Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Neighbor's Computer with 686 MBAM & Pop-ups [Solved]

Started by flyboy1565 , Jan 24 2013 09:56 AM

  • This topic is locked This topic is locked

#1
flyboy1565
Posted 24 January 2013 - 09:56 AM

flyboy1565

    Member

  • Member
  • PipPipPip
  • 403 posts
Hi there, got another one of my neighbor's computer. This is getting all kinds of pop-ups. I ran malwarebytes, and it came up with 686 instances of malware. I know that they have UTORRENT, which I already explained to them that I will only help them if I can get ride of it. Let me know what to run next. I will post the OTL, EXTRAS, and MBAM, that I already ran.

OTL logfile created on: 1/23/2013 10:16:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.57 Gb Available Physical Memory | 30.57% Memory free
3.96 Gb Paging File | 2.07 Gb Available in Paging File | 52.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 291.83 Gb Total Space | 107.08 Gb Free Space | 36.69% Space Free | Partition Type: NTFS
Drive D: | 6.26 Gb Total Space | 0.88 Gb Free Space | 14.12% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/23 22:14:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
PRC - [2012/11/23 11:43:43 | 000,968,592 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012/11/20 20:08:12 | 000,652,128 | ---- | M] () -- C:\ProgramData\IBUpdaterService\ibsvc.exe
PRC - [2012/11/14 06:58:03 | 002,413,600 | ---- | M] () -- C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\pcpmngr.exe
PRC - [2012/11/02 04:10:42 | 013,538,584 | ---- | M] (Xportsoft Technologies) -- C:\Program Files\PC Optimizer Pro\PCOptimizerPro.exe
PRC - [2012/10/11 08:43:36 | 000,067,656 | ---- | M] (Simplygen) -- C:\Program Files\Protected Search\ProtectedSearch.exe
PRC - [2012/10/09 20:22:24 | 000,195,216 | ---- | M] (Smart PC Cleaner) -- C:\Program Files\Smart PC Cleaner\SPCSmartScan.exe
PRC - [2012/10/09 20:22:10 | 000,216,208 | ---- | M] (Smart PC Cleaner) -- C:\Program Files\Smart PC Cleaner\SPCReminder.exe
PRC - [2012/09/28 14:42:08 | 000,298,376 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2012/09/28 14:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2012/07/11 14:37:12 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2012/06/06 08:16:30 | 000,185,856 | ---- | M] () -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
PRC - [2012/06/01 15:15:40 | 000,217,200 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe
PRC - [2012/05/10 13:11:24 | 001,267,264 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\Fighters\FighterSuiteService.exe
PRC - [2012/05/04 10:58:08 | 001,226,240 | ---- | M] (Inbox.com, Inc.) -- C:\Program Files\RebateInformer\RebateInf.exe
PRC - [2012/04/23 13:07:52 | 000,326,504 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\DriverScanner\driverscanner.exe
PRC - [2012/04/23 13:07:52 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2012/03/20 12:49:09 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Engine\2.0.18.6\ccSvcHst.exe
PRC - [2012/03/20 12:47:32 | 000,123,320 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Engine\2.0.18.6\SymcPCCULaunchSvc.exe
PRC - [2012/02/23 20:20:28 | 007,697,496 | ---- | M] (MicroSmarts LLC.) -- C:\Program Files\SpeedItup Free\speeditupfree.exe
PRC - [2012/02/14 22:18:56 | 000,079,728 | ---- | M] (Driver-Soft Inc.) -- C:\Program Files\Driver-Soft\DriverGenius\StarterW3i.exe
PRC - [2012/02/10 10:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
PRC - [2012/02/10 10:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
PRC - [2012/01/18 17:36:46 | 001,452,680 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\Fighters\Tray\FightersTray.exe
PRC - [2011/04/28 09:14:01 | 000,036,864 | ---- | M] (CouponAlert) -- C:\Program Files\CouponAlert_2p\bar\1.bin\2pbarsvc.exe
PRC - [2011/04/28 09:14:01 | 000,027,648 | ---- | M] (CouponAlert) -- C:\Program Files\CouponAlert_2p\bar\1.bin\2pbrmon.exe
PRC - [2011/04/08 07:17:40 | 000,176,848 | ---- | M] (iWin Inc.) -- C:\Users\user\Jewel Quest Games\iWin Games\iWinTrusted.exe
PRC - [2010/11/02 21:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
PRC - [2010/01/15 04:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2008/10/28 22:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2006/11/02 04:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
PRC - [2006/11/02 01:45:39 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
PRC - [2006/11/02 01:45:34 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
PRC - [2006/11/02 01:45:21 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
PRC - [2006/11/02 01:45:21 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/14 06:58:03 | 002,413,600 | ---- | M] () -- C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\pcpmngr.exe
MOD - [2012/11/14 06:56:36 | 002,148,896 | ---- | M] () -- c:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\pcpmngr.dll
MOD - [2012/05/30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/04/23 13:07:52 | 000,406,888 | ---- | M] () -- C:\Program Files\Uniblue\DriverScanner\locale\en\en.dll
MOD - [2012/04/23 13:07:52 | 000,071,016 | ---- | M] () -- C:\Program Files\Uniblue\DriverScanner\InstallerExtensions.dll
MOD - [2012/04/23 13:07:52 | 000,018,792 | ---- | M] () -- C:\Program Files\Uniblue\DriverScanner\cwebpage.dll
MOD - [2009/10/15 02:23:50 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll


========== Services (SafeList) ==========

SRV - [2012/11/20 20:08:12 | 000,652,128 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2012/11/14 06:58:03 | 002,413,600 | ---- | M] () [Auto | Running] -- C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\pcpmngr.exe -- (PC Performer Manager)
SRV - [2012/09/28 14:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/06 08:16:30 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - [2012/06/01 15:15:40 | 000,217,200 | ---- | M] (SPAMfighter ApS) [On_Demand | Running] -- C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe -- (Common Toolkit Tools)
SRV - [2012/05/10 13:11:24 | 001,267,264 | ---- | M] (SPAMfighter ApS) [Auto | Running] -- C:\Program Files\Fighters\FighterSuiteService.exe -- (Suite Service)
SRV - [2012/03/20 12:49:09 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup\Engine\2.0.18.6\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2012/03/20 12:47:32 | 000,123,320 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup\Engine\2.0.18.6\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2012/02/10 10:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 10:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/04/28 09:14:01 | 000,036,864 | ---- | M] (CouponAlert) [Auto | Running] -- C:\Program Files\CouponAlert_2p\bar\1.bin\2pbarsvc.exe -- (CouponAlert_2pService)
SRV - [2011/04/08 07:17:40 | 000,176,848 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Users\user\Jewel Quest Games\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2010/11/02 21:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2010/10/12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/01/15 04:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/03/18 15:52:32 | 000,020,480 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2007/04/18 02:01:02 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/11/09 15:30:14 | 000,065,536 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2005/04/18 10:38:59 | 000,046,680 | R--- | M] (America Online) [On_Demand | Stopped] -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2011/05/13 02:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/10/01 09:37:42 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010/06/09 15:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 15:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2010/04/22 17:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/11/02 18:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/10/09 21:23:06 | 000,033,792 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btblan.sys -- (LeapFrog-USBLAN)
DRV - [2009/05/13 11:41:02 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2009/05/13 11:41:02 | 000,090,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscebus.sys -- (sscebus)
DRV - [2009/05/13 11:41:02 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2008/05/08 04:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 04:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/10/18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/07/06 20:15:00 | 007,568,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/05/04 01:29:10 | 001,065,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2005/12/12 08:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)
DRV - [2003/01/10 13:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.protec...e=true&tid=3026
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.protec...e=true&tid=3026
IE - HKLM\..\URLSearchHook: {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} - C:\Program Files\Incredibar-Games_EN\prxtbIncr.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {f92a9fe4-2850-4198-b9d5-279880e49b16} - C:\Program Files\A_Free_Ride_Games_Bar\prxtbA_F0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
IE - HKLM\..\SearchScopes\{2CC70DD6-A9A3-4A4E-837B-65604BE5B7B6}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{2F9692BA-B015-45C6-9E34-1076E967AE57}: "URL" = http://search.live.c...#38;FORM=HVDUS7
IE - HKLM\..\SearchScopes\{46247275-B91A-44B5-9D9F-144803602B5F}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3196716
IE - HKLM\..\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = http://search.mywebs...r={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsea...B&si=pconverter
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.protec...e=true&tid=3026
IE - HKCU\..\URLSearchHook: {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} - C:\Program Files\Incredibar-Games_EN\prxtbIncr.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {f92a9fe4-2850-4198-b9d5-279880e49b16} - C:\Program Files\A_Free_Ride_Games_Bar\prxtbA_F0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0000018f3f26cd3
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3196716
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox...id=80565&lng=en
IE - HKCU\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.Incre...IAXwR5Objl&i=38
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@CouponAlert_2p.com/Plugin: C:\Program Files\CouponAlert_2p\bar\1.bin\NP2pStub.dll (CouponAlert)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\user\AppData\Roaming\Move Networks\plugins\npqmp071500000347.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TotalRecipeSearch_14.com/Plugin: C:\Program Files\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\user\AppData\Roaming\Move Networks\plugins\npqmp071500000347.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C176060C-6A46-4720-8BD5-23C0958ACE27}: C:\Users\user\AppData\Local\{C176060C-6A46-4720-8BD5-23C0958ACE27} [2010/01/07 17:54:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\2pffxtbr@CouponAlert_2p.com: C:\Program Files\CouponAlert_2p\bar\1.bin [2013/01/23 21:49:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin [2013/01/23 21:55:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected] [2011/07/16 19:33:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected] [2011/07/16 19:33:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected] [2011/07/16 19:33:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\14ffxtbr@TotalRecipeSearch_14.com: C:\Program Files\TotalRecipeSearch_14\bar\1.bin [2013/01/23 21:55:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/06/27 17:46:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin [2013/01/23 21:55:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\user\AppData\Roaming\Move Networks [2009/06/06 08:04:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\user\AppData\Local\ArcadeCandy\[email protected] [2012/07/02 10:33:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{182812ed-1c22-4e1f-9a8d-990282d594da}: C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012/11/20 20:10:38 | 000,000,000 | ---D | M]

[2011/04/30 15:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Extensions
[2009/12/24 07:13:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/01/26 09:55:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\extensions
[2012/01/26 09:55:25 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2012/11/20 20:13:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.459_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpimglhojapikoeeifcifanbeinephdm\2.3.10.3_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlkjjohncghchjiniokhljcgmlajgpb\1.6_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnfegheljpcijmdgonkecjpcaopjlpac\1.22.359_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\

