.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://access.halliburton.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0618027E-F00E-44D4-9CDA-608B75FC2EDD}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\intu-help-qb6 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\intu-help-qb6 {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1b7f280f-eebb-11e0-973d-180373781f13}\Shell - "" = AutoRun
O33 - MountPoints2\{1b7f280f-eebb-11e0-973d-180373781f13}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{5ba9feed-46c3-11e1-a589-180373781f13}\Shell - "" = AutoRun
O33 - MountPoints2\{5ba9feed-46c3-11e1-a589-180373781f13}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{5c940b79-e303-11e0-8ba8-180373781f13}\Shell - "" = AutoRun
O33 - MountPoints2\{5c940b79-e303-11e0-8ba8-180373781f13}\Shell\AutoRun\command - "" = F:\ToolLauncher-Bootstrap.exe
O33 - MountPoints2\{7e2a1027-7cee-11e1-a796-180373781f13}\Shell - "" = AutoRun
O33 - MountPoints2\{7e2a1027-7cee-11e1-a796-180373781f13}\Shell\AutoRun\command - "" = F:\ToolLauncher-Bootstrap.exe
O33 - MountPoints2\{f0c76af4-d87c-11e0-a58a-180373781f13}\Shell - "" = AutoRun
O33 - MountPoints2\{f0c76af4-d87c-11e0-a58a-180373781f13}\Shell\AutoRun\command - "" = E:\LaunchU3.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/11/10 20:54:39 | 000,000,000 | ---D | C] -- C:\Users\jelli\Desktop\RK_Quarantine
[2013/11/10 19:00:07 | 000,000,000 | ---D | C] -- C:\Users\jelli\AppData\Roaming\Registry Mechanic
[2013/11/10 18:45:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/06 15:02:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/10/30 20:14:46 | 000,000,000 | ---D | C] -- C:\Users\jelli\Documents\Intro Curriculum
[2013/10/29 11:49:36 | 000,000,000 | ---D | C] -- C:\Users\jelli\Documents\Shooting Star Academy Assessment
[2013/10/27 19:26:08 | 000,000,000 | ---D | C] -- C:\Users\jelli\AppData\Local\{799EF2A0-3AE8-4492-80C4-72B0608F6F24}
[2013/10/24 18:15:16 | 000,000,000 | ---D | C] -- C:\Users\jelli\AppData\Local\assembly
[2013/10/24 08:53:33 | 000,000,000 | ---D | C] -- C:\Users\jelli\Desktop\Old Firefox Data
[2013/10/24 08:31:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/10/24 08:31:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/10/24 08:31:22 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RdpGroupPolicyExtension.dll
[2013/10/24 08:31:18 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rdpvideominiport.sys
[2013/10/24 08:31:17 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\TsUsbGD.sys
[2013/10/24 08:31:16 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\TsUsbFlt.sys
[2013/10/24 08:31:12 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2013/10/24 08:31:12 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbGDCoInstaller.dll
[2013/10/24 08:31:12 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wksprtPS.dll
[2013/10/24 08:31:11 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2013/10/24 08:31:11 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpendp_winip.dll
[2013/10/24 08:31:11 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MsRdpWebAccess.dll
[2013/10/24 08:31:11 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2013/10/24 08:31:11 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wksprtPS.dll
[2013/10/24 08:31:10 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2013/10/24 08:31:10 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpudd.dll
[2013/10/24 08:31:10 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWbPrxy.exe
[2013/10/24 08:31:10 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsRdpWebAccess.dll
[2013/10/24 08:31:09 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpendp_winip.dll
[2013/10/24 08:31:08 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2013/10/24 08:31:08 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wksprt.exe
[2013/10/24 08:31:07 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
[2013/10/24 08:31:07 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2013/10/24 08:31:06 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2013/10/24 08:31:06 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2013/10/24 07:42:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013/10/24 07:41:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/10/24 07:39:24 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2013/10/22 14:32:32 | 000,000,000 | ---D | C] -- C:\Users\jelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SySaver
[2013/10/22 12:14:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater
[2013/10/22 12:14:14 | 000,000,000 | ---D | C] -- C:\ProgramData\RHelpers
[2013/10/22 12:04:25 | 000,000,000 | ---D | C] -- C:\Users\jelli\AppData\Local\SySaver
[2013/10/22 12:01:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScorpionSaver
[2013/10/22 12:01:20 | 000,000,000 | ---D | C] -- C:\temp
[2013/10/22 11:56:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Player Pro
[2013/10/22 11:56:11 | 000,000,000 | ---D | C] -- C:\Users\jelli\Documents\Flash Player Pro
[2013/10/22 11:56:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flash Player Pro
[2013/10/19 14:32:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013/10/19 14:32:49 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2013/10/19 10:32:21 | 000,000,000 | ---D | C] -- C:\Users\jelli\AppData\Roaming\Roxio Log Files
[2013/10/18 14:23:51 | 000,000,000 | ---D | C] -- C:\Users\jelli\AppData\Local\WordOv
[2013/10/18 14:23:40 | 000,000,000 | ---D | C] -- C:\Users\jelli\AppData\Local\VisualBeeClient
[2013/10/18 11:16:21 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2013/10/18 11:16:21 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys
[3 C:\Users\jelli\AppData\Local\*.tmp files -> C:\Users\jelli\AppData\Local\*.tmp -> ]
[1 C:\Users\jelli\Documents\*.tmp files -> C:\Users\jelli\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/11/10 21:23:00 | 000,000,318 | ---- | M] () -- C:\windows\tasks\PrintProjects Communicator.job