O1 HOSTS File: ([2010/01/20 21:20:38 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Incredibar-Games EN Toolbar) - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} - C:\Program Files\Incredibar-Games_EN\prxtbIncr.dll (Conduit Ltd.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll File not found
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Protected Toolbar) - {61096323-3324-48fb-925b-4206f342e162} - C:\Users\user\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll (Simplytech Ltd.)
O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd)
O2 - BHO: (IEHlprObj Class) - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Users\user\Jewel Quest Games\iWin Games\iWinGamesHookIE.dll (iWin Inc.)
O2 - BHO: (ArcadeCandy Games) - {AB6BD08C-DB6B-4F02-8A22-4BD343E990FF} - C:\Users\user\AppData\Local\ArcadeCandy\candyEX.dll (ArcadeCandy LLC)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (no name) - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - C:\Program Files\RebateInformer\RebateI.dll (Inbox.com, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.)
O2 - BHO: (A Free Ride Games Bar Toolbar) - {f92a9fe4-2850-4198-b9d5-279880e49b16} - C:\Program Files\A_Free_Ride_Games_Bar\prxtbA_F0.dll (Conduit Ltd.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Incredibar-Games EN Toolbar) - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} - C:\Program Files\Incredibar-Games_EN\prxtbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll File not found
O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll File not found
O3 - HKLM\..\Toolbar: (Protected Toolbar) - {61096323-3324-48fb-925b-4206f342e162} - C:\Users\user\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll (Simplytech Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)
O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKLM\..\Toolbar: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (A Free Ride Games Bar Toolbar) - {f92a9fe4-2850-4198-b9d5-279880e49b16} - C:\Program Files\A_Free_Ride_Games_Bar\prxtbA_F0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Incredibar-Games EN Toolbar) - {238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9} - C:\Program Files\Incredibar-Games_EN\prxtbIncr.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (VideoDownloadConverter) - {48586425-6BB7-4F51-8DC6-38C88E3EBB58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)
O3 - HKCU\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (WiseConvert Toolbar) - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (A Free Ride Games Bar Toolbar) - {F92A9FE4-2850-4198-B9D5-279880E49B16} - C:\Program Files\A_Free_Ride_Games_Bar\prxtbA_F0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CommonToolkitTray] C:\Program Files\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)
O4 - HKLM..\Run: [CouponAlert_2p Browser Plugin Loader] C:\Program Files\CouponAlert_2p\bar\1.bin\2pbrmon.exe (CouponAlert)
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [SpeetItUpFree] C:\Program Files\SpeedItup Free\speeditupfree.exe (MicroSmarts LLC.)
O4 - HKLM..\Run: [Starter] C:\Program Files\Driver-Soft\DriverGenius\StarterW3i.exe (Driver-Soft Inc.)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe File not found
O4 - HKCU..\Run: [DriverScanner] C:\Program Files\Uniblue\DriverScanner\Launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [Exetender] C:\Program Files\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [FDPRO-501] C:\Program Files\Fighters\FighterLauncher.exe (SPAMfighter ApS)
O4 - HKCU..\Run: [RebateInformer] C:\Program Files\RebateInformer\RebateInf.exe (Inbox.com, Inc.)
O4 - HKCU..\Run: [Smart PC Cleaner] C:\Program Files\Smart PC Cleaner\SPCLauncher.exe (Smart PC Cleaner)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] UnHackMe Rootkit Check File not found
O4 - Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MRI_DISABLED [2010/11/24 09:49:06 | 000,000,000 | -H-D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: buy-security-essentials.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: download-soft-package.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: download-software-package.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: get-key-se10.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: is-software-download.com ([]http in Trusted sites)
O16 - DPF: {00085C14-0000-0000-0000-000000000000} https://cwscp.sbcis....igInstaller.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D913DF22-085F-461E-9049-97410F6329D3}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll File not found
O18 - Protocol\Handler\rebinfo {AF808758-C780-404C-A4EE-4526323FD9B6} - C:\Program Files\RebateInformer\RebateI.dll (Inbox.com, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~2\pcperf~1\25912~1.8\{16cdf~1\pcpmngr.dll satulosu.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\Userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Users\user\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\user\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/12/09 13:16:52 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1a2154f5-139e-11df-acf4-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{1a2154f5-139e-11df-acf4-00038a000015}\Shell\AutoRun\command - "" = L:\NPSAI.exe
O33 - MountPoints2\{48fceae9-f01c-11dc-9c31-0018f3f26cd3}\Shell - "" = AutoRun
O33 - MountPoints2\{48fceae9-f01c-11dc-9c31-0018f3f26cd3}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk /p \??\K:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/23 22:14:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2013/01/23 22:10:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2013/01/22 21:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/22 21:16:01 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/01/22 21:16:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/02/29 09:44:09 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/23 22:14:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2013/01/23 22:03:03 | 000,671,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/23 22:03:03 | 000,124,520 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/23 22:01:23 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/23 22:01:11 | 000,000,032 | ---- | M] () -- C:\ProgramData\ftstate.ini
[2013/01/23 22:01:04 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
[2013/01/23 22:00:57 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/23 22:00:34 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2013/01/23 21:55:38 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/23 21:55:37 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/23 21:55:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/23 21:42:25 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3573830000-260418385-2138264800-1000UA.job
[2013/01/23 20:13:02 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\PC Performer_UPDATES.job
[2013/01/23 20:00:04 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\CandyUpdater.job
[2013/01/23 16:47:30 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{BA83A949-3E47-42DA-A9E5-9C3DE16332D1}.job
[2013/01/23 15:56:16 | 000,000,436 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro Updates.job
[2013/01/23 15:42:03 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3573830000-260418385-2138264800-1000Core.job
[2013/01/23 15:01:44 | 000,000,262 | ---- | M] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2013/01/23 06:58:10 | 000,001,957 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/22 14:23:00 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for user.job
[2013/01/22 11:00:11 | 000,000,404 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro Scan.job
[2013/01/21 20:00:00 | 000,000,662 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - user.job
[2013/01/12 22:58:56 | 000,000,556 | ---- | M] () -- C:\Windows\System32\MyDefrag.debuglog
[2013/01/11 03:22:36 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForuser.job
[2012/12/26 21:24:28 | 000,000,761 | ---- | M] () -- C:\Users\Public\Desktop\Play Pirate101.lnk
[2012/12/26 18:34:57 | 000,000,755 | ---- | M] () -- C:\Users\user\Desktop\Play Wizard101.lnk
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 000,006,456 | -H-- | C] () -- C:\Windows\System32\mobagudo
[2013/01/12 22:58:56 | 000,000,556 | ---- | C] () -- C:\Windows\System32\MyDefrag.debuglog
[2012/12/26 21:24:28 | 000,000,761 | ---- | C] () -- C:\Users\Public\Desktop\Play Pirate101.lnk
[2012/12/26 18:34:57 | 000,000,755 | ---- | C] () -- C:\Users\user\Desktop\Play Wizard101.lnk
[2012/12/03 16:53:59 | 000,000,032 | ---- | C] () -- C:\ProgramData\ftstate.ini
[2012/11/02 18:14:11 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe
[2012/07/02 16:15:12 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/05/01 20:03:13 | 000,000,552 | ---- | C] () -- C:\Users\user\AppData\Local\d3d8caps.dat
[2011/07/16 19:08:11 | 000,116,189 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011/07/16 19:08:11 | 000,098,168 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011/02/10 13:51:27 | 000,000,013 | ---- | C] () -- C:\Users\user\cvdm.err
[2010/04/20 15:17:45 | 000,000,632 | RHS- | C] () -- C:\Users\user\ntuser.pol
[2010/02/18 22:07:39 | 000,000,008 | ---- | C] () -- C:\Users\user\AppData\Roaming\wpp.exe
[2010/01/07 17:54:50 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\Vkone.bin
[2010/01/07 17:54:48 | 000,000,120 | ---- | C] () -- C:\Users\user\AppData\Local\Btidejo.dat
[2009/12/01 09:42:41 | 000,027,150 | ---- | C] () -- C:\Users\user\AppData\Local\slot1.mm1
[2009/01/03 16:55:42 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\7340f9db2b8cbd45
[2009/01/03 16:55:37 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\c7a25efb5811a9ca
[2009/01/03 16:55:17 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\31554495acb84a74
[2009/01/03 16:54:17 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\aaed748a2b0c0a67
[2009/01/03 16:54:12 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\e0ec521d7ed9069a
[2008/12/26 15:31:55 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\c673d89093f6c494
[2008/12/26 15:23:04 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\2bb753373a9cc2a7
[2008/12/26 15:19:34 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\1e8607d712983b24
[2008/12/26 15:19:19 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\f927f14863fcf804
[2008/12/26 15:12:13 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\35c1a60090c47e0e
[2008/12/26 15:12:08 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\198881056b266b47
[2008/12/23 17:30:38 | 000,000,165 | ---- | C] () -- C:\ProgramData\service.dat
[2008/08/26 00:03:01 | 000,007,268 | ---- | C] () -- C:\Users\user\AppData\Local\d3d9caps.dat
[2007/04/23 09:45:14 | 000,000,092 | ---- | C] () -- C:\Users\user\AppData\Local\fusioncache.dat
[2007/03/05 12:29:22 | 000,005,678 | ---- | C] () -- C:\Users\user\AppData\Roaming\wklnhst.dat
[2007/02/04 14:34:58 | 000,016,384 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 04:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2008/11/06 04:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/02 20:16:12 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2006/11/02 01:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:09CD1DC6
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:F878F14A
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:4790A691
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:FEB4D048
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:2530BFBE
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:F5D81BA1
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:F1020F9B
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:EF84937D
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:E6B3E318
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:8396B0AE
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:0E1DD4C5
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:F49E02D5
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:8DF2258A
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:501DF0E0
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:08390D61
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:FE49EF15
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:EBDA021F
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:C76BA037
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:9A1A77DD
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:665C0715
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:407F3936
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:22910851
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:0C889ACE
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:F24AD862
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:C72A744C
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:8B09E09D
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:678F890D
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:5E86F333
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:C5CE2DF6
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:AE531EFF
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:9F47F32C
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:75A5CED2
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:6C1FEFDE
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:3BA734DE
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:07F6D9E4
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:F5B3D15A
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:E7730732
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:C92A6B45
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:7434FA5A
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:093F44E8
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:6F6F26B0
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:685F5579
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:679E30C6
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:F662888F
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A46FE1DB
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:933604B8
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:B29E86D2
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:985F2B95
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:8164A00A
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:7CC16245
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:6348AC97
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:DB2BB17F
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:ACE7A9BB
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:76C56CCB
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:51EFAA18
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:E8382F78
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:E21D3CA0
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:7BB47057
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:5BEA5951
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:15606AA7
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:07A0D262
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:A93A1878
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:CBB4BFCD
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:94124B85
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:1C23B857
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:E3BD4B99
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:D2A5A561
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:3FA3A49D
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:335F49EA
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:172B8774
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0E22C5DB
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:C81971AB
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:8B4640AA
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:FEB8979F
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:EF258AD5
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:40464012
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:8B2A48B2
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:8459971E
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:4F31D675
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:298B8F0F
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:20D4F98B
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:15B5F596
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:DADCBB58
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:A18D1A5B
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:53B5A0D5
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:52C5F022
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:33C6377A
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:2540E96D
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:B35A4CE2
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:9BAFBDA0
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:245D8023
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:243034F9
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:148B621E
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:F71B881A
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:0407674B
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:66C6A515
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:4D3521E6
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:16D21E17
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0E544CF5
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:6A37FCC3
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3D4041D5
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3D2D7F22
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:C3CB23B4
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:AED4FFF5
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:68684FAE
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:0E660858
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:F0CAA752
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:E5DE9C8F
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:6A46CD9E
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:0F83FB96
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:06E98522
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:D29B16C5
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:AA199F0F
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:5064C5F0
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:4A3B96F5
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:C62F5141
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:9EBA3797
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:3318EE32
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:F6A0889A
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:CFF654D3
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:7FC2B38E
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:E98B604F
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:7FD199E4
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:4C801DF0
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:3BB3AE6B
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2E426A1F
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:FE53E4F7
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:3BCA993F
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:1E93E0ED
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:F6C0CA66
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D387C245
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:4A0829E0

< End of report >
  • 0

Advertisements

#2
flyboy1565
Posted 24 January 2013 - 09:57 AM

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts
Tip: click inside this box to load the editorOTL Extras logfile created on: 1/23/2013 10:16:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.57 Gb Available Physical Memory | 30.57% Memory free
3.96 Gb Paging File | 2.07 Gb Available in Paging File | 52.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 291.83 Gb Total Space | 107.08 Gb Free Space | 36.69% Space Free | Partition Type: NTFS
Drive D: | 6.26 Gb Total Space | 0.88 Gb Free Space | 14.12% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 0
"DisableConfig" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D51FD74-8BEC-45EA-89D9-93125F163743}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0D9C24DF-4408-4029-A02B-560E20ECC0AE}" = lport=138 | protocol=17 | dir=in | app=system |
"{1560F03F-E179-4447-B42A-26480BD6259F}" = rport=445 | protocol=6 | dir=out | app=system |
"{26FAF1F2-32CB-4183-B293-1D8D8C678D54}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5105A139-F71C-4428-9AD4-8C0BD754F307}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5B4E4D5F-EA87-4B67-B9AE-35400709879E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{630D20BC-C94E-4943-9AB4-C586FF5FD7EE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{76E42A8F-DB3E-4357-A96B-9A489AAD98DA}" = lport=139 | protocol=6 | dir=in | app=system |
"{873DD918-8685-49F6-9EB4-5ACAC0917948}" = lport=137 | protocol=17 | dir=in | app=system |
"{9E1503C5-D64C-49E2-B09D-C5196235E023}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{A9AF3B80-83EC-4BEC-96C9-5BA415EE8930}" = rport=138 | protocol=17 | dir=out | app=system |
"{BA0162C3-FBFF-4B2B-B03C-52E097E33B8D}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CC379EDD-518F-4BFF-9BC4-6231E9EBD639}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D403AC72-9F8D-4565-AF39-F9023F11CC30}" = rport=139 | protocol=6 | dir=out | app=system |
"{D54601EA-32AA-4A2E-8ADF-DD46E36C1CE4}" = lport=445 | protocol=6 | dir=in | app=system |
"{FFF8EC39-60CD-4C33-B80D-C109B0485FC0}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{079938E8-88D8-46C7-B2C7-66BC77F1DA35}" = protocol=17 | dir=in | app=c:\windows\system32\wininit.exe |
"{08684926-F2AE-4FEE-B65F-771529A63F6D}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{093B4370-F944-4672-B938-FF88C9781894}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{0A5F71D5-1A7D-4DB6-9D68-4D669283F03B}" = dir=out | app=c:\program files\protected search\protectedsearch.exe |
"{0C1A225E-42CF-4255-B64F-B8D83F7FE41E}" = protocol=6 | dir=in | app=c:\program files\aol 9.0a\waol.exe |
"{0F42E678-0BD8-4B9F-B4E8-A9081691172C}" = protocol=17 | dir=in | app=c:\windows\system32\logonui.exe |
"{10BC6A0A-EC75-428D-96D1-AC9F2BF061AA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{12541CA4-D674-41E3-827D-AB7603E039C1}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{137A1183-3CD8-47BB-8FC8-6001DA14E0F0}" = protocol=6 | dir=in | app=c:\program files\frostwire 5\frostwire.exe |
"{1700187D-13AC-4B68-B81F-E4633EAAA818}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{1F98F1BC-7AC4-4377-91A8-62F6D789F7C0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{20EF9FC2-4EEC-4292-A502-C778A3CC832E}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{2A7B273F-D551-4C14-87E6-50020F8AEC1B}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{2AE3DB93-5024-4939-9A4D-358855804731}" = protocol=17 | dir=in | app=c:\program files\frostwire 5\frostwire.exe |
"{2B1829F9-8E15-469B-A688-F25871BB3DB0}" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"{2BEB4447-DB9B-45E1-A7ED-0B340739614B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2CE0FE3F-4EEA-4B49-A86E-8FCEFED7B128}" = protocol=17 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{313EAFA5-144B-4BBF-A84E-295579F09CBB}" = protocol=6 | dir=in | app=c:\windows\system32\winlogon.exe |
"{313ECD76-215F-4F6A-8BED-76393709625C}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{34D018EF-97C6-4F63-A809-2F545F09E531}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{3678EAB4-3BE7-4227-B779-E62717A3F89E}" = protocol=6 | dir=in | app=c:\windows\system32\dwm.exe |
"{3C6DB025-AB67-4723-83F0-BBC9E4EE241E}" = protocol=17 | dir=in | app=c:\windows\system32\smss32.exe |
"{3E0ED1B5-1EE4-436C-BEBC-C7FAC6CEB50F}" = protocol=6 | dir=in | app=c:\users\user\jewel quest games\iwin games\iwingames.exe |
"{42130A3D-A368-4FA5-B34C-A0E3FD1CDD48}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{47B278CB-7631-446E-BCE4-82A14759BC76}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{47D2B27D-5A9D-4410-9C84-05C66A0CE1F3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{499513D0-142D-4AD1-A270-30A4DF4E8087}" = protocol=17 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{4B1C24FB-413F-446A-B626-57A377735F21}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5162294C-037B-410D-A6A9-0D8955F50E51}" = protocol=17 | dir=in | app=c:\windows\system32\logonui.exe |
"{52E833D4-3146-4716-B45D-9590BC90474A}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{56A1AFB9-F73D-4228-908C-F2E4C407344D}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{582C4B95-8D56-454E-A86D-16E12DBB25C2}" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"{5E870FC6-1779-4EB5-ABD3-B3D379045D09}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{5F4201BC-C884-430F-9444-D0F348EC7F61}" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"{61EF45AF-5904-43E4-8C9E-C1B5A9944D79}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{6722377F-3E53-4845-A436-70F673D96A35}" = protocol=17 | dir=in | app=c:\windows\system32\winlogon.exe |
"{6855C13A-4852-4352-85F1-AC1B765E6B39}" = protocol=6 | dir=in | app=c:\windows\system32\wininit.exe |
"{68FB0268-8629-4640-9EB3-9312A63A7086}" = protocol=1 | dir=out | [email protected],-28544 |
"{6C2D4C97-891A-41BE-A27D-2A0357A1BE69}" = protocol=6 | dir=in | app=c:\windows\system32\wininit.exe |
"{702DCC06-E95C-4132-87FE-4DD927C7756E}" = dir=in | app=c:\program files\hp connections\6811507\program\hp connections |
"{71B4EAD8-92AF-4B98-AC0F-BAE1855E42DD}" = protocol=58 | dir=in | [email protected],-28545 |
"{74DA8841-C709-4FD1-8BB6-9E22359E2F60}" = protocol=17 | dir=in | app=c:\users\user\jewel quest games\iwin games\webupdater.exe |
"{78A3E7FF-7394-43E0-B927-9D2E26F971BE}" = protocol=17 | dir=in | app=c:\windows\system32\dwm.exe |
"{7B89930C-B89D-4FB9-BF55-4AB85C3CC282}" = protocol=6 | dir=in | app=c:\users\user\jewel quest games\iwin games\webupdater.exe |
"{7C29836C-49EB-4C31-98BC-A141DE5D0F1A}" = dir=in | app=c:\program files\protected search\protectedsearch.exe |
"{7CD42D0A-C664-4F6D-85DA-8B9710B425F9}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{801C7DD0-4023-4419-A9CB-F47DE5780511}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{814D17F0-54DA-470B-8658-B2128F521DEF}" = dir=in | app=c:\users\user\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{84CA15BD-5E2B-4358-906B-29080752C6DE}" = protocol=58 | dir=out | [email protected],-28546 |
"{85D320BB-A2DB-4C05-8E91-A86F6E3355E9}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{86168911-633E-44A5-9937-520B2C99DFDE}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{897A68DA-FF52-479E-87BE-D69E296F9D37}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{8BCF85EA-73A2-4D5F-82FA-746087CAFFC2}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{8E80BF65-23A6-49C2-9B80-AC978720A26D}" = dir=in | app=c:\program files\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{90D3DD46-AFBC-43DA-AC63-CBE26B204029}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{94AEC4ED-ABD7-48FA-992D-57896F65854D}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{95027967-314D-405D-BF12-63C4EBD5611B}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{97C531F9-992D-4D0B-8346-83F5EC05FF2B}" = protocol=17 | dir=in | app=c:\users\user\jewel quest games\iwin games\iwingames.exe |
"{98235899-E80B-48EA-A904-77979C706C57}" = protocol=17 | dir=in | app=c:\program files\aol 9.0a\waol.exe |
"{995A0B37-31B1-4127-8A0A-EBC7B9215042}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{99D78CAA-43E3-4BFA-BBF6-68D8F1300A07}" = protocol=6 | dir=in | app=c:\windows\system32\winlogon.exe |
"{9E84763C-72E3-4867-96FB-6747639B3963}" = protocol=6 | dir=in | app=c:\windows\system32\smss32.exe |
"{9EA58F0A-2BB7-472A-A59E-A9590A57D17F}" = protocol=17 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{9F45759E-EA14-4370-8539-D6614D11C3D2}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{A44B80BE-83CB-471D-B91F-757AD839DE23}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{A6771576-1910-4B92-9788-87FB9B75CC00}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A9694D7E-15DC-4F8A-A5C7-11F70E9BC608}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{AD029DED-3A5A-4A72-8B44-18D6C19E6FB5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{B0A3304E-F2C2-4AE4-8CF1-7CF89E31D24A}" = protocol=1 | dir=in | [email protected],-28543 |
"{B59C946F-CD00-4EFE-8DB0-07F7AA0890DA}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{B600A2C2-1522-47E3-A71E-826403B1C30D}" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"{B7969ADB-4F3E-4FAE-ACE6-620E2E0F54A4}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{B8EDF91D-27D1-474D-9177-9FA812EBC7AF}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{B90028A4-F9D3-431F-A81C-575BDE4BB10E}" = dir=out | app=c:\program files\protected search\protectedsearch.exe |
"{BE0A8C03-54DF-4540-A0DE-C4366AFE5F65}" = protocol=6 | dir=in | app=c:\windows\system32\logonui.exe |
"{C67ACB81-09DE-469E-B8FD-BE8C3AC03F50}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{C72F095B-A9D4-45B2-9E7A-263D538A46A0}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{CF1433D1-3722-4FF7-BB95-EF1BF0B1901F}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{D237F071-1EC0-4E9B-9CBB-550112D7723E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D251D8A5-DC4B-4045-B50B-FA996A006FAC}" = protocol=6 | dir=in | app=c:\windows\system32\logonui.exe |
"{D50DE60C-6D9F-47A4-8F4A-6B450B757183}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{D624A49A-E8EE-41BE-9B52-6B57FEA088C8}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{D952FFCE-7658-4D42-B4C5-45462B9DEF91}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{DC88D908-EC22-4599-BEA9-F1FDACC91B46}" = dir=in | app=c:\program files\protected search\protectedsearch.exe |
"{E08DE599-6B83-45BA-BE78-C621AFC696AF}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{E91BE41F-595D-4791-BD79-72CADF882DF8}" = protocol=17 | dir=in | app=c:\windows\system32\wininit.exe |
"{EBA49F21-E1F7-4A4C-8DDA-8413870522B2}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{EC5A7373-E678-41D2-B132-E00347497A4B}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{F0834CFB-7EFD-4E04-AB96-836C5927F41E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F7A30AB5-7636-4976-BC4C-AC727FD15622}" = protocol=17 | dir=in | app=c:\windows\system32\winlogon.exe |
"{FD689607-BDAE-4776-B778-CDF584AEEE29}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FDCB53D6-796B-4CAE-8C3E-9FD23EF982B0}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"TCP Query User{00011573-6898-4BF8-94D8-A665F12D4D55}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 2011 11.0.1.400\english\setup.exe" = protocol=6 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky anti-virus 2011 11.0.1.400\english\setup.exe |
"TCP Query User{0E7BA1F7-C730-4A34-B846-C3055425471E}C:\programdata\kingsisle entertainment\pirate101\bin\pirate.exe" = protocol=6 | dir=in | app=c:\programdata\kingsisle entertainment\pirate101\bin\pirate.exe |
"TCP Query User{335938FC-6CE6-40E9-A4BA-54255E7EDB3E}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{4482040D-2475-4091-9295-ECA0E31D5901}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{4DDDADA6-3A6C-4A62-92C5-B74FB822D66D}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{53B9846F-52D3-4350-88E0-265EEB13D7B3}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{54027963-7124-4B0E-AB58-B73B7B1D437F}C:\program files\gps\pcgps.exe" = protocol=6 | dir=in | app=c:\program files\gps\pcgps.exe |
"TCP Query User{64198288-3C71-4D0B-8D58-1ACA62CB89EA}C:\program files\hp games\jeopardy\jeopardy!.exe" = protocol=6 | dir=in | app=c:\program files\hp games\jeopardy\jeopardy!.exe |
"TCP Query User{667B4F37-06E0-40D0-8768-203FDBA391A3}C:\program files\hp games\rock & roll jeopardy\rock & roll jeopardy!.exe" = protocol=6 | dir=in | app=c:\program files\hp games\rock & roll jeopardy\rock & roll jeopardy!.exe |
"TCP Query User{6687863D-ADB6-49B5-AC92-520609540B09}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{73FE4FD2-8A2B-4D00-BDCE-E75D883EDC8A}C:\program files\hp games\wheel of fortune\wheel of fortune.exe" = protocol=6 | dir=in | app=c:\program files\hp games\wheel of fortune\wheel of fortune.exe |
"TCP Query User{795A9DC1-D97A-432C-B8C5-EF4C52229755}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{9FD01190-6900-4B86-8BF2-B58535365EEE}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{03C88F3E-E2BA-4851-BBE7-A4FEEB8AE121}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{1AA05992-146F-4FFD-B2FB-D21A06BE70C5}C:\program files\hp games\wheel of fortune\wheel of fortune.exe" = protocol=17 | dir=in | app=c:\program files\hp games\wheel of fortune\wheel of fortune.exe |
"UDP Query User{1D6FEBE5-A733-402B-B382-0AB6D9B9A1C3}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{41A94CAE-7C2E-4C30-8B86-5FC5722E6C92}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{73FCC7E2-AF0E-48F4-865A-F5DAD9FB4CFB}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 2011 11.0.1.400\english\setup.exe" = protocol=17 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky anti-virus 2011 11.0.1.400\english\setup.exe |
"UDP Query User{8BC3AEE6-CA19-45B1-A861-6A50325C5789}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{8FD0056C-0F26-4D8D-8553-C6E4CF0BCD36}C:\program files\hp games\jeopardy\jeopardy!.exe" = protocol=17 | dir=in | app=c:\program files\hp games\jeopardy\jeopardy!.exe |
"UDP Query User{AC568023-3F52-49CC-AB1B-D9BC53425F10}C:\program files\gps\pcgps.exe" = protocol=17 | dir=in | app=c:\program files\gps\pcgps.exe |
"UDP Query User{BAFBA9E9-2F0D-42EB-AC41-D0646417AAAE}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{CAB864A2-0102-49C3-9FF6-25F6009797A4}C:\programdata\kingsisle entertainment\pirate101\bin\pirate.exe" = protocol=17 | dir=in | app=c:\programdata\kingsisle entertainment\pirate101\bin\pirate.exe |
"UDP Query User{DBD58FD8-646D-40C5-AB73-DBE01F996C6A}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{F3667ACD-EDB4-42C2-AB84-D27A870731A0}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{F4DECC39-B252-4A70-B656-77B306DF8DFA}C:\program files\hp games\rock & roll jeopardy\rock & roll jeopardy!.exe" = protocol=17 | dir=in | app=c:\program files\hp games\rock & roll jeopardy\rock & roll jeopardy!.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0373779B-A362-4B2E-B8E9-7442F19F9394}" = HP Total Care Advisor
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{06C84AD5-A13A-43CC-B20C-D1D5E7BA2658}" = LeapFrog Leapster Explorer Plugin
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = PC Performer Manager
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2243C6DC-39EA-4D5E-B743-3AE510A91B3A}" = WeatherBug
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{27FA210E-9F51-4E63-9C88-BAC9CC71A75A}" = RegDef2010
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java™ 6 Update 4
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.459
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1" = RebateInformer
"{55584E16-4D70-44EE-93DD-F144E8B7D4B7}" = QuickBooks Product Listing Service
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612AD33D-9824-4E87-8396-92374E91C4BB}_is1" = Inbox Toolbar
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65993388-B4F1-4C8D-9DD2-ADE9814529AA}" = SpongeBob SquarePants - The Movie EXCLUSIVE DEMO
"{662140BE-138C-4DC1-B4CD-B62C6C855A25}" = Pirate101
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1" = AppGraffiti
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142150}" = Java 2 Runtime Environment, SE v1.4.2_15
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7E545666-F422-45FD-B3DF-C0B99A1A579F}" = QuickBooks Pro 2007
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116758403}" = Dream Day Wedding Viva Las Vegas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116893980}" = Paradise Quest
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92B0DD85-4CAC-4F7D-96A6-5D6FAAFC942D}" = Worlds Best Mahjongg Games
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9F4ECB4A-AFD9-4E9F-8DF2-1E339AF8F2CF}" = ASPCA Tri Reminder by We-Care.com v4.0.7.5
"{A3CC1CC5-630B-4E60-A29A-C7A79B2226E4}_is1" = Ares 3.0.7.7075
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}" = Wizard101
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B83A15A7-2BD5-4416-BC43-AF5F9A4B08A9}" = muvee autoProducer 5.0
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C3DC29BC-A8CF-4578-9DFC-37F049C44771}" = OcxSetup
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{caf5d8dc-4651-441d-8b84-262f224eea3f}_is1" = Protected Toolbar 1.6
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B0C7EC-A61C-4180-8FAD-32624F67952D}" = FULL-DISKfighter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F9233F02-5617-4BDC-8EC6-4B798EDFE6F4}" = LeapFrog Connect
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1001 Nights: The Adventures of Sindbad" = 1001 Nights: The Adventures of Sindbad (remove only)
"3DGroove" = 3D Groove Playback Engine
"4 Elements" = 4 Elements (remove only)
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"A_Free_Ride_Games_Bar Toolbar" = A Free Ride Games Bar Toolbar
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced Registry Optimizer_is1" = Advanced Registry Optimizer
"Age of Oracles: Tara's Journey" = Age of Oracles: Tara's Journey (remove only)
"Amazonia_is1" = Amazonia
"am-chickeninvaders4ultimateomelette" = Chicken Invaders 4 - Ultimate Omelette
"American Pickers: The Road Less Traveled" = American Pickers: The Road Less Traveled
"am-reeldealepicslotsrockhero" = Reel Deal Epic Slots - Rock Hero
"Antique Road Trip 2: Homecoming" = Antique Road Trip 2: Homecoming (remove only)