[2013/11/10 21:14:00 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-920890388-3952254803-1851345295-1001UA.job
[2013/11/10 21:04:02 | 000,000,896 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/10 20:51:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/11/10 20:22:46 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/10 20:22:46 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/10 20:13:03 | 000,000,892 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/10 20:12:02 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/11/10 20:11:52 | 3062,902,784 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/10 19:42:04 | 000,000,928 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-920890388-3952254803-1851345295-1001UA.job
[2013/11/10 19:05:59 | 000,001,129 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/10 19:00:14 | 000,000,286 | ---- | M] () -- C:\windows\tasks\RMSchedule.job
[2013/11/10 18:00:00 | 000,000,492 | ---- | M] () -- C:\windows\tasks\SpeedyPC Registration3.job
[2013/11/10 17:19:59 | 304,273,246 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013/11/10 11:14:00 | 000,000,856 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-920890388-3952254803-1851345295-1001Core.job
[2013/11/08 08:30:38 | 000,000,906 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-920890388-3952254803-1851345295-1001Core.job
[2013/11/08 08:20:10 | 000,783,354 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/11/08 08:20:10 | 000,663,472 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/11/08 08:20:10 | 000,122,308 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/11/08 08:17:33 | 000,000,464 | ---- | M] () -- C:\windows\tasks\SpeedyPC Update Version3.job
[2013/11/06 13:18:06 | 002,303,858 | ---- | M] () -- C:\Users\jelli\Documents\pub15 tax guide.pdf
[2013/11/04 06:14:08 | 000,000,452 | -H-- | M] () -- C:\windows\tasks\Norton Security Scan for jelli.job
[2013/11/03 15:50:51 | 000,001,053 | ---- | M] () -- C:\Users\jelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/11/03 15:50:15 | 000,001,021 | ---- | M] () -- C:\Users\jelli\Desktop\Dropbox.lnk
[2013/10/30 18:27:59 | 001,079,038 | ---- | M] () -- C:\Users\jelli\Documents\Standards_2003_Early_Childhood_Readiness.pdf
[2013/10/25 02:03:04 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[2013/10/24 05:15:53 | 000,600,272 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/10/22 11:56:15 | 000,001,121 | ---- | M] () -- C:\Users\jelli\Desktop\Flash Player Pro.lnk
[2013/10/22 11:15:49 | 000,000,420 | ---- | M] () -- C:\windows\tasks\SpeedyPC Pro.job
[2013/10/19 14:32:55 | 000,001,941 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/10/19 14:32:55 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013/10/18 19:07:49 | 000,002,368 | ---- | M] () -- C:\Users\jelli\Desktop\Google Chrome.lnk
[2013/10/15 11:32:19 | 000,000,090 | ---- | M] () -- C:\windows\QBChanUtil_Trigger.ini
[3 C:\Users\jelli\AppData\Local\*.tmp files -> C:\Users\jelli\AppData\Local\*.tmp -> ]
[1 C:\Users\jelli\Documents\*.tmp files -> C:\Users\jelli\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/11/06 13:17:59 | 002,303,858 | ---- | C] () -- C:\Users\jelli\Documents\pub15 tax guide.pdf
[2013/10/30 18:27:59 | 001,079,038 | ---- | C] () -- C:\Users\jelli\Documents\Standards_2003_Early_Childhood_Readiness.pdf
[2013/10/24 08:29:42 | 000,001,945 | ---- | C] () -- C:\windows\epplauncher.mif
[2013/10/24 07:43:24 | 000,002,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/10/22 11:56:15 | 000,001,121 | ---- | C] () -- C:\Users\jelli\Desktop\Flash Player Pro.lnk
[2013/10/10 14:20:32 | 000,003,726 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2013/07/08 09:56:56 | 000,000,090 | ---- | C] () -- C:\windows\QBChanUtil_Trigger.ini
[2013/06/24 11:03:14 | 000,205,192 | ---- | C] () -- C:\windows\hpwins26.dat
[2012/07/05 20:47:06 | 004,489,216 | ---- | C] () -- C:\Users\jelli\s-1-5-21-920890388-3952254803-1851345295-1001.rrr
[2012/04/17 16:01:03 | 000,000,209 | ---- | C] () -- C:\windows\ODBCINST.INI
[2011/11/23 13:53:09 | 000,002,217 | ---- | C] () -- C:\ProgramData\repository.xml
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012/07/23 13:43:16 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Temp
[2012/07/23 13:43:16 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Temp
[2012/05/16 14:42:48 | 000,000,000 | ---D | M] -- C:\Users\jelli\AppData\Roaming\AlcaTech
[2013/11/10 20:17:30 | 000,000,000 | ---D | M] -- C:\Users\jelli\AppData\Roaming\Dropbox
[2013/08/08 08:13:35 | 000,000,000 | ---D | M] -- C:\Users\jelli\AppData\Roaming\Epson
[2012/02/24 07:34:55 | 000,000,000 | ---D | M] -- C:\Users\jelli\AppData\Roaming\Fingertapps
[2012/05/16 15:55:14 | 000,000,000 | ---D | M] -- C:\Users\jelli\AppData\Roaming\Free Audio Editor
[2011/09/03 11:58:50 | 000,000,000 | ---D | M] -- C:\Users\jelli\AppData\Roaming\IDT
[2012/12/27 09:54:54 | 000,000,000 | ---D | M] -- C:\Users\jelli\AppData\Roaming\Juniper Networks
[2013/08/09 20:29:02 | 000,000,000 | ---D | M] -- C:\Users\jelli\AppData\Roaming\Leader Technologies
[2013/07/29 12:51:37 | 000,000,000 | ---D | M] -- C:\Users\jelli\AppData\Roaming\Musicnotes
[2012/01/23 06:39:13 | 000,000,000 | ---D | M] -- C:\Users\jelli\AppData\Roaming\Product_RM
[2013/11/10 19:00:07 | 000,000,000 | ---D | M] -- C:\Users\jelli\AppData\Roaming\Registry Mechanic
[2013/11/03 13:54:16 | 000,000,000 | ---D | M] -- C:\Users\jelli\AppData\Roaming\Smilebox
[2012/02/26 19:05:05 | 000,000,000 | ---D | M] -- C:\Users\jelli\AppData\Roaming\Temp
[2012/02/27 07:09:03 | 000,000,000 | ---D | M] -- C:\Users\jelli\AppData\Roaming\Visan
[2012/09/21 11:55:38 | 000,000,000 | ---D | M] -- C:\Users\jelli\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:D346F792
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >

[jraes71]

OTL Extras logfile created on: 11/10/2013 9:42:01 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\jelli\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.80 Gb Total Physical Memory | 1.23 Gb Available Physical Memory | 32.26% Memory free
7.61 Gb Paging File | 4.54 Gb Available in Paging File | 59.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.42 Gb Total Space | 446.59 Gb Free Space | 76.81% Space Free | Partition Type: NTFS
 
Computer Name: JELLI-PC | User Name: jelli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-920890388-3952254803-1851345295-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0011CC71-25EB-4733-9EE7-D104C64A285C}" = lport=138 | protocol=17 | dir=in | app=system |
"{0FE96216-B6C2-41C9-9E99-15F333023A24}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1194F7DD-8401-4EE1-BA7E-E756181C2B33}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1555ACE5-0C11-41CE-8ADC-080E4A1160B6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{17AE427A-DB32-48B0-AE4B-3DDD73D2218F}" = rport=445 | protocol=6 | dir=out | app=system |
"{17C1F239-7762-4D86-BA55-8516F7604194}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1EAEC28A-E3C4-4629-9170-0CC543EACA85}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{2954753C-AB88-418E-99A1-86D17AF72B7D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{3120B342-A7DC-4D66-8C38-DB309B0C149D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{3A429792-36B7-4477-AD69-55CBFD151CC5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4306A162-98F1-40CC-9D4A-CCAB6E683254}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{501BB473-5E4D-47C1-8E98-092DBBC4F763}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56F58FBA-0464-4AA2-A1E9-9D3B8D7526FD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6DD70841-AB6E-4762-B6D8-1D49EE43D3AF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{73A38199-247A-4682-9391-E45F5D709E9D}" = rport=139 | protocol=6 | dir=out | app=system |
"{7E69C9C1-C1C5-4A2A-8CC1-A0D619E54ADF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{828263EB-DEFB-41EB-941D-A28CE4A32D7B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{935D826D-11EA-4B20-BD42-AE4344405B9D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{940C5F28-A4E0-42EC-AA55-4CDDC2ECFD31}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{95F77BD5-CD13-4509-B61F-60271FC6CB05}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{9DEF80DA-C1F3-4EC7-B20B-54562578A9DE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{A59DEFE7-4C2E-4388-852D-552C34467BB2}" = lport=137 | protocol=17 | dir=in | app=system |
"{BD7C102C-6267-4B89-8AD8-ED4247BDD647}" = rport=137 | protocol=17 | dir=out | app=system |
"{C7C1ED2B-F394-46C7-A28A-5BEDCB3660A5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C8A3A40F-98DD-4812-AD61-07FACE2E5218}" = lport=445 | protocol=6 | dir=in | app=system |
"{CFADAD73-400B-46F2-A9CF-4556148746FA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D76086E0-78CA-4A02-B840-A4BE30ED5CC5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DB0FC44C-323F-47D4-A59D-F5EDEB1AB599}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{DEEE6DE5-BA8E-4985-89B4-FA5E3F40695D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EC5DFD3D-0A52-472A-8163-7DDD8B262A98}" = rport=138 | protocol=17 | dir=out | app=system |
"{F879BEDC-4249-4019-A726-98894DB9E062}" = lport=139 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0207C0F6-3FF8-4404-95B9-790B45BC4174}" = protocol=1 | dir=in | [email protected],-28543 |
"{0374B80F-47A9-40B3-B22A-58F2711D7C7A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{054EFB32-D035-40D8-88A5-26E5072609C2}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe |
"{069E89DF-2EC5-4389-8348-DBB29F50DED4}" = protocol=6 | dir=in | app=c:\users\jelli\appdata\roaming\dropbox\bin\dropbox.exe |
"{105B9039-380E-446F-9777-1A0CA0F0F9B4}" = protocol=6 | dir=in | app=c:\users\jelli\appdata\local\temp\7zs6047\hpdiagnosticcoreui.exe |
"{120AC707-DDE3-4731-A2E1-C54A725ED6D4}" = protocol=17 | dir=in | app=c:\users\jelli\appdata\local\temp\7zs6b39\hpdiagnosticcoreui.exe |
"{17EFCC9E-73B2-4FE6-B649-5CD4703C259C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{1A1B6332-E746-4E6F-B0DD-61FFAABC135B}" = protocol=17 | dir=in | app=c:\users\jelli\appdata\local\temp\7zs6047\hpdiagnosticcoreui.exe |
"{236DAEC7-8090-41B0-9554-C393D6FEB0BF}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |
"{23A7408B-1366-47CC-AE98-BED3DB186118}" = protocol=1 | dir=out | [email protected],-28544 |
"{2403E100-E9A6-407F-BF7C-9DF72ED1ACBB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{2BACA521-A1DA-4F18-90E5-E5A3E29EC341}" = protocol=6 | dir=out | app=system |
"{2C83BD25-27CA-42D3-B709-75D517E2AAE4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{31D7D073-6E4F-43AE-8205-A63392E5846C}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{437725CC-3303-49B9-BAC8-53F44C4F9CC9}" = protocol=17 | dir=in | app=d:\common\epsonnet setup\eneasyapp.exe |
"{4685D5EF-2B44-4DDA-94C6-DF23640087F0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{4A6A855F-D578-4A56-A1B3-0FFF1316BC1E}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |
"{51C498FC-3CF3-4DAE-91E6-3768A980A30F}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe |
"{569B10CF-6517-4C25-BFEA-6D08052F4306}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe |
"{587AEEFD-58D1-487A-819C-858FE052D19B}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe |
"{5B9E5E74-9E3F-47C5-8815-8C9969921CCF}" = protocol=58 | dir=out | [email protected],-28546 |
"{60E141A1-4831-41EC-B6D0-AFB5230DE359}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{614A086F-D163-41D6-A147-BAEAD7D94FED}" = protocol=58 | dir=in | [email protected],-28545 |
"{62CA1D06-13E6-45BB-859C-31B984EE8153}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65115D00-1176-4596-9FF7-CF87EEA6281E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{6904BF28-4F06-435E-9402-104D1D347AFC}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{6C307DB1-37CC-42CB-8A68-C394E78A2925}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6D845455-3739-4106-96F9-6C2F888EDCA0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{710E3578-476B-45AD-B622-DFBE22185E89}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{76BE4C56-4AAF-4069-BACD-C1E7AD7FFDBD}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe |
"{7932E544-B206-49B2-8500-C399AEE1FEA4}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |
"{79BF2FB8-54BD-4FDF-BDAB-2210BBDFE795}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{7DB5C4D1-1AF5-4052-BF7F-674A996D7A32}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{807D088C-7AEB-456A-A449-10FEE2EF703A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{80B2BA63-269F-4633-9E3F-9A546BD63903}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{80F8835B-52BB-464C-98F3-FCD8BD40E3ED}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{84C4FA7B-B785-40C8-9962-3DBBA0F4B2A7}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe |
"{85F65D26-26A1-4F95-B577-E6837CFEFEAD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8687E239-3BC6-46F0-B29A-5F1D07D95254}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{882467FC-A959-49DB-9AD9-E2D6AD8D6F2C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8860C4FA-F16B-490E-8993-D71CB06D0D1F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8C5FA93F-7E7D-4746-83D0-54E509C06E74}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{8E0E2D05-A71C-4793-9EEF-5E7B31A057C4}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"{91F16ECB-833D-438B-8186-EAC3ECC4D0C3}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |
"{934B61C1-B3F2-4568-B07F-C367C7C3BE7B}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe |
"{967236B7-066C-476E-AB13-F36852435B99}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{981512E3-01E9-4A29-84D0-24DC5FD022C8}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe |
"{9B1DB401-9324-4083-8653-663D881C0439}" = protocol=6 | dir=in | app=d:\common\epsonnet setup\eneasyapp.exe |
"{9E151802-9C13-486C-9BBF-516D4B6B51C2}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{9F9EABBC-A116-45FB-AF57-4C036480FBB3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{A1E2D3EA-A4CA-4D28-8F8A-29905AA7065D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A3F9332C-F2C9-499C-966C-11D7CB9AB0F7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{A6F4182C-243E-4E5D-A14E-737B5CC5FFCA}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe |
"{AA1BE45C-D8D7-4441-836F-6A03E4248903}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{AB918970-E099-4772-8FD4-79663A4A1802}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ABFEFFD7-184A-47C3-AD2F-BBDC3734F877}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{AE2FFADF-A587-4D0C-B026-77F6C0C37E2F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{AF2712ED-E669-4106-9373-2F4486C3800B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B1FF40CC-21D9-4907-AC8F-36FA9CAC7B86}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{B52E3D48-7BC5-4F72-9CCF-A7EEF39286AC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{B5A267D5-7624-4989-BFFE-54FF50C7B522}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B6F1DC52-8507-4E3F-A0D2-CAF11C96D2B5}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{B8609649-728C-41C7-A34E-A61320F21A38}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe |
"{BFE729BD-37EE-4E6A-B61B-142F31C7448F}" = protocol=17 | dir=in | app=c:\users\jelli\appdata\roaming\dropbox\bin\dropbox.exe |
"{C1AF6FF5-8DF3-4FE8-8BA8-0A337C556760}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{C22DDCF8-C6F3-44B6-9EF0-7DE78E1A28A7}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C498F287-DB6E-448F-BDF8-4541BD7FA0B5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C69AE049-63D6-4568-A791-33F085128852}" = protocol=6 | dir=in | app=c:\users\jelli\appdata\local\temp\7zs6b39\hpdiagnosticcoreui.exe |
"{C6E01718-4514-4864-9FA7-0CBDF1E7A25A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D4F8221C-53BA-4809-ADF7-16724DFB7844}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{D5F935C3-1FA7-4BAB-91AE-F477517262E3}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{D8FAF362-ECA3-4BC0-A2D9-199F551ED5E8}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{D97F0A39-4090-4402-AC0D-FA23193B96FF}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |
"{E06C3AAF-FD90-4306-A4C0-9AF8736D7912}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E5083AA1-8D85-4355-AA01-EDD85638AD3B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E6743D1D-CB05-45D6-9D78-FAE68E496521}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{E7DE26A0-6DC8-4361-9564-14A48DBCDABD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{E8C3104B-EB3B-4DFB-AE24-F8C1550DC8B2}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |
"{EB0AB61B-20A1-4812-8509-40673AD9194E}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{ECA8BFD9-1441-4AB6-84DD-A6086A4E50E3}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"{EDA52CF5-85DD-4049-884B-D36866CC7112}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F1470A26-7C29-40AE-A91C-2F41A7988562}" = dir=in | app=c:\users\jelli\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{F19DA9DA-9876-45E0-A02B-484FCD7FC723}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F20BC4CB-94BD-4FBE-90F5-FEFDC3C36173}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |
"{F351A75D-FB68-43A0-9DB6-4F0A64981129}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |
"{F52C85B6-A792-4981-9B09-F22A7422AC9E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FCE60936-82BF-4473-B669-95BC3916E9DC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"TCP Query User{6F4CFCC2-A489-41F6-B1BD-DE2515E54F73}C:\users\jelli\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\jelli\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{8FF79A31-FFCB-4685-8EE5-21515CD5313D}C:\program files (x86)\downloadmanager\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\downloadmanager\jre\bin\javaw.exe |
"TCP Query User{EB2B19EB-29EE-41F4-9154-96BED42C0578}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{3F77D36A-C588-4975-8CA1-13B047F1B19D}C:\users\jelli\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\jelli\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{62757850-DCB8-4596-AD1A-6D7C5C16F67B}C:\program files (x86)\downloadmanager\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\downloadmanager\jre\bin\javaw.exe |
"UDP Query User{E1DC2B3B-C824-473D-B20B-4D7488EB4E28}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0335701D-8E28-4A7F-B0EF-312974755BB2}" = Modem Diagnostic Tool
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D26D58C-3464-4C03-BB61-5695F984EFEF}" = Microsoft Security Client
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E5083D57-D93F-404C-A91F-1C50D67C2BEB}" = HP Officejet 4500 G510g-m
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CutePDF Writer Installation" = CutePDF Writer 3.0
"Dell Support Center" = Dell Support Center
"EPSON WF-2540 Series" = EPSON WF-2540 Series Printer Uninstall
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Shop for HP Supplies" = Shop for HP Supplies
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0D98F04D-11A1-4B64-A406-43292B9EEE90}" = Dell PhotoStage
"{0ECFCB07-9BFE-4970-ACA1-D568D982760B}" = Complete Care Business Service Agreement
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22800204-9E53-45C7-B6F3-5BB0F1C1A147}" = Jing
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{273E1F1A-7B1A-436C-A783-A4A8C97AD036}" = ScorpionSaver
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell WLAN and Bluetooth Client Installation
"{28379381-B56A-43e1-B505-3098D82B1C30}" = 4500G510gm_Software_Min
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}" = Cozi
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3167CC62-C775-4E47-92C1-73EBB845751A}" = QuickBooks
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C631966-387E-4054-85D9-BBFFABE32BD8}" = QuickBooks Pro 2013
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Netwaiting
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44F72193-F59C-4303-BAE8-E3E4BC1C122C}" = Epson Event Manager
"{451517F1-7E41-400B-AA36-FB7E2563526D}" = Dell Wireless Driver Installation
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skypeâ„¢ 6.9
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{55D6B4DA-50E9-47AF-99C1-9A8E3A234763}" = Greeting Card Factory Deluxe 7.0
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59716973-C123-4B46-B44B-36FCD9CEB8A3}" = Print Artist Photo Projects
"{5C611A82-13AF-4F32-A37E-BF81573A8065}" = PowerInbox
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{695C8469-7822-4B31-A673-5ED84815B649}" = Epson E-Web Print
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell" = WildTangent Games App (Dell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B3A525D-9D3D-4618-AE52-A31DE98C8AC3}" = Software Updater
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{851C67EF-068A-4060-9EF5-2E3DDCD68382}" = Adobe Photoshop Elements 3.0
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualxServ Service Agreement
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCB8F6D-33FC-4E79-8616-7BE5DF32A955}" = BPM-Studio 4 Demo
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{ACBF0550-A317-4C22-AC93-0DDB73087412}" = VitalSource Bookshelf
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF4D3C63-009B-4A17-B02E-D395065DD3F0}" = Dell Stage Remote
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}" = EPSON Printer Finder
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE0D4271-69C9-4f28-AD9B-BB33D126A30E}" = 4500G510gm
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}" = Premium Service Agreement
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF0B357C-5874-47D0-81E7-79AA890B0CE0}" = 4500_G510gm_Help
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}" = Accidental Damage Services Agreement
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F336F89D-8C5A-432C-8EA9-DA19377AD591}" = Dell MusicStage
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE182796-F6BA-486A-8590-89B7E8D1D60F}" = Dell Stage
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"DealCabby" = DealCabby
"Dell Webcam Central" = Dell Webcam Central
"Driver Performer_is1" = Driver Performer
"EPSON Connect_is1" = EPSON Connect version 1.0
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"Flash Player Pro_is1" = Flash Player Pro V5.4
"Free Audio Editor" = Free Audio Editor
"IECT3298580" = MixiDJ V44 Toolbar for IE
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"LTCM Client" = LTCM Client
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 25.0 (x86 en-US)" = Mozilla Firefox 25.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Musicnotes Player_is1" = Musicnotes Player V1.32.2 and Viewer V1.19.0
"NSS" = Norton Security Scan
"NST" = Norton Safe Web Lite
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PrintProjects" = PrintProjects
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0
"The Weather Channel App" = The Weather Channel App
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WT089409" = Bejeweled 2 Deluxe
"WT089410" = Blackhawk Striker 2
"WT089411" = Build-a-lot 2
"WT089412" = Cake Mania
"WT089413" = Chuzzle Deluxe
"WT089414" = Diner Dash 2 Restaurant Rescue
"WT089415" = Dora's World Adventure
"WT089418" = FATE
"WT089420" = Jewel Quest
"WT089422" = Jewel Quest Solitaire 2
"WT089426" = Poker Superstars III
"WT089430" = Virtual Villagers 4 - The Tree of Life
"WT089433" = Polar Golfer
"WT089434" = Escape Whisper Valley
"WT089440" = Namco All-Stars PAC-MAN
"WT089443" = Bounce Symphony
"WT089444" = Final Drive Nitro
"WT089445" = Penguins!
"WT089446" = Wedding Dash - Ready, Aim, Love!
"WT089448" = Zuma Deluxe
"WT089450" = Farm Frenzy
"WT089452" = Plants vs. Zombies - Game of the Year
"WT089499" = Final Drive Fury
"WT089503" = Samantha Swift
"WT089507" = Luxor
"WT089508" = Polar Bowler
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-920890388-3952254803-1851345295-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{6A2EF989-A524-48bf-985F-9D076B334980}" = ArcadeCandy
"Arcadesafari" = Arcadesafari
"bd4d3a0508d364f5" = Dell Driver Download Manager
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Media Player" = Media Player
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"Smilebox" = Smilebox
"SySaver" = SySaver
"UpdaterEX" = Extended Update
"VisualBee for Microsoft PowerPoint" = VisualBee for Microsoft PowerPoint
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 11/10/2013 12:38:31 PM | Computer Name = jelli-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 11/10/2013 8:20:46 PM | Computer Name = JELLI-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 192.168.1.135:5353   18 135.1.168.192.in-addr.arpa.
 PTR jelli-PC-2.local.
 