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Are You Smarter Than A 5th Grader" = Are You Smarter Than A 5th Grader (remove only)
"Around the World in 80 Days" = Around the World in 80 Days (remove only)
"Avalon Legends Solitaire" = Avalon Legends Solitaire (remove only)
"AVS Audio Converter 5.1_is1" = AVS Audio Converter version 5.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"BabylonToolbar" = Babylon toolbar
"Babysitting Mania" = Babysitting Mania (remove only)
"Banana Bugs" = Banana Bugs
"BearShare MediaBar" = MediaBar 2.0
"Bejeweled 3" = Bejeweled 3
"Bejeweled Twist" = Bejeweled Twist
"BFG-1912 - Titanic Mystery" = 1912: Titanic Mystery
"BFGC" = Big Fish Games: Game Manager
"BFG-Chicken Invaders 2" = Chicken Invaders 2
"BFG-Chicken Invaders 3" = Chicken Invaders 3
"BFG-Chicken Invaders 3 Christmas Edition" = Chicken Invaders 3 Christmas Edition
"BFG-Daycare Nightmare" = Daycare Nightmare
"BFG-Diner Dash - Hometown Hero" = Diner Dash: Hometown Hero
"BFG-Diner Dash 5 - Boom Collectors Edition" = Diner Dash 5: Boom Collector's Edition
"BFG-Elizabeth Find M.D. - Diagnosis Mystery, Season 2" = Elizabeth Find M.D.: Diagnosis Mystery, Season 2
"BFG-Feeding Frenzy 2 Shipwreck Showdown" = Feeding Frenzy 2 Shipwreck Showdown
"BFG-Fish Tycoon" = Fish Tycoon
"BFG-Gardenscapes" = Gardenscapes
"BFG-Hide and Secret - The Lost World" = Hide and Secret: The Lost World
"BFG-Zoo Vet" = Zoo Vet
"Call of Atlantis" = Call of Atlantis (remove only)
"Chuzzle Christmas Edition" = Chuzzle Christmas Edition (remove only)
"Chuzzle Deluxe" = Chuzzle Deluxe
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"Cooking Dash" = Cooking Dash (remove only)
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"CouponAlert_2pbar Uninstall" = Coupon Alert
"Dark Heritage: Guardians of Hope Collector's Edition" = Dark Heritage: Guardians of Hope Collector's Edition
"Dark Parables: Curse of Briar Rose" = Dark Parables: Curse of Briar Rose (remove only)
"Daycare Nightmare" = Daycare Nightmare (remove only)
"Deep Voyage" = Deep Voyage (remove only)
"Diner Dash Hometown Hero" = Diner Dash Hometown Hero (remove only)
"Diner Dash: Flo Through Time" = Diner Dash: Flo Through Time (remove only)
"DownTown Secrets" = DownTown Secrets (remove only)
"Dragon Keeper" = Dragon Keeper (remove only)
"Dream Cars" = Dream Cars (remove only)
"Dream Day Wedding Getaways Bundle" = Dream Day Wedding Getaways Bundle (remove only)
"Dream Day Wedding: Viva Las Vegas" = Dream Day Wedding: Viva Las Vegas (remove only)
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"Dynomite Deluxe" = Dynomite Deluxe
"Empress of the Deep 2: Song of the Blue Whale" = Empress of the Deep 2: Song of the Blue Whale (remove only)
"Empress of the Deep 2: Song of the Blue Whale Collector's Edition" = Empress of the Deep 2: Song of the Blue Whale Collector's Edition (remove only)
"Epic Slots: Raiders of the Lost Tomb" = Epic Slots: Raiders of the Lost Tomb (remove only)
"Escape from Lost Island" = Escape from Lost Island (remove only)
"Escape Rosecliff Island" = Escape Rosecliff Island
"Escape the Emerald Star" = Escape The Emerald Star
"Escape Whisper Valley" = Escape Whisper Valley
"ExpressBurn" = Express Burn
"Farm Frenzy" = Farm Frenzy (remove only)
"Farm Frenzy 2" = Farm Frenzy 2 (remove only)
"Farm Frenzy 3" = Farm Frenzy 3 (remove only)
"Farm Frenzy 3: American Pie" = Farm Frenzy 3: American Pie (remove only)
"Farm Frenzy: Gone Fishing!" = Farm Frenzy: Gone Fishing! (remove only)
"Farm Frenzy: Pizza Party" = Farm Frenzy: Pizza Party (remove only)
"Farm Mania 2" = Farm Mania 2 (remove only)
"Feeding Frenzy 2 Deluxe 1.0" = Feeding Frenzy 2 Deluxe 1.0
"Feeding Frenzy Deluxe 5.7.18.1" = Feeding Frenzy Deluxe 5.7.18.1
"Fishdom" = Fishdom (remove only)
"Fishdom 2" = Fishdom 2 (remove only)
"Fishdom H2O: Hidden Odyssey" = Fishdom H2O: Hidden Odyssey (remove only)
"Fishdom: Frosty Splash" = Fishdom: Frosty Splash (remove only)
"Fishdom: Spooky Splash" = Fishdom: Spooky Splash (remove only)
"Forgotten Places: Lost Circus" = Forgotten Places: Lost Circus (remove only)
"FULL-DISKfighter" = FULL-DISKfighter
"Ghost Encounters: Deadwood" = Ghost Encounters: Deadwood (remove only)
"Ghost Town Mysteries: Bodie" = Ghost Town Mysteries: Bodie (remove only)
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Maps With GPS Tracker 33.0_is1" = 33.0
"Graboid Video" = Graboid Video 3.11
"Hidden in Time: Looking Glass Lane" = Hidden in Time: Looking Glass Lane (remove only)
"Hidden Magic" = Hidden Magic (remove only)
"Hidden Mysteries: Return to Titanic" = Hidden Mysteries: Return to Titanic
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotel Dash 2: Lost Luxuries" = Hotel Dash 2: Lost Luxuries (remove only)
"HPOOVClient-6811507 Uninstaller" = HP Connections (remove only)
"Iggle Pop Deluxe 1.0" = Iggle Pop Deluxe 1.0
"iMesh" = iMesh
"iMesh MediaBar" = MediaBar 2.0
"Immortal Lovers" = Immortal Lovers (remove only)
"Incredibar-Games_EN Toolbar" = Incredibar-Games EN Toolbar
"Insaniquarium Deluxe 1.1" = Insaniquarium Deluxe 1.1
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"InterActual Player" = InterActual Player
"It's All About Masks" = It's All About Masks (remove only)
"iWinArcade" = iWin Games (remove only)
"Jane's Zoo" = Jane's Zoo
"Jewel Quest" = Jewel Quest (remove only)
"Jewel Quest 2" = Jewel Quest 2 (remove only)
"Jewel Quest III" = Jewel Quest III (remove only)
"Jewel Quest Mysteries 2 Trail of the Midnight Heart" = Jewel Quest Mysteries 2 Trail of the Midnight Heart (remove only)
"Jewel Quest Mysteries: Curse of the Emerald Tear" = Jewel Quest Mysteries: Curse of the Emerald Tear (remove only)
"Jewel Quest Mysteries: The Oracle of Ur" = Jewel Quest Mysteries: The Oracle of Ur
"Jewel Quest Mysteries: The Oracle of Ur - Collector's Edition" = Jewel Quest Mysteries: The Oracle of Ur - Collector's Edition (remove only)
"Jewel Quest Mysteries: The Seventh Gate" = Jewel Quest Mysteries: The Seventh Gate (remove only)
"Jewel Quest Mysteries: The Seventh Gate Collector's Edition" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition (remove only)
"Jewel Quest Solitaire" = Jewel Quest Solitaire (remove only)
"Jewel Quest Solitaire II" = Jewel Quest Solitaire II (remove only)
"Jewel Quest: The Sapphire Dragon -- Collector's Edition" = Jewel Quest: The Sapphire Dragon -- Collector's Edition (remove only)
"Jewel Quest: The Sleepless Star" = Jewel Quest: The Sleepless Star
"Jewelry Secret: Mystery Stones" = Jewelry Secret: Mystery Stones (remove only)
"Journey of Hope" = Journey of Hope (remove only)
"Lamp of Aladdin" = Lamp of Aladdin (remove only)
"LeapsterExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)
"Letters from Nowhere" = Letters from Nowhere (remove only)
"Little Shop: Memories" = Little Shop: Memories (remove only)
"Living Legends: Ice Rose" = Living Legends: Ice Rose
"Love Chronicles: The Spell" = Love Chronicles: The Spell (remove only)
"Love Chronicles: The Sword and the Rose" = Love Chronicles: The Sword and the Rose (remove only)
"Luxor 2" = Luxor 2 (remove only)
"Luxor Mahjong" = Luxor Mahjong
"Macabre Mysteries: Curse of the Nightingale" = Macabre Mysteries: Curse of the Nightingale (remove only)
"Mah Jong Quest" = Mah Jong Quest (remove only)
"Mah Jong Quest II" = Mah Jong Quest II (remove only)
"Mah Jong Quest III" = Mah Jong Quest III (remove only)
"Mahjong Escape: Ancient China 1.0.0.5" = Mahjong Escape: Ancient China 1.0.0.5
"Mahjong Tales - Ancient Wisdom" = Mahjong Tales - Ancient Wisdom (remove only)
"Mahjongg Artifacts2" = Mahjongg Artifacts2 (remove only)
"Mahjongg Dimensions Deluxe 2" = Mahjongg Dimensions Deluxe 2 (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MixPad" = MixPad
"Mixxx" = NSIS Mixxx
"MSNINST" = MSN
"Murder Mystery -- Who Killed Linda Neuman" = Murder Mystery -- Who Killed Linda Neuman (remove only)
"Mysterious City: Cairo" = Mysterious City: Cairo (remove only)
"Mysterious City: Vegas" = Mysterious City: Vegas (remove only)
"Mystery Case Files: Dire Grove Collector's Edition" = Mystery Case Files: Dire Grove Collector's Edition (remove only)
"Mystery Legends: Sleepy Hollow" = Mystery Legends: Sleepy Hollow (remove only)
"Mystery Novel" = Mystery Novel (remove only)
"Mystery of Mortlake Mansion" = Mystery of Mortlake Mansion (remove only)
"Mystery of the Ancients: Lockwood Manor" = Mystery of the Ancients: Lockwood Manor (remove only)
"Mystery of Unicorn Castle" = Mystery of Unicorn Castle (remove only)
"Mystery P.I. - Lost in Los Angeles" = Mystery P.I. - Lost in Los Angeles
"Mystery P.I. - Stolen in San Francisco" = Mystery P.I. - Stolen in San Francisco
"Mystery P.I. - The London Caper" = Mystery P.I. - The London Caper
"Mystery P.I. - The Vegas Heist" = Mystery P.I. - The Vegas Heist
"Mystery P.I. The Curious Case of Counterfeit Cove" = Mystery P.I. The Curious Case of Counterfeit Cove (remove only)
"Namco All-Stars -- Pac-Man" = Namco All-Stars -- Pac-Man (remove only)
"Nightmares from the Deep: The Cursed Heart" = Nightmares from the Deep: The Cursed Heart
"NortonPCCheckup" = Norton PC Checkup
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"Odysseus -- The Long Way Home" = Odysseus -- The Long Way Home (remove only)
"Orchard" = Orchard (remove only)
"Our Worst Fears: Stained Skin" = Our Worst Fears: Stained Skin
"PC Optimizer Pro" = PC Optimizer Pro
"PC Performer_is1" = PC Performer
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"Pet Shop Hop" = Pet Shop Hop (remove only)
"Pet Show Craze" = Pet Show Craze (remove only)
"Pirateville" = Pirateville (remove only)
"Plants vs. Zombies" = Plants vs. Zombies
"Playsushi" = PlaySushi
"Protected Search_is1" = Protected Search 1.1
"Real Crimes: Jack the Ripper" = Real Crimes: Jack the Ripper (remove only)
"Real Detectives: Murder in Miami" = Real Detectives: Murder in Miami (remove only)
"RealArcade 1.2" = RealArcade
"Rise of Atlantis" = Rise of Atlantis (remove only)
"Robin's Island Adventure" = Robin's Island Adventure (remove only)
"Romance of Rome" = Romance of Rome (remove only)
"Romancing the Seven Wonders: Taj Mahal" = Romancing the Seven Wonders: Taj Mahal (remove only)
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"Season Match" = Season Match (remove only)
"Secrets of the Dark: Temple of Night" = Secrets of the Dark: Temple of Night (remove only)
"Secrets of the Past: Mother's Diary" = Secrets of the Past: Mother's Diary (remove only)
"Secrets of the Titanic: 1912-2012" = Secrets of the Titanic: 1912-2012
"Shadow Wolf Mysteries - Curse of the Full Moon" = Shadow Wolf Mysteries - Curse of the Full Moon (remove only)
"Small Town Terrors: Livingston" = Small Town Terrors: Livingston
"Smart PC Cleaner_is1" = Smart PC Cleaner v3.0
"SnappyadsGames" = Snappyads Games Collection
"SpeedItup Free_is1" = SpeedItup Free 7.85
"Sponge Bob Diner Dash 2" = Sponge Bob Diner Dash 2 (remove only)
"Spongebob Diner Dash" = Spongebob Diner Dash (remove only)
"Super Granny 6" = Super Granny 6 (remove only)
"Tales from the Dragon Mountain: The Strix" = Tales from the Dragon Mountain: The Strix (remove only)
"TBSB07396.TBSB07396Toolbar" = Freeze.com Toolbar
"Tearstone" = Tearstone (remove only)
"Texas Holdem" = Texas Holdem (remove only)
"The Agency of Anomalies: Cinderstone Orphanage" = The Agency of Anomalies: Cinderstone Orphanage
"The Agency of Anomalies: Mystic Hospital" = The Agency of Anomalies: Mystic Hospital (remove only)
"The Clumsys" = The Clumsys (remove only)
"The Enchanted Kingdom: Elisa's Adventure" = The Enchanted Kingdom: Elisa's Adventure (remove only)
"The Fall Trilogy - Chapter 1: Separation" = The Fall Trilogy - Chapter 1: Separation (remove only)
"The Hidden Object Show 2" = The Hidden Object Show 2 (remove only)
"The Institute -- A Becky Brogan Adventure" = The Institute -- A Becky Brogan Adventure (remove only)
"The Missing: a Search and Rescue Mystery" = The Missing: a Search and Rescue Mystery (remove only)
"The Tarot's Misfortune" = The Tarot's Misfortune (remove only)
"The Treasures of Mystery Island: The Ghost Ship" = The Treasures of Mystery Island: The Ghost Ship (remove only)
"Time Riddles: The Mansion" = Time Riddles: The Mansion (remove only)
"Timeless: The Forgotten Town" = Timeless: The Forgotten Town (remove only)
"TotalRecipeSearch_14bar Uninstall" = TotalRecipeSearch
"Treasure Seekers 4: The Time Has Come" = Treasure Seekers 4: The Time Has Come (remove only)
"Treasures of Montezuma 2" = Treasures of Montezuma 2 (remove only)
"Tulula: Legend of a Volcano" = Tulula: Legend of a Volcano (remove only)
"Twisted Lands: Shadow Town" = Twisted Lands: Shadow Town
"Unity" = Unity
"UnityWebPlayer" = Unity Web Player
"UPCShell" = LeapFrog Connect
"Updater Service" = Updater Service
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"Vacation Quest: The Hawaiian Islands" = Vacation Quest: The Hawaiian Islands (remove only)
"Vampireville" = Vampireville (remove only)
"VDC_is1" = Video Download Converter version 1.0.0.0
"Vegas Penny Slots Pack" = Vegas Penny Slots Pack (remove only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.1
"Voodoo Whisperer: Curse of a Legend -- Collector's Edition" = Voodoo Whisperer: Curse of a Legend -- Collector's Edition (remove only)
"Wedding Dash 2 Rings Around The World" = Wedding Dash 2 Rings Around The World (remove only)
"WiFi HotSpot Creator" = WiFi HotSpot Creator
"Wild West Quest" = Wild West Quest (remove only)
"WildTangent hp Master Uninstall" = HP Games
"WildTangent hpdesktop Master Uninstall" = My HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WiseConvert Toolbar" = WiseConvert Toolbar
"Witche's Legacy: The Charleston Curse" = Witche's Legacy: The Charleston Curse
"Wizard Land" = Wizard Land (remove only)
"Women's Murder Club Death in Scarlet" = Women's Murder Club Death in Scarlet (remove only)
"World's Greatest Places Mahjong" = World's Greatest Places Mahjong (remove only)
"World's Greatest Temples Mahjong" = World's Greatest Temples Mahjong
"Written Legends: Nightmare at Sea" = Written Legends: Nightmare at Sea (remove only)
"WTA-027150ac-ce1a-4780-b599-0c1e3393e137" = Frogs in Love
"WTA-04758f1d-90da-4c38-a5a6-3804024942fa" = Real Crimes - Jack the Ripper
"WTA-0d355794-58d2-43f2-807a-94fd4e456056" = Jade Rousseau The Secret Revelations
"WTA-0eb704ea-e8ea-49df-8659-494ea0d68048" = Mystery P.I. - The Vegas Heist
"WTA-12b9934e-e37c-426e-9efe-4d5bcf56b1fa" = Mah Jong Adventures
"WTA-18229dc0-d515-4720-8afe-e8e0a3e35496" = Golden Trails: The New Western Rush
"WTA-1896f904-90b2-4d4d-b257-af36cc48111f" = A Gypsy's Tale: Tower of Secrets
"WTA-1cd8de17-bc99-4f4d-8c80-4849d70fa1b8" = Diego's Ultimate Rescue
"WTA-1d2e7b23-8dbf-4162-a031-48fae34a0b09" = Immortal Lovers
"WTA-21cf2612-5c95-4ab4-93a6-2f33c9188e01" = Dora the Explorer - Swiper's Big Adventure
"WTA-25eb95c6-7a76-4708-8d7c-c9e4c870fc84" = Jewel Quest: The Sleepless Star - Collector's Edition
"WTA-2e52c0f5-af3a-41fd-8451-dfdf1a0a46ad" = Fishdom: Seasons Under the Sea
"WTA-3471b57e-2a7b-46c0-8a57-2e628d91a9e0" = Fish Tycoon
"WTA-387c3e04-485b-4d1e-a42d-bff37eec927a" = Fantastic Farm
"WTA-3b97fb98-caa2-452b-9437-1a8b722d684e" = Mahjongg Artifacts
"WTA-3c3cf96d-6223-4923-85c7-ab0ff4452bb5" = Oasis
"WTA-3db0a873-6b6a-433e-983b-977398d9eed3" = Mystic Gallery
"WTA-3f0632cd-fd42-44d2-b71f-dae840dd1f1d" = KaromatiX The Broken World
"WTA-3f19bf66-d09c-4983-956a-127d497d79b1" = Jewel Match 2
"WTA-43ee7365-c27e-4918-bd33-ae87a3b4ed96" = Robinson Crusoe and the Cursed Pirates
"WTA-48c8c901-7df8-48cf-8b1b-1608a8f2cd36" = Insider Tales - Vanished in Rome
"WTA-49f5b6f2-5fbc-4820-ac6b-e8c356931f0a" = The Treasures of Mystery Island 2: The Gates of Fate
"WTA-4afebc56-b83d-4427-a612-e45337f163e3" = Inner Quest
"WTA-4dda94f9-53a5-47ee-8437-6c31b1a53836" = Puzzle Quest 2
"WTA-52e7c0d2-ad7c-4a93-88b3-a1476c4c82c1" = Memory Loops
"WTA-533cd397-d7c3-453e-9185-53088ca65a71" = The Emperor's Mahjong
"WTA-546d8352-1afd-49b0-b9cf-5ce45d11bff8" = Unlikely Suspects
"WTA-5aaca09b-ad4e-4601-b30b-207907a8ba3f" = Mahjong Quest 3
"WTA-5eea5218-dfea-4ed6-97eb-8f28a05a4074" = Diner Dash - Flo Through Time
"WTA-5fbaaa51-51da-4512-b2e9-c4dacbd93a3f" = Snowy - Lunch Rush
"WTA-65648aa9-993f-4106-a4c3-ed5d179ab9fe" = Ancient Sudoku
"WTA-6949e47e-d38b-4ed5-b660-1227c927cc16" = Mahjong Escape Ancient Japan
"WTA-6c2e316c-a312-4a2e-a41b-caf6b4937698" = Incadia
"WTA-6d60e221-8823-4eb9-b9ca-712c6246e64a" = Classic Adventures - The Great Gatsby
"WTA-7f06080e-763c-4497-8e75-8d36d54d8d8e" = Fishdom - Spooky Splash
"WTA-7f4b6f9d-53e5-4e22-aaa9-0f3dd5e23526" = Women's Murder Club: Little Black Lies
"WTA-81fe09d8-0f29-4ec3-8f81-bec6845e8ae6" = Mystery P.I. - The Lottery Ticket
"WTA-86f6ef02-62d6-4202-a045-bb80655f35ef" = The Lost Kingdom Prophecy
"WTA-8ab6a5a9-0a88-41b0-a0c6-10ce532c2f7f" = Escape from Frankenstein's Castle
"WTA-8c783bc5-bf4c-43cc-8604-d53463cbfc00" = Slyder Adventures
"WTA-8d0dd0d3-aea1-4c46-952d-d75274c00211" = Diamond Detective
"WTA-9614da2a-521d-4548-ba91-4f3212613587" = Snowy - Puzzle Islands
"WTA-9801a594-bbb2-4283-99b7-9bb0fa6da554" = Special Enquiry Detail - The Hand That Feeds
"WTA-a2a5c78f-b3b9-4edd-a197-15dc349cf654" = Secrets of the Dragon Wheel
"WTA-b3f9ace3-35b4-4d70-824b-691a483148d1" = Jack the Ripper - Letters from [bleep]
"WTA-b9f1cab6-abd1-4103-9ba5-a13cadbcf8e2" = Star Crossed Love
"WTA-c99cabd6-fea5-46a4-bce0-768f89c97d5c" = Vampire Brides - Love Over Death
"WTA-ca873397-ab3f-4de5-b303-c4d6a54f9f41" = The Institute: A Becky Brogan Adventure
"WTA-cbb5bee8-f592-4780-8e73-560c78d6a568" = Luxor MahJong
"WTA-cc0efc70-b798-4a64-bd0b-a8f07e14d392" = Enlightenus
"WTA-ccd9e08e-3798-4ba2-aca8-87f4510ec382" = Maui Wowee
"WTA-d62d5966-eb00-4c7e-a069-f880b26fce56" = Banana Bugs ™
"WTA-d712d19a-9f7f-4a06-a513-a73b9abbfe59" = Garden Dreams
"WTA-d79df335-1f78-4b7f-b7a2-7205ad09b1d6" = Bookworm Adventures Volume 2
"WTA-d90a0f6b-6490-4e73-8e6f-0a773b97ee26" = Tiger Eye - Curse of the Riddle Box
"WTA-e5c9425d-7db6-47ee-b1c9-aeedf8cd5445" = Dream Day Wedding
"WTA-f4491625-473a-4ddf-b7c1-8a3f1e7925ed" = The Mysterious Case of Dr. Jekyll and Mr. Hyde
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = AT&T Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"YInstHelper" = Yahoo! Install Manager
"Youda Legend: The Golden Bird of Paradise" = Youda Legend: The Golden Bird of Paradise (remove only)
"YTdetect" = Yahoo! Detect
"Zuma Deluxe" = Zuma Deluxe

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{6A2EF989-A524-48bf-985F-9D076B334980}" = ArcadeCandy
"Game Organizer" = EasyBits GO
"Move Media Player" = Move Media Player
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/23/2013 4:42:15 PM | Computer Name = user-PC | Source = Google Update | ID = 20
Description =

Error - 1/23/2013 5:10:21 PM | Computer Name = user-PC | Source = Google Update | ID = 20
Description =

Error - 1/23/2013 7:42:15 PM | Computer Name = user-PC | Source = Google Update | ID = 20
Description =

Error - 1/23/2013 8:10:24 PM | Computer Name = user-PC | Source = Google Update | ID = 20
Description =

Error - 1/23/2013 10:42:10 PM | Computer Name = user-PC | Source = Google Update | ID = 20
Description =

Error - 1/23/2013 11:10:44 PM | Computer Name = user-PC | Source = Google Update | ID = 20
Description =

Error - 1/24/2013 1:42:21 AM | Computer Name = user-PC | Source = Google Update | ID = 20
Description =

Error - 1/24/2013 2:03:07 AM | Computer Name = user-PC | Source = Google Update | ID = 20
Description =

Error - 1/24/2013 2:11:34 AM | Computer Name = user-PC | Source = Application Hang | ID = 1002
Description = The program PCPerformer.exe version 11.10.1.2217 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 59c Start Time: 01cdf9f8226a26d6 Termination Time: 140

Error - 1/24/2013 2:15:49 AM | Computer Name = user-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6000.16771 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 8a8 Start Time: 01cdf9f820194966 Termination Time: 94

[ Media Center Events ]
Error - 4/17/2009 1:44:22 AM | Computer Name = user-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 4/29/2009 11:16:50 PM | Computer Name = user-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/21/2009 12:36:17 PM | Computer Name = user-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 9/17/2009 11:18:17 AM | Computer Name = user-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 9/17/2009 11:29:45 PM | Computer Name = user-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 9/24/2009 11:31:20 PM | Computer Name = user-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 1/13/2010 3:27:13 AM | Computer Name = user-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 4/7/2011 2:56:36 PM | Computer Name = user-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 2/23/2012 2:03:45 AM | Computer Name = user-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 1/23/2013 1:27:27 PM | Computer Name = user-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume HP.

Error - 1/23/2013 4:32:29 PM | Computer Name = user-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume HP.

Error - 1/23/2013 5:50:33 PM | Computer Name = user-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume HP.

Error - 1/24/2013 1:57:04 AM | Computer Name = user-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/24/2013 1:57:04 AM | Computer Name = user-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 1/24/2013 2:02:54 AM | Computer Name = user-PC | Source = DCOM | ID = 10010
Description =

Error - 1/24/2013 2:41:06 AM | Computer Name = user-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume HP.

Error - 1/24/2013 2:56:33 AM | Computer Name = user-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume HP.

Error - 1/24/2013 2:56:33 AM | Computer Name = user-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume HP.

Error - 1/24/2013 2:56:33 AM | Computer Name = user-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.


< End of report >
  • 0

#3
flyboy1565
Posted 24 January 2013 - 09:59 AM

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.23.03

Windows Vista x86 NTFS
Internet Explorer 7.0.6000.16982
user :: USER-PC [administrator]

1/23/2013 7:04:22 AM
mbam-log-2013-01-23 (07-04-22).txt

Scan type: Full scan (C:\|D:\|E:\|G:\|H:\|I:\|J:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 880341
Time elapsed: 14 hour(s), 41 minute(s), 39 second(s) [aborted]

Memory Processes Detected: 6
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> 3736 -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> 3744 -> Delete on reboot.
C:\Program Files\TotalRecipeSearch_14\bar\1.bin\14brmon.exe (PUP.MyWebSearch) -> 3760 -> Delete on reboot.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe (PUP.MyWebSearch) -> 3884 -> Delete on reboot.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe (PUP.MyWebSearch) -> 3892 -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> 1472 -> Delete on reboot.

Memory Modules Detected: 9
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zhkstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\TotalRecipeSearch_14\bar\1.bin\14brstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.FunWebProducts) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.FunWebProducts) -> Delete on reboot.

Registry Keys Detected: 178
HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\TotalRecipeSearch_14Service (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\VideoDownloadConverter_4zService (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.FunWebProducts) -> Quarantined and deleted successfully.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.FunWebProducts) -> Quarantined and deleted successfully.
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{7473D290-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.FunWebProducts) -> Quarantined and deleted successfully.
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.FunWebProducts) -> Quarantined and deleted successfully.
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.FunWebProducts) -> Quarantined and deleted successfully.
HKCR\CLSID\{a0154e07-2b48-475c-a82a-80efd84ea33e} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A0154E07-2B48-475C-A82A-80EFD84EA33E} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{ab56dfde-0c14-45b3-9df6-7b0eba617870} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB56DFDE-0C14-45B3-9DF6-7B0EBA617870} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AB56DFDE-0C14-45B3-9DF6-7B0EBA617870} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110011441179} (PUP.GamePlayLabs) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044444479} (PUP.GamePlayLabs) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550055445579} (PUP.GamePlayLabs) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0004479.BHO.1 (PUP.GamePlayLabs) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011441179} (PUP.GamePlayLabs) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011441179} (PUP.GamePlayLabs) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179} (PUP.GamePlayLabs) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179} (PUP.GamePlayLabs) -> Quarantined and deleted successfully.
HKCR\CLSID\{312f84fb-8970-4fd3-bddb-7012eac4afc9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{93a3111f-4f74-4ed8-895e-d9708497629e} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{c547c6c2-561b-4169-a2a5-20ba771ca93b} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C547C6C2-561B-4169-A2A5-20BA771CA93B} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{8a7d2060-824d-4b17-b00a-759b1b5f30d9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{df22384f-cf68-4d19-969f-10423715528b} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF22384F-CF68-4D19-969F-10423715528B} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF22384F-CF68-4D19-969F-10423715528B} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{1948934a-1c68-4b2b-9a1f-d12e2a062a1a} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{d7ce22af-ccb3-423f-84d5-4d77152181f3} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{004EB151-885B-4A9E-A22D-CA98DD998D75} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.ToolbarPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.ToolbarPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{1f0a2185-da7e-4614-91c0-dd5f4a76cb1b} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{16fe2505-f2a0-4782-b035-af0e5188c02c} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{79583de9-d0c2-44ef-ae0d-cbfa16c2a785} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{1116A14B-F6A3-4FD9-A00E-FF8CF270EE48} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16FE2505-F2A0-4782-B035-AF0E5188C02C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{23b38049-323f-443d-9732-f454e5b15b72} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.SettingsPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.SettingsPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{23B38049-323F-443D-9732-F454E5B15B72} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{23B38049-323F-443D-9732-F454E5B15B72} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{60e91567-ef8a-4520-bce2-83aba5256799} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{60E91567-EF8A-4520-BCE2-83ABA5256799} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{60E91567-EF8A-4520-BCE2-83ABA5256799} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{7717f4b3-397f-4ce5-9192-6effde3ac999} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{4d8eacbc-e293-4462-b91e-42ea5b54b743} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.Radio.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.Radio (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{3276E8A8-A233-449B-A7EB-FCEE21246018} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{A0636D37-97D0-4DC4-95A6-93AABA07437F} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.RadioSettings.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.RadioSettings (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{7b9f8c21-46ec-4c0b-8683-e755ef84577a} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{cf9d6d4e-5496-438e-ba24-5a580a59f5a3} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CouponAlert_2p.PseudoTransparentPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CF9D6D4E-5496-438E-BA24-5A580A59F5A3} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3462C343-BE19-4143-AF70-CEFB56F46FC6} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3A421C8F-E238-4AEB-8874-B8B5F2CC4772} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09971cee-01b8-42bc-9d91-456b1faad6be} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.MultipleButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.MultipleButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.UrlAlertButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebSearch.UrlAlertButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Giant Savings (PUP.GamePlayLabs) -> Quarantined and deleted successfully.

Registry Values Detected: 21
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|TotalRecipeSearch_14 Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~1\TOTALR~2\bar\1.bin\14brmon.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|VideoDownloadConverter Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|VideoDownloadConverter_4z Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbrmon.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{A0154E07-2B48-475C-A82A-80EFD84EA33E} (PUP.MyWebSearch) -> Data: N H+\G¨*€ïØN£> -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{A0154E07-2B48-475C-A82A-80EFD84EA33E} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{93A3111F-4F74-4ED8-895E-D9708497629E} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{8A7D2060-824D-4B17-B00A-759B1B5F30D9} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: ©Ž±#¥aI¶»
äG\Ê -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{7B9F8C21-46EC-4C0B-8683-E755EF84577A} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{A0154E07-2B48-475C-A82A-80EFD84EA33E} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{8a7d2060-824d-4b17-b00a-759b1b5f30d9} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{7b9f8c21-46ec-4c0b-8683-e755ef84577a} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{a0154e07-2b48-475c-a82a-80efd84ea33e} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 60
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zhkstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\TotalRecipeSearch_14\bar\1.bin\14brstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\TotalRecipeSearch_14\bar\1.bin\14brmon.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.FunWebProducts) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.FunWebProducts) -> Delete on reboot.
C:\Program Files\TotalRecipeSearch_14\bar\1.bin\14bar.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Giant Savings\Giant Savings.dll (PUP.GamePlayLabs) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pskin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFTBPR.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pSrcAs.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\2pradio.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Windows Live\Messenger\riched20.dll (PUP.FunWebProducts) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.FunWebProducts) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3REGHK.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.FunWebProducts) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IEOVR.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3PATCH.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3UNPAT.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSMLBTN.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSUABTN.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Giant Savings\Giant Savings.exe (PUP.GamePlayLabs) -> Quarantined and deleted successfully.
C:\Program Files\Giant Savings\Giant SavingsGui.exe (PUP.GamePlayLabs) -> Quarantined and deleted successfully.
C:\Program Files\Giant Savings\Uninstall.exe (PUP.GamePlayLabs) -> Quarantined and deleted successfully.