Error - 11/10/2013 8:20:46 PM | Computer Name = JELLI-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Unexpected conflict discarding   16 135.1.168.192.in-addr.arpa.
 PTR jelli-PC.local.
 
Error - 11/10/2013 8:22:08 PM | Computer Name = jelli-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 11/10/2013 9:55:13 PM | Computer Name = jelli-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 11/10/2013 11:12:27 PM | Computer Name = jelli-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 192.168.1.135:5353   18 135.1.168.192.in-addr.arpa.
 PTR jelli-PC-2.local.
 
Error - 11/10/2013 11:12:27 PM | Computer Name = jelli-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Unexpected conflict discarding   16 135.1.168.192.in-addr.arpa.
 PTR jelli-PC.local.
 
Error - 11/10/2013 11:13:46 PM | Computer Name = jelli-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 11/10/2013 11:24:39 PM | Computer Name = jelli-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
 Express\CoziExpress.exe".Error in manifest or policy file "" on line .  A component
 version required by the application conflicts with another component version already
 active.  Conflicting components are:.  Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 11/10/2013 11:24:39 PM | Computer Name = jelli-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
 Express\CoziExpress.exe".Error in manifest or policy file "" on line .  A component
 version required by the application conflicts with another component version already
 active.  Conflicting components are:.  Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
[ Dell Events ]
Error - 9/3/2011 12:52:52 AM | Computer Name = jelli-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
Error - 9/3/2011 12:52:52 AM | Computer Name = jelli-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
Error - 9/5/2011 11:40:33 PM | Computer Name = jelli-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
Error - 9/5/2011 11:40:33 PM | Computer Name = jelli-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
Error - 9/18/2011 7:24:00 PM | Computer Name = jelli-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
Error - 9/18/2011 7:24:00 PM | Computer Name = jelli-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
Error - 9/25/2011 9:17:19 PM | Computer Name = jelli-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
Error - 9/25/2011 9:17:19 PM | Computer Name = jelli-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
Error - 10/23/2011 8:58:56 PM | Computer Name = jelli-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
Error - 10/23/2011 8:58:56 PM | Computer Name = jelli-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
[ Media Center Events ]
Error - 8/24/2013 7:50:57 PM | Computer Name = jelli-PC | Source = MCUpdate | ID = 0
Description = 5:50:57 PM - Error connecting to the internet.  5:50:57 PM -     Unable
 to contact server..  
 
Error - 8/24/2013 7:51:08 PM | Computer Name = jelli-PC | Source = MCUpdate | ID = 0
Description = 5:51:02 PM - Error connecting to the internet.  5:51:02 PM -     Unable
 to contact server..  
 
Error - 8/24/2013 8:55:01 PM | Computer Name = jelli-PC | Source = MCUpdate | ID = 0
Description = 6:55:00 PM - Error connecting to the internet.  6:55:00 PM -     Unable
 to contact server..  
 
Error - 8/24/2013 8:55:20 PM | Computer Name = jelli-PC | Source = MCUpdate | ID = 0
Description = 6:55:06 PM - Error connecting to the internet.  6:55:06 PM -     Unable
 to contact server..  
 