(end)
  • 0

#4
flyboy1565
Posted 24 January 2013 - 10:04 AM

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts
Also just for your information, it is waiting to do a service pack one update. I am going to wait until you tell me we're ready to do that.
  • 0

#5
Essexboy
Posted 24 January 2013 - 01:43 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi is the computer running slow perchance ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
SRV - [2012/11/20 20:08:12 | 000,652,128 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2012/11/14 06:58:03 | 002,413,600 | ---- | M] () [Auto | Running] -- C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\pcpmngr.exe -- (PC Performer Manager)
SRV - [2012/06/06 08:16:30 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - [2011/04/28 09:14:01 | 000,036,864 | ---- | M] (CouponAlert) [Auto | Running] -- C:\Program Files\CouponAlert_2p\bar\1.bin\2pbarsvc.exe -- (CouponAlert_2pService)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.protec...e=true&tid=3026
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.protec...e=true&tid=3026
IE - HKLM\..\URLSearchHook: {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} - C:\Program Files\Incredibar-Games_EN\prxtbIncr.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {f92a9fe4-2850-4198-b9d5-279880e49b16} - C:\Program Files\A_Free_Ride_Games_Bar\prxtbA_F0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3196716
IE - HKLM\..\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsea...B&si=pconverter
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.protec...e=true&tid=3026
IE - HKCU\..\URLSearchHook: {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} - C:\Program Files\Incredibar-Games_EN\prxtbIncr.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {f92a9fe4-2850-4198-b9d5-279880e49b16} - C:\Program Files\A_Free_Ride_Games_Bar\prxtbA_F0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0000018f3f26cd3
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3196716
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox...id=80565&lng=en
IE - HKCU\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.Incre...IAXwR5Objl&i=38
FF - HKLM\Software\MozillaPlugins\@CouponAlert_2p.com/Plugin: C:\Program Files\CouponAlert_2p\bar\1.bin\NP2pStub.dll (CouponAlert)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll File not found
FF - HKLM\Software\MozillaPlugins\@TotalRecipeSearch_14.com/Plugin: C:\Program Files\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C176060C-6A46-4720-8BD5-23C0958ACE27}: C:\Users\user\AppData\Local\{C176060C-6A46-4720-8BD5-23C0958ACE27} [2010/01/07 17:54:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\2pffxtbr@CouponAlert_2p.com: C:\Program Files\CouponAlert_2p\bar\1.bin [2013/01/23 21:49:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin [2013/01/23 21:55:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\14ffxtbr@TotalRecipeSearch_14.com: C:\Program Files\TotalRecipeSearch_14\bar\1.bin [2013/01/23 21:55:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/06/27 17:46:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin [2013/01/23 21:55:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\user\AppData\Roaming\Move Networks [2009/06/06 08:04:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\user\AppData\Local\ArcadeCandy\[email protected] [2012/07/02 10:33:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{182812ed-1c22-4e1f-9a8d-990282d594da}: C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012/11/20 20:10:38 | 000,000,000 | ---D | M]
O2 - BHO: (Incredibar-Games EN Toolbar) - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} - C:\Program Files\Incredibar-Games_EN\prxtbIncr.dll (Conduit Ltd.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll File not found
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (Protected Toolbar) - {61096323-3324-48fb-925b-4206f342e162} - C:\Users\user\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll (Simplytech Ltd.)
O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd)
O2 - BHO: (IEHlprObj Class) - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Users\user\Jewel Quest Games\iWin Games\iWinGamesHookIE.dll (iWin Inc.)
O2 - BHO: (ArcadeCandy Games) - {AB6BD08C-DB6B-4F02-8A22-4BD343E990FF} - C:\Users\user\AppData\Local\ArcadeCandy\candyEX.dll (ArcadeCandy LLC)
O2 - BHO: (no name) - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - C:\Program Files\RebateInformer\RebateI.dll (Inbox.com, Inc.)
O2 - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.)
O2 - BHO: (A Free Ride Games Bar Toolbar) - {f92a9fe4-2850-4198-b9d5-279880e49b16} - C:\Program Files\A_Free_Ride_Games_Bar\prxtbA_F0.dll (Conduit Ltd.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Incredibar-Games EN Toolbar) - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} - C:\Program Files\Incredibar-Games_EN\prxtbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll File not found
O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll File not found
O3 - HKLM\..\Toolbar: (Protected Toolbar) - {61096323-3324-48fb-925b-4206f342e162} - C:\Users\user\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll (Simplytech Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)
O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKLM\..\Toolbar: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (A Free Ride Games Bar Toolbar) - {f92a9fe4-2850-4198-b9d5-279880e49b16} - C:\Program Files\A_Free_Ride_Games_Bar\prxtbA_F0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Incredibar-Games EN Toolbar) - {238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9} - C:\Program Files\Incredibar-Games_EN\prxtbIncr.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (VideoDownloadConverter) - {48586425-6BB7-4F51-8DC6-38C88E3EBB58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)
O3 - HKCU\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (WiseConvert Toolbar) - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - C:\Program Files\WiseConvert\prxtbWise.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (A Free Ride Games Bar Toolbar) - {F92A9FE4-2850-4198-B9D5-279880E49B16} - C:\Program Files\A_Free_Ride_Games_Bar\prxtbA_F0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [CommonToolkitTray] C:\Program Files\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)
O4 - HKLM..\Run: [CouponAlert_2p Browser Plugin Loader] C:\Program Files\CouponAlert_2p\bar\1.bin\2pbrmon.exe (CouponAlert)
O4 - HKLM..\Run: [SpeetItUpFree] C:\Program Files\SpeedItup Free\speeditupfree.exe (MicroSmarts LLC.)
O4 - HKLM..\Run: [Starter] C:\Program Files\Driver-Soft\DriverGenius\StarterW3i.exe (Driver-Soft Inc.)O4 - HKCU..\Run: [Exetender] C:\Program Files\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKCU..\Run: [RebateInformer] C:\Program Files\RebateInformer\RebateInf.exe (Inbox.com, Inc.)
O4 - HKCU..\Run: [Smart PC Cleaner] C:\Program Files\Smart PC Cleaner\SPCLauncher.exe (Smart PC Cleaner)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] UnHackMe Rootkit Check File not found
O15 - HKCU\..Trusted Domains: buy-security-essentials.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: download-soft-package.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: download-software-package.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: get-key-se10.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: is-software-download.com ([]http in Trusted sites)
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O18 - Protocol\Handler\rebinfo {AF808758-C780-404C-A4EE-4526323FD9B6} - C:\Program Files\RebateInformer\RebateI.dll (Inbox.com, Inc.)
O20 - AppInit_DLLs: (c:\progra~2\pcperf~1\25912~1.8\{16cdf~1\pcpmngr.dll satulosu.dll) - File not found
[2013/01/23 22:01:04 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
[2013/01/23 22:00:34 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2013/01/23 20:13:02 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\PC Performer_UPDATES.job
[2013/01/23 20:00:04 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\CandyUpdater.job
[2013/01/23 15:56:16 | 000,000,436 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro Updates.job
[2013/01/23 15:01:44 | 000,000,262 | ---- | M] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2013/01/21 20:00:00 | 000,000,662 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - user.job
[2099/01/01 12:00:00 | 000,006,456 | -H-- | C] () -- C:\Windows\System32\mobagudo
[2010/02/18 22:07:39 | 000,000,008 | ---- | C] () -- C:\Users\user\AppData\Roaming\wpp.exe
[2010/01/07 17:54:50 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\Vkone.bin
[2010/01/07 17:54:48 | 000,000,120 | ---- | C] () -- C:\Users\user\AppData\Local\Btidejo.dat
[2009/12/01 09:42:41 | 000,027,150 | ---- | C] () -- C:\Users\user\AppData\Local\slot1.mm1
[2009/01/03 16:55:42 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\7340f9db2b8cbd45
[2009/01/03 16:55:37 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\c7a25efb5811a9ca
[2009/01/03 16:55:17 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\31554495acb84a74
[2009/01/03 16:54:17 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\aaed748a2b0c0a67
[2009/01/03 16:54:12 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\e0ec521d7ed9069a
[2008/12/26 15:31:55 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\c673d89093f6c494
[2008/12/26 15:23:04 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\2bb753373a9cc2a7
[2008/12/26 15:19:34 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\1e8607d712983b24
[2008/12/26 15:19:19 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\f927f14863fcf804
[2008/12/26 15:12:13 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\35c1a60090c47e0e
[2008/12/26 15:12:08 | 000,003,262 | ---- | C] () -- C:\Users\user\AppData\Roaming\198881056b266b47
[2008/12/23 17:30:38 | 000,000,165 | ---- | C] () -- C:\ProgramData\service.dat

:Files
C:\ProgramData\IBUpdaterService
C:\ProgramData\PC Performer Manager
C:\Program Files\Protected Search
C:\Program Files\Web Assistant
C:\Program Files\SpeedItup Free
C:\Program Files\CouponAlert_2p

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN


Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that
  • 0

#6
flyboy1565
Posted 25 January 2013 - 01:25 AM

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts
I think my old windows 95 runs alot faster than this thing is moving

All processes killed
========== OTL ==========
Service IBUpdaterService stopped successfully!
Service IBUpdaterService deleted successfully!
C:\ProgramData\IBUpdaterService\ibsvc.exe moved successfully.
Service PC Performer Manager stopped successfully!
Service PC Performer Manager deleted successfully!
File move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\pcpmngr.exe scheduled to be moved on reboot.
Service Web Assistant Updater stopped successfully!
Service Web Assistant Updater deleted successfully!
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe moved successfully.
Service CouponAlert_2pService stopped successfully!
Service CouponAlert_2pService deleted successfully!
C:\Program Files\CouponAlert_2p\bar\1.bin\2pbarsvc.exe moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Bar| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9}\ deleted successfully.
C:\Program Files\Incredibar-Games_EN\prxtbIncr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ deleted successfully.
C:\Program Files\uTorrentBar\prxtbuTor.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}\ deleted successfully.
C:\Program Files\WiseConvert\prxtbWise.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{f92a9fe4-2850-4198-b9d5-279880e49b16} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f92a9fe4-2850-4198-b9d5-279880e49b16}\ deleted successfully.
C:\Program Files\A_Free_Ride_Games_Bar\prxtbA_F0.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cca2e567-1987-4100-a3c6-5b4267084510}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultName| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Bar| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9}\ not found.
File C:\Program Files\Incredibar-Games_EN\prxtbIncr.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}\ not found.
File C:\Program Files\WiseConvert\prxtbWise.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{f92a9fe4-2850-4198-b9d5-279880e49b16} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f92a9fe4-2850-4198-b9d5-279880e49b16}\ not found.
File C:\Program Files\A_Free_Ride_Games_Bar\prxtbA_F0.dll not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C04B7D22-5AEC-4561-8F49-27F6269208F6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@CouponAlert_2p.com/Plugin\ deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\NP2pStub.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mywebsearch.com/Plugin\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@TotalRecipeSearch_14.com/Plugin\ deleted successfully.
C:\Program Files\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@unity3d.com/UnityPlayer\ deleted successfully.
C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin\ deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@viewpoint.com/VMP\ deleted successfully.
C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0\ deleted successfully.
C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C176060C-6A46-4720-8BD5-23C0958ACE27} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C176060C-6A46-4720-8BD5-23C0958ACE27}\ not found.
C:\Users\user\AppData\Local\{C176060C-6A46-4720-8BD5-23C0958ACE27}\chrome\content folder moved successfully.
C:\Users\user\AppData\Local\{C176060C-6A46-4720-8BD5-23C0958ACE27}\chrome folder moved successfully.
C:\Users\user\AppData\Local\{C176060C-6A46-4720-8BD5-23C0958ACE27} folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\2pffxtbr@CouponAlert_2p.com deleted successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin\chrome folder moved successfully.
C:\Program Files\CouponAlert_2p\bar\1.bin folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected] deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\ThirdPartyInstallers folder moved successfully.
C:\Program Files\MyWebSearch\bar\1.bin\chrome folder moved successfully.
C:\Program Files\MyWebSearch\bar\1.bin folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\14ffxtbr@TotalRecipeSearch_14.com deleted successfully.
C:\Program Files\TotalRecipeSearch_14\bar\1.bin\chrome folder moved successfully.
C:\Program Files\TotalRecipeSearch_14\bar\1.bin folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ deleted successfully.
C:\Program Files\Web Assistant\Firefox\defaults\preferences folder moved successfully.
C:\Program Files\Web Assistant\Firefox\defaults folder moved successfully.
C:\Program Files\Web Assistant\Firefox\chrome\skin folder moved successfully.
C:\Program Files\Web Assistant\Firefox\chrome\locale\en-US folder moved successfully.
C:\Program Files\Web Assistant\Firefox\chrome\locale folder moved successfully.
C:\Program Files\Web Assistant\Firefox\chrome\content\resources folder moved successfully.
C:\Program Files\Web Assistant\Firefox\chrome\content\libraries folder moved successfully.
C:\Program Files\Web Assistant\Firefox\chrome\content folder moved successfully.
C:\Program Files\Web Assistant\Firefox\chrome folder moved successfully.
C:\Program Files\Web Assistant\Firefox folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\ThirdPartyInstallers folder moved successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\chrome folder moved successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin folder moved successfully.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected] deleted successfully.
C:\Users\user\AppData\Roaming\Move Networks\plugins folder moved successfully.
C:\Users\user\AppData\Roaming\Move Networks\ie_bin folder moved successfully.
C:\Users\user\AppData\Roaming\Move Networks folder moved successfully.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected] deleted successfully.
C:\Users\user\AppData\Local\ArcadeCandy\[email protected]\components folder moved successfully.
C:\Users\user\AppData\Local\ArcadeCandy\[email protected]\chrome folder moved successfully.
C:\Users\user\AppData\Local\ArcadeCandy\[email protected] folder moved successfully.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{182812ed-1c22-4e1f-9a8d-990282d594da} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{182812ed-1c22-4e1f-9a8d-990282d594da}\ not found.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9}\ not found.
File C:\Program Files\Incredibar-Games_EN\prxtbIncr.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
C:\Program Files\Web Assistant\Extension32.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61096323-3324-48fb-925b-4206f342e162}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61096323-3324-48fb-925b-4206f342e162}\ deleted successfully.
C:\Users\user\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}\ deleted successfully.
C:\Program Files\AppGraffiti\AppGraffiti.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8CA5ED52-F3FB-4414-A105-2E3491156990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8CA5ED52-F3FB-4414-A105-2E3491156990}\ deleted successfully.
C:\Users\user\Jewel Quest Games\iWin Games\iWinGamesHookIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB6BD08C-DB6B-4F02-8A22-4BD343E990FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB6BD08C-DB6B-4F02-8A22-4BD343E990FF}\ deleted successfully.
C:\Users\user\AppData\Local\ArcadeCandy\candyEX.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB69577-088B-4004-9ED8-FF5BCC83A039}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCB69577-088B-4004-9ED8-FF5BCC83A039}\ deleted successfully.
C:\Program Files\RebateInformer\RebateI.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}\ deleted successfully.
C:\Program Files\Inbox Toolbar\Inbox.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}\ deleted successfully.
C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}\ not found.
File C:\Program Files\WiseConvert\prxtbWise.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f92a9fe4-2850-4198-b9d5-279880e49b16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f92a9fe4-2850-4198-b9d5-279880e49b16}\ not found.
File C:\Program Files\A_Free_Ride_Games_Bar\prxtbA_F0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
C:\Program Files\Yontoo\YontooIEClient.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9}\ not found.
File Games_EN\prxtbIncr.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{61096323-3324-48fb-925b-4206f342e162} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61096323-3324-48fb-925b-4206f342e162}\ not found.
File C:\Users\user\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll not found.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ deleted successfully.
C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}\ deleted successfully.
File C:\Program Files\Inbox Toolbar\Inbox.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}\ not found.
File C:\Program Files\WiseConvert\prxtbWise.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{f92a9fe4-2850-4198-b9d5-279880e49b16} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f92a9fe4-2850-4198-b9d5-279880e49b16}\ not found.
File C:\Program Files\A_Free_Ride_Games_Bar\prxtbA_F0.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9}\ not found.
File Games_EN\prxtbIncr.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{48586425-6BB7-4F51-8DC6-38C88E3EBB58} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
File C:\Program Files\uTorrentBar\prxtbuTor.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ not found.
File C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}\ not found.
File C:\Program Files\Inbox Toolbar\Inbox.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}\ not found.
File C:\Program Files\WiseConvert\prxtbWise.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F92A9FE4-2850-4198-B9D5-279880E49B16} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F92A9FE4-2850-4198-B9D5-279880E49B16}\ not found.
File C:\Program Files\A_Free_Ride_Games_Bar\prxtbA_F0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CommonToolkitTray deleted successfully.
C:\Program Files\Fighters\Tray\FightersTray.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CouponAlert_2p Browser Plugin Loader deleted successfully.
File C:\Program Files\CouponAlert_2p\bar\1.bin\2pbrmon.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpeetItUpFree deleted successfully.
C:\Program Files\SpeedItup Free\speeditupfree.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Starter deleted successfully.
File C:\Program Files\Driver-Soft\DriverGenius\StarterW3i.exe (Driver-Soft Inc.)O4 - HKCU..\Run: [Exetender] C:\Program Files\Free Ride Games\GPlayer.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RebateInformer deleted successfully.
C:\Program Files\RebateInformer\RebateInf.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Smart PC Cleaner deleted successfully.
C:\Program Files\Smart PC Cleaner\SPCLauncher.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx\\Flags deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx\\Title deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\buy-security-essentials.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-soft-package.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-software-package.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\get-key-se10.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\is-software-download.com\ deleted successfully.
File C:\Program Files\Inbox Toolbar\Inbox.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\inbox\ deleted successfully.
File C:\Program Files\Inbox Toolbar\Inbox.dll not found.
File C:\Program Files\RebateInformer\RebateI.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\rebinfo\ deleted successfully.
File C:\Program Files\RebateInformer\RebateI.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\pcperf~1\25912~1.8\{16cdf~1\pcpmngr.dll satulosu.dll deleted successfully.
C:\Windows\Tasks\PC Optimizer Pro startups.job moved successfully.
C:\Windows\Tasks\DriverScanner.job moved successfully.
C:\Windows\Tasks\PC Performer_UPDATES.job moved successfully.
C:\Windows\Tasks\CandyUpdater.job moved successfully.
C:\Windows\Tasks\PC Optimizer Pro Updates.job moved successfully.
C:\Windows\Tasks\PC Performer_DEFAULT.job moved successfully.
C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - user.job moved successfully.
C:\Windows\System32\mobagudo moved successfully.
C:\Users\user\AppData\Roaming\wpp.exe moved successfully.
C:\Users\user\AppData\Local\Vkone.bin moved successfully.
C:\Users\user\AppData\Local\Btidejo.dat moved successfully.
C:\Users\user\AppData\Local\slot1.mm1 moved successfully.
C:\Users\user\AppData\Roaming\7340f9db2b8cbd45 moved successfully.
C:\Users\user\AppData\Roaming\c7a25efb5811a9ca moved successfully.
C:\Users\user\AppData\Roaming\31554495acb84a74 moved successfully.
C:\Users\user\AppData\Roaming\aaed748a2b0c0a67 moved successfully.
C:\Users\user\AppData\Roaming\e0ec521d7ed9069a moved successfully.
C:\Users\user\AppData\Roaming\c673d89093f6c494 moved successfully.
C:\Users\user\AppData\Roaming\2bb753373a9cc2a7 moved successfully.
C:\Users\user\AppData\Roaming\1e8607d712983b24 moved successfully.
C:\Users\user\AppData\Roaming\f927f14863fcf804 moved successfully.
C:\Users\user\AppData\Roaming\35c1a60090c47e0e moved successfully.
C:\Users\user\AppData\Roaming\198881056b266b47 moved successfully.
C:\ProgramData\service.dat moved successfully.
========== FILES ==========
C:\ProgramData\IBUpdaterService folder moved successfully.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753} scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8 scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager scheduled to be moved on reboot.
C:\Program Files\Protected Search folder moved successfully.
C:\Program Files\Web Assistant\resources folder moved successfully.
C:\Program Files\Web Assistant\libraries folder moved successfully.
C:\Program Files\Web Assistant folder moved successfully.
C:\Program Files\SpeedItup Free\Help\images folder moved successfully.
C:\Program Files\SpeedItup Free\Help folder moved successfully.
C:\Program Files\SpeedItup Free folder moved successfully.
C:\Program Files\CouponAlert_2p\bar\Settings folder moved successfully.
C:\Program Files\CouponAlert_2p\bar\Message folder moved successfully.
C:\Program Files\CouponAlert_2p\bar\History folder moved successfully.
C:\Program Files\CouponAlert_2p\bar folder moved successfully.
C:\Program Files\CouponAlert_2p folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest2
->Temp folder emptied: 116906469 bytes
->Temporary Internet Files folder emptied: 35417624 bytes
->Google Chrome cache emptied: 190070263 bytes
->Flash cache emptied: 55156 bytes

User: Public
->Temp folder emptied: 0 bytes

User: user
->Temp folder emptied: 802349719 bytes
->Temporary Internet Files folder emptied: 74858384 bytes
->Java cache emptied: 5370620 bytes
->Google Chrome cache emptied: 11197859 bytes
->Apple Safari cache emptied: 19794944 bytes
->Flash cache emptied: 3961157 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 129728 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1328230753 bytes
RecycleBin emptied: 6647925700 bytes

Total Files Cleaned = 8,808.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 01242013_223206

Files\Folders moved on Reboot...
File move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\pcpmngr.exe scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753} scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753} scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8 scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8\{16cdff19-861d-48e3-a751-d99a27784753} scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager\2.5.912.8 scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\PC Performer Manager scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}\ not found.
  • 0

#7
Essexboy
Posted 25 January 2013 - 06:57 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
AdwCleaner should remove the entries I could not see, once you have run that and posted the log could you run a fresh OTL scan and let me know how the computer is behaving
  • 0

#8
flyboy1565
Posted 25 January 2013 - 09:21 AM

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts
# AdwCleaner v2.108 - Logfile created 01/24/2013 at 23:32:00
# Updated 24/01/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium (32 bits)
# User : user - USER-PC
# Boot Mode : Normal
# Running from : C:\Users\user\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\pc performer manager
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\user.js
Folder Deleted : C:\Program Files\A_Free_Ride_Games_Bar
Folder Deleted : C:\Program Files\AppGraffiti
Folder Deleted : C:\Program Files\BabylonToolbar
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\Program Files\FunWebProducts
Folder Deleted : C:\Program Files\Giant Savings
Folder Deleted : C:\Program Files\Inbox Toolbar
Folder Deleted : C:\Program Files\Inbox.com
Folder Deleted : C:\Program Files\Incredibar-Games_EN
Folder Deleted : C:\Program Files\MyWebSearch
Folder Deleted : C:\Program Files\PlaySushi
Folder Deleted : C:\Program Files\RebateInformer
Folder Deleted : C:\Program Files\TotalRecipeSearch_14EI
Folder Deleted : C:\Program Files\uTorrentBar
Folder Deleted : C:\Program Files\VideoDownloadConverter_4z
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\WiseConvert
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\iWin
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RebateInformer
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpimglhojapikoeeifcifanbeinephdm
Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\pcperf~1\25912~1.8\{16cdf~1\pcpmngr.dll
Key Deleted : HKCU\Software\86d68be639ea44
Key Deleted : HKCU\Software\AppDataLow\PlaySushi
Key Deleted : HKCU\Software\AppDataLow\Software\A_Free_Ride_Games_Bar
Key Deleted : HKCU\Software\AppDataLow\Software\alot
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\CouponAlert_2p
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\Giant Savings
Key Deleted : HKCU\Software\AppDataLow\Software\Incredibar-Games_EN
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\ShoppingReport
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\TotalRecipeSearch_14EI
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar
Key Deleted : HKCU\Software\AppDataLow\Software\WiseConvert
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppGraffiti
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Freeze.com
Key Deleted : HKCU\Software\FunWebProducts
Key Deleted : HKCU\Software\Google\Chrome\Extensions\dpimglhojapikoeeifcifanbeinephdm
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Inbox Toolbar
Key Deleted : HKCU\Software\incredibar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\alotToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\CouponAlert_2pbar Uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PlaySushi
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentBar Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F92A9FE4-2850-4198-B9D5-279880E49B16}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDF6C42-132C-45F5-92DE-DC13F40C6DAB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D110574-046A-43BB-A64C-4219E6A097DA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21608B66-026F-4DCB-9244-0DACA328DCED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{322F82C7-DE90-4579-93AA-971DCF45B5E9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F92A9FE4-2850-4198-B9D5-279880E49B16}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Deleted : HKCU\Software\MyWebSearch
Key Deleted : HKCU\Software\PerformerSoft
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKLM\SOFTWARE\86d68be639ea44
Key Deleted : HKLM\Software\A_Free_Ride_Games_Bar
Key Deleted : HKLM\Software\AppGraffiti
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppGraffiti.AppGraffitiJS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{E89A07B5-BD7A-43F9-BDA4-0DAA48AC4FA5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PSText.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0BDF6C42-132C-45F5-92DE-DC13F40C6DAB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{16E50291-5107-475B-9921-35C02AAD52BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1D110574-046A-43BB-A64C-4219E6A097DA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022442279}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23B0AE65-17D2-4491-98E5-B1AA6228DDA2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D205ADF-C992-4EDA-99C3-096E13F38AB4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{322F82C7-DE90-4579-93AA-971DCF45B5E9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033443379}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CD80FC7-1D8D-4BC3-BAC6-8B9543FC57ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{411B1946-3277-4A7F-9F60-745266360613}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{41BE5DC3-212A-44A3-8811-4A54E9D2884A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{457A4CB8-0391-409D-98B4-C4CCB2849670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{84576F6E-0660-4B4F-8918-BC6C975044D4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86D02BCF-0E0E-444F-8A8D-2D5C4A9E6578}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8867AC9B-4426-44A2-A693-C95850D3405C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B3F577-D54A-4831-B2B4-8AACEEDA85CF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ABD76B36-FA19-47A4-936A-1FC15F99705E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF808758-C780-404C-A4EE-4526323FD9B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C2DF3856-676C-41DC-A73B-FACBDF8E81E9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB35C569-5624-4CFC-8043-E5139F55A073}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DEF07ACD-BCEA-4269-933A-4087D20842BB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBBC4E43-292A-40DF-88E3-3262B7521460}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBD24BD3-E272-4FA3-A8BA-C5D709757CAB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.DynamicBarButton
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.DynamicBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.XMLSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.XMLSessionPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.FBApi
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.FBApi.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Client
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Script
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Server
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Server2
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{041278C7-DF92-486D-AE85-921BDFC75A43}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F1794F2-900B-4C81-8146-9234E5CC5BE2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{21D9997E-5D2A-4737-BCBA-C958C0590295}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{36A7148B-639E-423C-90BB-30B6E1A40BD7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45A8F904-D9CA-439B-9CBB-11097B45D9E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5272CCD4-4199-4B04-BF68-B28A0DCF0151}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56965DCF-718F-4148-BECF-5A2B466F4556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{58E64AEE-516A-4DFC-AC38-31C50E8AF0F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5F701D7D-C869-41F0-B0E2-8136F02B539C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{61DAB0AD-AD23-4E40-84AC-7C6CE64D4EB3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{65D8E17B-312E-4E12-913B-A841A8631143}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446679}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6BDA50D2-5597-4C68-A842-9B857FCCDA49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6CA3D0AB-F807-462C-BA7F-E27F07F91E32}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077447779}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{860AF5D1-0735-409D-8E5F-E3E99356D7E9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8997561D-CF0B-42C7-AAE6-78801B3ADC7F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{92580E8C-88F5-4551-9D9E-8147E7EE2C32}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A786F51D-B3C7-4F52-91EF-E1A892C2A2AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D244EAC5-A0F5-4859-A1F8-18ABC0AC3A00}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8AF87C1-0B1E-494B-AAF0-CECC3FFEDF99}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC4DAE-7794-4E16-9A98-F6001303DCD0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAB77009-B974-48DF-8229-E70CFAA11C69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EBAA6283-B61F-4DDD-9659-56635433A307}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFB0C189-5077-4340-9838-AF7B8E792A54}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFB4F034-3EB5-48D5-84DD-89BBCF9A182F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F165085B-6B85-4AD5-AD00-95552A823F6D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9D45087-1CF1-452E-9649-FDFDAC578E03}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF2EBC1C-6579-41DB-91DD-945A1C8DB2D2}
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\PlaySushi32.PlaySushi
Key Deleted : HKLM\SOFTWARE\Classes\PlaySushi32.PlaySushi.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\PSText.IEButton
Key Deleted : HKLM\SOFTWARE\Classes\PSText.IEButton.1
Key Deleted : HKLM\SOFTWARE\Classes\RebateI.Rebate Informer BHO
Key Deleted : HKLM\SOFTWARE\Classes\RebateI.RebateInformImageGen
Key Deleted : HKLM\SOFTWARE\Classes\RebateInf.RebateInfObj
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1320680
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3158970
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{20BCCE5A-C687-46FF-8DD2-AD8235F5F2B4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{438B047C-C041-4D15-98CF-A97C6B366C28}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{53CA18E7-5223-4358-9FD9-97C62C66C5BD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{60FC9013-4A5A-4306-9695-FCE0A6617F22}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7924FD2B-877C-4395-A063-A88AB887EA6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8542E415-0E53-4261-8BE4-0D1598229D90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{975BBCC0-19DF-47C2-9AE2-D78EEFA96821}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A4116F8C-A634-4536-B9EF-6B9EBCC5BAE1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C7E7FB02-C4FD-446E-8F5B-463A049935BF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EBAF2B4F-510A-47C7-86BA-E7D94D1162F6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\CouponAlert_2p
Key Deleted : HKLM\Software\CToolbar
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\FocusInteractive
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Fun Web Products
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dpimglhojapikoeeifcifanbeinephdm
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKLM\Software\Inbox Toolbar
Key Deleted : HKLM\Software\Incredibar-Games_EN
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23EAC39F-D3A7-4878-AE15-8C92C9038348}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AF08E71-3657-462F-898C-F7E791948F94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56965DCF-718F-4148-BECF-5A2B466F4556}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7225F6C9-CF64-4D6D-AE8A-169779FD7B4D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E2CE51F-0FDD-4722-B988-2D66ABFFFA0D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{945B5635-12B3-4711-B36D-B3E714C0A8CB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E2BDB28-5E4F-45B0-AF82-4EF4F3C5A075}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AEDF2B52-7A3E-4E9E-9952-B2850DA3698D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B299B85C-9849-4B06-81B2-E7386FEF62CF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7F48ACD-D5E0-4F48-8FD6-E925B11DA2FA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC680016-621B-46FB-B55D-C1827C955547}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0BDF6C42-132C-45F5-92DE-DC13F40C6DAB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D110574-046A-43BB-A64C-4219E6A097DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{322F82C7-DE90-4579-93AA-971DCF45B5E9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{411B1946-3277-4A7F-9F60-745266360613}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8867AC9B-4426-44A2-A693-C95850D3405C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{95B3F577-D54A-4831-B2B4-8AACEEDA85CF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C2DF3856-676C-41DC-A73B-FACBDF8E81E9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\A_Free_Ride_Games_Bar Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CouponAlert_2pbar Uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Incredibar-Games_EN Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PlaySushi
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TBSB07396.TBSB07396Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WiseConvert Toolbar
Key Deleted : HKLM\Software\MyWebSearch
Key Deleted : HKLM\Software\PerformerSoft
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\uTorrentBar
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\Software\WiseConvert
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.16982