Error - 8/24/2013 9:55:24 PM | Computer Name = jelli-PC | Source = MCUpdate | ID = 0
Description = 7:55:24 PM - Error connecting to the internet.  7:55:24 PM -     Unable
 to contact server..  
 
Error - 8/24/2013 9:55:31 PM | Computer Name = jelli-PC | Source = MCUpdate | ID = 0
Description = 7:55:29 PM - Error connecting to the internet.  7:55:29 PM -     Unable
 to contact server..  
 
Error - 9/20/2013 10:39:30 AM | Computer Name = jelli-PC | Source = MCUpdate | ID = 0
Description = 8:39:30 AM - Error connecting to the internet.  8:39:30 AM -     Unable
 to contact server..  
 
Error - 9/20/2013 10:39:49 AM | Computer Name = jelli-PC | Source = MCUpdate | ID = 0
Description = 8:39:36 AM - Error connecting to the internet.  8:39:36 AM -     Unable
 to contact server..  
 
Error - 11/7/2013 10:59:36 AM | Computer Name = jelli-PC | Source = MCUpdate | ID = 0
Description = 7:59:36 AM - Error connecting to the internet.  7:59:36 AM -     Unable
 to contact server..  
 
Error - 11/7/2013 10:59:58 AM | Computer Name = jelli-PC | Source = MCUpdate | ID = 0
Description = 7:59:42 AM - Error connecting to the internet.  7:59:42 AM -     Unable
 to contact server..  
 
[ System Events ]
Error - 11/10/2013 11:15:39 PM | Computer Name = jelli-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
 Protocol service which failed to start because of the following error:   %%-2140993535
 
Error - 11/10/2013 11:16:29 PM | Computer Name = jelli-PC | Source = Service Control Manager | ID = 7001
Description = The Windows Image Acquisition (WIA) service depends on the Shell Hardware
 Detection service which failed to start because of the following error:   %%1058
 
Error - 11/10/2013 11:16:29 PM | Computer Name = jelli-PC | Source = DCOM | ID = 10005
Description =
 
Error - 11/10/2013 11:16:30 PM | Computer Name = jelli-PC | Source = Service Control Manager | ID = 7001
Description = The Windows Image Acquisition (WIA) service depends on the Shell Hardware
 Detection service which failed to start because of the following error:   %%1058
 
Error - 11/10/2013 11:41:58 PM | Computer Name = jelli-PC | Source = PNRPSvc | ID = 102
Description =
 
Error - 11/10/2013 11:41:58 PM | Computer Name = jelli-PC | Source = PNRPSvc | ID = 102
Description =
 
Error - 11/10/2013 11:41:58 PM | Computer Name = jelli-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
 error:   %%-2140993535
 
Error - 11/10/2013 11:41:58 PM | Computer Name = jelli-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
 Protocol service which failed to start because of the following error:   %%-2140993535
 
Error - 11/10/2013 11:41:58 PM | Computer Name = jelli-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
 error:   %%-2140993535
 
Error - 11/10/2013 11:41:58 PM | Computer Name = jelli-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
 Protocol service which failed to start because of the following error:   %%-2140993535
 
 
< End of report >
 

[jraes71]

I hope you got these...chat with you in the morning to get this finished up. You have been great help thus far!! :-)

[flashh4]

Thanks Jraes, on with some more cleaning !

 

RKill

 

Vista and Win7 users need to right click and choose Run as Admin install to desk top !
You only need to get one of them to run, not all of them.

   1. rkill.exe  >>> http://download.bleepingcomputer.com/grinler/rkill.exe
   2. rkill.com >>>  http://download.bleepingcomputer.com/grinler/rkill.com
   3. rkill.scr  >>>  http://download.bleepingcomputer.com/grinler/rkill.scr

Post that log next !!

 

 

 

Thanks
Chuck

 

[flashh4]

Good morning Jraes, ready ? Lets clean some more. We are getting closer with the cleaning, then some installing we have to do !!

 

 

We need to Run an OTL fix !!

Warning: This fix is only relevant for this system and no other, using on another computer may cause problems.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

    * Double-click OTL.exe to start the program.
    * Copy and Paste the following code into the .  text box of the OTL tool/program ! Start with and include the colon plus OTL . :OTL

:OTLIE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE:64bit:'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBoxIE:64bit:'>http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBoxIE:64bit: - HKLM\..\SearchScopes\{58A31194-09D0-F4F1-ED58-09EA29129EB0}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7IE:64bit:'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.mysearc...ults.php?f=4&q={searchTerms}&a=adkmsd&cd=2XzuyEtN2Y1L1QzutAzzyDzy0FzytDyE0CtA0EtAzzyC0DyEtN0D0Tzu0CyCyCtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu&cr=1990894807&ir=IE - HKLM\..\SearchScopes,DefaultScope =IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBoxIE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7IE - HKLM\..\SearchScopes\{C8BFB880-B314-4F21-928E-C40C126E2791: "URL" = http://start.mysearc...ults.php?f=4&q={searchTerms}&a=adkmsd&cd=2XzuyEtN2Y1L1QzutAzzyDzy0FzytDyE0CtA0EtAzzyC0DyEtN0D0Tzu0CyCyCtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu&cr=1990894807&ir=IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SRIE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{56AA9076-F01B-E7F5-FDE8-595510203E62}: "URL" = http://www.amazon.co...ie_ds_W7&query={searchTerms}IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{58A31194-09D0-F4F1-ED58-09EA29129EB0}: "URL" = http://search.condui...ultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3299568&CUI=UN10252508861091313&UM=2IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPT_enUS446IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{C8BFB880-B314-4F21-928E-C40C126E2791}: "URL" = http://search.condui...ultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3298580&CUI=UN38144912322218329&UM=2IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z125&form=ZGAIDF&install_date=20111008&iesrc={referrer:source}IE - HKU\S-1-5-21-920890388-3952254803-1851345295-1001\..\SearchScopes\{EC23C1C8-47E1-22F0-FF5D-CD82BE4273C8}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z208&form=ZGAIDF&install_date=20111123&iesrc={referrer:source}FF - user.js - File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not foundFF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found[2011/11/04 16:30:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jelli\AppData\Roaming\Mozilla\Extensions[2013/10/24 09:31:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions[2013/10/24 09:31:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\{90a1b331-c2b4-4933-9f63-ba7b84d60d58}[2013/10/24 09:30:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\[email protected][2013/11/06 13:12:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\w0my9bij.default-1382630008201\extensions[2013/11/06 15:02:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions[2013/11/06 15:02:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}[2013/11/10 21:37:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}[2013/11/06 15:02:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions[2011/03/18 11:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll[2011/03/18 11:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dllCHR - default_search_provider: search_url =CHR - default_search_provider: suggest_url =CHR - Extension: No name found = C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmccegemkphdolhcemhdfmbinbhagmcn\1.1_0\CHR - Extension: No name found = C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.43_0\CHR - Extension: No name found = C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\lenicmgjbmpgagkhghjmkikfoljdcbhi\4.0_0\CHR - Extension: No name found = C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\CHR - Extension: No name found = C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnfegheljpcijmdgonkecjpcaopjlpac\1.30.455_0\O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120624185058.dll File not foundO2:64bit: - BHO: (Javaâ„¢ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not foundO2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120624185058.dll File not foundO2 - BHO: (Querius Search Bar) - {edb8602e-fa77-4d58-ab9f-97ac1f6ee12f} - C:\Program Files (x86)\querius_001\querius_001X.dll File not foundO3 - HKLM\..\Toolbar: (Querius Search Bar) - {edb8602e-fa77-4d58-ab9f-97ac1f6ee12f} - C:\Program Files (x86)\querius_001\querius_001X.dll File not foundO4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" File not foundO4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not foundO4 - HKLM..\Run: [TaskTray]  File not foundO4 - HKU\.DEFAULT..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe File not foundO4 - HKU\S-1-5-18..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe File not foundO4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not foundO4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not foundO1364bit: - gopher Prefix: missingO13 - gopher Prefix: missingO18:64bit: - Protocol\Handler\cozi - No CLSID value foundO18:64bit: - Protocol\Handler\intu-help-qb6 - No CLSID value foundO18:64bit: - Protocol\Handler\livecall - No CLSID value foundO18:64bit: - Protocol\Handler\ms-help - No CLSID value foundO18:64bit: - Protocol\Handler\msnim - No CLSID value foundO18:64bit: - Protocol\Handler\qbwc - No CLSID value foundO18:64bit: - Protocol\Handler\skype4com - No CLSID value foundO18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value foundO18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value foundO18:64bit: - Protocol\Handler\wlpg - No CLSID value foundO21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O33 - MountPoints2\{1b7f280f-eebb-11e0-973d-180373781f13}\Shell - "" = AutoRunO33 - MountPoints2\{1b7f280f-eebb-11e0-973d-180373781f13}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -aO33 - MountPoints2\{5ba9feed-46c3-11e1-a589-180373781f13}\Shell - "" = AutoRunO33 - MountPoints2\{5ba9feed-46c3-11e1-a589-180373781f13}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -aO33 - MountPoints2\{5c940b79-e303-11e0-8ba8-180373781f13}\Shell - "" = AutoRunO33 - MountPoints2\{5c940b79-e303-11e0-8ba8-180373781f13}\Shell\AutoRun\command - "" = F:\ToolLauncher-Bootstrap.exeO33 - MountPoints2\{7e2a1027-7cee-11e1-a796-180373781f13}\Shell - "" = AutoRunO33 - MountPoints2\{7e2a1027-7cee-11e1-a796-180373781f13}\Shell\AutoRun\command - "" = F:\ToolLauncher-Bootstrap.exeO33 - MountPoints2\{f0c76af4-d87c-11e0-a58a-180373781f13}\Shell - "" = AutoRunO33 - MountPoints2\{f0c76af4-d87c-11e0-a58a-180373781f13}\Shell\AutoRun\command - "" = E:\LaunchU3.exeO33 - MountPoints2\E\Shell - "" = AutoRunO33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe  :Commands[emptyjava][emptyflash][EMPTYTEMP][RESETHOSTS][CREATERESTOREPOINT][Reboot]

 

# Then click the Run Fix button at the top.
# Click
# Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
Remember to enable your real time protection.

 

 

 

That took a lot of reading !!

Post me the fix log/report !!

 

 

Thanks

Chuck
 

[jraes71]

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{58A31194-09D0-F4F1-ED58-09EA29129EB0}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58A31194-09D0-F4F1-ED58-09EA29129EB0}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C8BFB880-B314-4F21-928E-C40C126E2791: "URL" = http://start.mysearc...ults.php?f=4&q={searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C8BFB880-B314-4F21-928E-C40C126E2791: "URL" = http://start.mysearc...ults.php?f=4&q={searchTerms}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-920890388-3952254803-1851345295-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-920890388-3952254803-1851345295-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-920890388-3952254803-1851345295-1001\Software\Microsoft\Internet Explorer\SearchScopes\{56AA9076-F01B-E7F5-FDE8-595510203E62}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56AA9076-F01B-E7F5-FDE8-595510203E62}\ not found.
Registry key HKEY_USERS\S-1-5-21-920890388-3952254803-1851345295-1001\Software\Microsoft\Internet Explorer\SearchScopes\{58A31194-09D0-F4F1-ED58-09EA29129EB0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58A31194-09D0-F4F1-ED58-09EA29129EB0}\ not found.
Registry key HKEY_USERS\S-1-5-21-920890388-3952254803-1851345295-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-920890388-3952254803-1851345295-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C8BFB880-B314-4F21-928E-C40C126E2791}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C8BFB880-B314-4F21-928E-C40C126E2791}\ not found.
Registry key HKEY_USERS\S-1-5-21-920890388-3952254803-1851345295-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ not found.
Registry key HKEY_USERS\S-1-5-21-920890388-3952254803-1851345295-1001\Software\Microsoft\Internet Explorer\SearchScopes\{E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}\ not found.
Registry key HKEY_USERS\S-1-5-21-920890388-3952254803-1851345295-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EC23C1C8-47E1-22F0-FF5D-CD82BE4273C8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EC23C1C8-47E1-22F0-FF5D-CD82BE4273C8}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\{90a1b331-c2b4-4933-9f63-ba7b84d60d58}\defaults folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\{90a1b331-c2b4-4933-9f63-ba7b84d60d58}\Chrome\CT3298580\content\tb\al\ac folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\{90a1b331-c2b4-4933-9f63-ba7b84d60d58}\Chrome\CT3298580\content\tb\al folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\{90a1b331-c2b4-4933-9f63-ba7b84d60d58}\Chrome\CT3298580\content\tb folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\{90a1b331-c2b4-4933-9f63-ba7b84d60d58}\Chrome\CT3298580\content folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\{90a1b331-c2b4-4933-9f63-ba7b84d60d58}\Chrome\CT3298580 folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\{90a1b331-c2b4-4933-9f63-ba7b84d60d58}\Chrome folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\{90a1b331-c2b4-4933-9f63-ba7b84d60d58} folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\[email protected]\resources\api-utils\lib\event\.svn folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\[email protected]\resources\api-utils\lib\event folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\[email protected]\resources\api-utils\lib folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\[email protected]\resources\api-utils folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\[email protected]\resources folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\[email protected] folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions folder moved successfully.
Folder C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\{90a1b331-c2b4-4933-9f63-ba7b84d60d58}\ not found.
Folder C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\rzazx41w.default\extensions\[email protected]\ not found.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\w0my9bij.default-1382630008201\extensions\[email protected]\chrome\content folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\w0my9bij.default-1382630008201\extensions\[email protected]\chrome folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\w0my9bij.default-1382630008201\extensions\[email protected] folder moved successfully.
C:\Users\jelli\AppData\Roaming\Mozilla\Firefox\Profiles\w0my9bij.default-1382630008201\extensions folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\windows folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\window folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\utils folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\traits folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\tabs folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\system folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\l10n folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\events folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\event folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\dom folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\addon folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\lib folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\data folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\api-utils folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\lib folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\data folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\addon-kit folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\tests folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\lib folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\data folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\a folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\resources folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\.svn folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully.
Folder C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\ not found.
Folder C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}\ not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll moved successfully.
C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll moved successfully.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmccegemkphdolhcemhdfmbinbhagmcn\1.1_0 folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.43_0 folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\lenicmgjbmpgagkhghjmkikfoljdcbhi\4.0_0 folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\zh_TW folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\zh_CN folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\vi folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\uk folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\tr folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\th folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\sv folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\sr folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\sl folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\sk folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\ru folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\ro folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\pt_PT folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\pt_BR folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\pl folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\no folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\nl folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\lv folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\lt folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\ko folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\ja folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\iw folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\it folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\id folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\hu folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\hr folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\hi folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\fr folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\fil folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\fi folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\es_419 folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\es folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\en_GB folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\en folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\el folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\de folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\da folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\cs folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\ca folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\bg folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales\ar folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\_locales folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\styles folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\2x folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images\1x folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\images folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 folder moved successfully.
C:\Users\jelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnfegheljpcijmdgonkecjpcaopjlpac\1.30.455_0 folder moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{edb8602e-fa77-4d58-ab9f-97ac1f6ee12f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{edb8602e-fa77-4d58-ab9f-97ac1f6ee12f}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{edb8602e-fa77-4d58-ab9f-97ac1f6ee12f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{edb8602e-fa77-4d58-ab9f-97ac1f6ee12f}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Conime deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TaskTray deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\cozi\ deleted successfully.
File Protocol\Handler\cozi - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\intu-help-qb6\ deleted successfully.
File Protocol\Handler\intu-help-qb6 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\qbwc\ deleted successfully.
File Protocol\Handler\qbwc - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b7f280f-eebb-11e0-973d-180373781f13}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1b7f280f-eebb-11e0-973d-180373781f13}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b7f280f-eebb-11e0-973d-180373781f13}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1b7f280f-eebb-11e0-973d-180373781f13}\ not found.
File F:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ba9feed-46c3-11e1-a589-180373781f13}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ba9feed-46c3-11e1-a589-180373781f13}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ba9feed-46c3-11e1-a589-180373781f13}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ba9feed-46c3-11e1-a589-180373781f13}\ not found.
File E:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c940b79-e303-11e0-8ba8-180373781f13}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5c940b79-e303-11e0-8ba8-180373781f13}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c940b79-e303-11e0-8ba8-180373781f13}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5c940b79-e303-11e0-8ba8-180373781f13}\ not found.
File F:\ToolLauncher-Bootstrap.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e2a1027-7cee-11e1-a796-180373781f13}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e2a1027-7cee-11e1-a796-180373781f13}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e2a1027-7cee-11e1-a796-180373781f13}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e2a1027-7cee-11e1-a796-180373781f13}\ not found.
File F:\ToolLauncher-Bootstrap.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f0c76af4-d87c-11e0-a58a-180373781f13}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f0c76af4-d87c-11e0-a58a-180373781f13}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f0c76af4-d87c-11e0-a58a-180373781f13}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f0c76af4-d87c-11e0-a58a-180373781f13}\ not found.
File E:\LaunchU3.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File E:\LaunchU3.exe not found.
========== COMMANDS ==========
 
[EMPTYJAVA]
 
User: All Users
 
User: Default
 
User: Default User
 
User: jelli
->Java cache emptied: 266290 bytes
 
User: Public
 
Total Java Files Cleaned = 0.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: jelli
->Flash cache emptied: 25263 bytes
 
User: Public
 
Total Flash Files Cleaned = 0.00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 101433 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: jelli
->Temp folder emptied: 1643352547 bytes
->Temporary Internet Files folder emptied: 260835371 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 217477514 bytes
->Google Chrome cache emptied: 35751743 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 20916661 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42304013 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 743 bytes
RecycleBin emptied: 98925878 bytes
 
Total Files Cleaned = 2,212.00 mb
 
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
System Restore Service not available.
 
OTL by OldTimer - Version 3.2.69.0 log created on 11112013_085607

Files\Folders moved on Reboot...
C:\Users\jelli\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\jelli\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

[flashh4]

Jraesdo you have a RKill log for me ?? If not i posted above the instructions !!

 Run it please !

 

Chuck

[flashh4]

Jraes, this program is very powerful, please follow it exactly as per my instructions !!!!!

 

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them
2. With Admin Rights (Right click, choose "Run as Administrator")


Download ComboFix from this location:

Link 1
 http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Link 2
http://www.infospyware.net/antimalware/combofix


* IMPORTANT !!! Save ComboFix.exe to your Desktop



  * Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

    *  See this Link >>> http://www.bleepingcomputer.com/forums/topic114351.html <<<  for programs that need to be disabled and instruction on how to disable them.
   
    *  Remember to re-enable them when we're done.

    *  Double click on ComboFix.exe & follow the prompts.

    *  As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    *  Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.



**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.




Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.

 Notes:   

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of  ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4.  CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.   

Give it at least 20-30 minutes to finish if needed.

 Please do not attach the scan results from Combofix. Use copy/paste.   


Post the RKill log first then the Combofix log !!

 

Thanks

Chuck