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.56

*************************

AdwCleaner[S1].txt - [44379 octets] - [24/01/2013 23:32:00]

########## EOF - C:\AdwCleaner[S1].txt - [44440 octets] ##########
  • 0

#9
Essexboy
Posted 25 January 2013 - 09:24 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That should have speeded it up a bit, it will probably need a defrag

When I have seen the OTL log I will know what remains.. How is the computer now ?
  • 0

#10
flyboy1565
Posted 25 January 2013 - 09:42 PM

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts
# AdwCleaner v2.108 - Logfile created 01/24/2013 at 23:32:00
# Updated 24/01/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium (32 bits)
# User : user - USER-PC
# Boot Mode : Normal
# Running from : C:\Users\user\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\pc performer manager
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\user.js
Folder Deleted : C:\Program Files\A_Free_Ride_Games_Bar
Folder Deleted : C:\Program Files\AppGraffiti
Folder Deleted : C:\Program Files\BabylonToolbar
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\Program Files\FunWebProducts
Folder Deleted : C:\Program Files\Giant Savings
Folder Deleted : C:\Program Files\Inbox Toolbar
Folder Deleted : C:\Program Files\Inbox.com
Folder Deleted : C:\Program Files\Incredibar-Games_EN
Folder Deleted : C:\Program Files\MyWebSearch
Folder Deleted : C:\Program Files\PlaySushi
Folder Deleted : C:\Program Files\RebateInformer
Folder Deleted : C:\Program Files\TotalRecipeSearch_14EI
Folder Deleted : C:\Program Files\uTorrentBar
Folder Deleted : C:\Program Files\VideoDownloadConverter_4z
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\WiseConvert
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\iWin
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RebateInformer
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpimglhojapikoeeifcifanbeinephdm
Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\pcperf~1\25912~1.8\{16cdf~1\pcpmngr.dll
Key Deleted : HKCU\Software\86d68be639ea44
Key Deleted : HKCU\Software\AppDataLow\PlaySushi
Key Deleted : HKCU\Software\AppDataLow\Software\A_Free_Ride_Games_Bar
Key Deleted : HKCU\Software\AppDataLow\Software\alot
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\CouponAlert_2p
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\Giant Savings
Key Deleted : HKCU\Software\AppDataLow\Software\Incredibar-Games_EN
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\ShoppingReport
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\TotalRecipeSearch_14EI
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar
Key Deleted : HKCU\Software\AppDataLow\Software\WiseConvert
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppGraffiti
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Freeze.com
Key Deleted : HKCU\Software\FunWebProducts
Key Deleted : HKCU\Software\Google\Chrome\Extensions\dpimglhojapikoeeifcifanbeinephdm
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Inbox Toolbar
Key Deleted : HKCU\Software\incredibar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\alotToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\CouponAlert_2pbar Uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PlaySushi
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentBar Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F92A9FE4-2850-4198-B9D5-279880E49B16}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDF6C42-132C-45F5-92DE-DC13F40C6DAB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D110574-046A-43BB-A64C-4219E6A097DA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21608B66-026F-4DCB-9244-0DACA328DCED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{322F82C7-DE90-4579-93AA-971DCF45B5E9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F92A9FE4-2850-4198-B9D5-279880E49B16}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Deleted : HKCU\Software\MyWebSearch
Key Deleted : HKCU\Software\PerformerSoft
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKLM\SOFTWARE\86d68be639ea44
Key Deleted : HKLM\Software\A_Free_Ride_Games_Bar
Key Deleted : HKLM\Software\AppGraffiti
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppGraffiti.AppGraffitiJS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{E89A07B5-BD7A-43F9-BDA4-0DAA48AC4FA5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PSText.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0BDF6C42-132C-45F5-92DE-DC13F40C6DAB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{16E50291-5107-475B-9921-35C02AAD52BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1D110574-046A-43BB-A64C-4219E6A097DA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022442279}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23B0AE65-17D2-4491-98E5-B1AA6228DDA2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D205ADF-C992-4EDA-99C3-096E13F38AB4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{322F82C7-DE90-4579-93AA-971DCF45B5E9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033443379}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CD80FC7-1D8D-4BC3-BAC6-8B9543FC57ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{411B1946-3277-4A7F-9F60-745266360613}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{41BE5DC3-212A-44A3-8811-4A54E9D2884A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{457A4CB8-0391-409D-98B4-C4CCB2849670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{84576F6E-0660-4B4F-8918-BC6C975044D4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86D02BCF-0E0E-444F-8A8D-2D5C4A9E6578}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8867AC9B-4426-44A2-A693-C95850D3405C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B3F577-D54A-4831-B2B4-8AACEEDA85CF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ABD76B36-FA19-47A4-936A-1FC15F99705E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF808758-C780-404C-A4EE-4526323FD9B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C2DF3856-676C-41DC-A73B-FACBDF8E81E9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB35C569-5624-4CFC-8043-E5139F55A073}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DEF07ACD-BCEA-4269-933A-4087D20842BB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBBC4E43-292A-40DF-88E3-3262B7521460}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBD24BD3-E272-4FA3-A8BA-C5D709757CAB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.DynamicBarButton
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.DynamicBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.XMLSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\CouponAlert_2p.XMLSessionPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.FBApi
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.FBApi.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Client
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Script
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Server
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Server2
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{041278C7-DF92-486D-AE85-921BDFC75A43}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F1794F2-900B-4C81-8146-9234E5CC5BE2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{21D9997E-5D2A-4737-BCBA-C958C0590295}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{36A7148B-639E-423C-90BB-30B6E1A40BD7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45A8F904-D9CA-439B-9CBB-11097B45D9E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5272CCD4-4199-4B04-BF68-B28A0DCF0151}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56965DCF-718F-4148-BECF-5A2B466F4556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{58E64AEE-516A-4DFC-AC38-31C50E8AF0F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5F701D7D-C869-41F0-B0E2-8136F02B539C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{61DAB0AD-AD23-4E40-84AC-7C6CE64D4EB3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{65D8E17B-312E-4E12-913B-A841A8631143}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446679}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6BDA50D2-5597-4C68-A842-9B857FCCDA49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6CA3D0AB-F807-462C-BA7F-E27F07F91E32}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077447779}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{860AF5D1-0735-409D-8E5F-E3E99356D7E9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8997561D-CF0B-42C7-AAE6-78801B3ADC7F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{92580E8C-88F5-4551-9D9E-8147E7EE2C32}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A786F51D-B3C7-4F52-91EF-E1A892C2A2AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D244EAC5-A0F5-4859-A1F8-18ABC0AC3A00}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8AF87C1-0B1E-494B-AAF0-CECC3FFEDF99}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC4DAE-7794-4E16-9A98-F6001303DCD0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAB77009-B974-48DF-8229-E70CFAA11C69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EBAA6283-B61F-4DDD-9659-56635433A307}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFB0C189-5077-4340-9838-AF7B8E792A54}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFB4F034-3EB5-48D5-84DD-89BBCF9A182F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F165085B-6B85-4AD5-AD00-95552A823F6D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9D45087-1CF1-452E-9649-FDFDAC578E03}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF2EBC1C-6579-41DB-91DD-945A1C8DB2D2}
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\PlaySushi32.PlaySushi
Key Deleted : HKLM\SOFTWARE\Classes\PlaySushi32.PlaySushi.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\PSText.IEButton
Key Deleted : HKLM\SOFTWARE\Classes\PSText.IEButton.1
Key Deleted : HKLM\SOFTWARE\Classes\RebateI.Rebate Informer BHO
Key Deleted : HKLM\SOFTWARE\Classes\RebateI.RebateInformImageGen
Key Deleted : HKLM\SOFTWARE\Classes\RebateInf.RebateInfObj
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1320680
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3158970
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{20BCCE5A-C687-46FF-8DD2-AD8235F5F2B4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{438B047C-C041-4D15-98CF-A97C6B366C28}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{53CA18E7-5223-4358-9FD9-97C62C66C5BD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{60FC9013-4A5A-4306-9695-FCE0A6617F22}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7924FD2B-877C-4395-A063-A88AB887EA6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8542E415-0E53-4261-8BE4-0D1598229D90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{975BBCC0-19DF-47C2-9AE2-D78EEFA96821}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A4116F8C-A634-4536-B9EF-6B9EBCC5BAE1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C7E7FB02-C4FD-446E-8F5B-463A049935BF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EBAF2B4F-510A-47C7-86BA-E7D94D1162F6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\CouponAlert_2p
Key Deleted : HKLM\Software\CToolbar
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\FocusInteractive
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Fun Web Products
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dpimglhojapikoeeifcifanbeinephdm
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKLM\Software\Inbox Toolbar
Key Deleted : HKLM\Software\Incredibar-Games_EN
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23EAC39F-D3A7-4878-AE15-8C92C9038348}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AF08E71-3657-462F-898C-F7E791948F94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56965DCF-718F-4148-BECF-5A2B466F4556}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7225F6C9-CF64-4D6D-AE8A-169779FD7B4D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E2CE51F-0FDD-4722-B988-2D66ABFFFA0D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{945B5635-12B3-4711-B36D-B3E714C0A8CB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E2BDB28-5E4F-45B0-AF82-4EF4F3C5A075}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AEDF2B52-7A3E-4E9E-9952-B2850DA3698D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B299B85C-9849-4B06-81B2-E7386FEF62CF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7F48ACD-D5E0-4F48-8FD6-E925B11DA2FA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC680016-621B-46FB-B55D-C1827C955547}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0BDF6C42-132C-45F5-92DE-DC13F40C6DAB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D110574-046A-43BB-A64C-4219E6A097DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{322F82C7-DE90-4579-93AA-971DCF45B5E9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{411B1946-3277-4A7F-9F60-745266360613}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8867AC9B-4426-44A2-A693-C95850D3405C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{95B3F577-D54A-4831-B2B4-8AACEEDA85CF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C2DF3856-676C-41DC-A73B-FACBDF8E81E9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\A_Free_Ride_Games_Bar Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CouponAlert_2pbar Uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Incredibar-Games_EN Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PlaySushi
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TBSB07396.TBSB07396Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WiseConvert Toolbar
Key Deleted : HKLM\Software\MyWebSearch
Key Deleted : HKLM\Software\PerformerSoft
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\uTorrentBar
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\Software\WiseConvert
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.16982

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.56

*************************

AdwCleaner[S1].txt - [44379 octets] - [24/01/2013 23:32:00]

########## EOF - C:\AdwCleaner[S1].txt - [44440 octets] ##########
  • 0

Advertisements

#11
Essexboy
Posted 26 January 2013 - 06:58 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you post the OTL log please
  • 0

#12
flyboy1565
Posted 26 January 2013 - 10:59 AM

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts
Tip: click inside this box to load the editorOTL logfile created on: 1/25/2013 7:21:49 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 48.75% Memory free
3.96 Gb Paging File | 2.75 Gb Available in Paging File | 69.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 291.83 Gb Total Space | 115.81 Gb Free Space | 39.68% Space Free | Partition Type: NTFS
Drive D: | 6.26 Gb Total Space | 0.88 Gb Free Space | 14.12% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/24 23:24:45 | 000,578,255 | ---- | M] () -- C:\Users\user\Downloads\adwcleaner.exe
PRC - [2013/01/23 22:14:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
PRC - [2012/11/23 11:43:43 | 000,968,592 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012/11/02 04:10:42 | 013,538,584 | ---- | M] (Xportsoft Technologies) -- C:\Program Files\PC Optimizer Pro\PCOptimizerPro.exe
PRC - [2012/11/02 04:09:54 | 001,747,224 | ---- | M] (Xportsoft Technologies) -- C:\Program Files\PC Optimizer Pro\PCOptProTrays.exe
PRC - [2012/09/28 14:42:08 | 000,298,376 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2012/09/28 14:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2012/07/11 14:37:12 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2012/06/01 15:15:40 | 000,217,200 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe
PRC - [2012/05/10 13:11:24 | 001,267,264 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\Fighters\FighterSuiteService.exe
PRC - [2012/04/23 13:07:52 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2012/03/20 12:49:09 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Engine\2.0.18.6\ccSvcHst.exe
PRC - [2012/03/20 12:47:32 | 000,123,320 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Engine\2.0.18.6\SymcPCCULaunchSvc.exe
PRC - [2012/02/10 10:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
PRC - [2011/04/08 07:17:40 | 000,176,848 | ---- | M] (iWin Inc.) -- C:\Users\user\Jewel Quest Games\iWin Games\iWinTrusted.exe
PRC - [2010/11/02 21:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
PRC - [2010/01/15 04:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2008/10/28 22:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2006/11/02 04:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/24 23:24:45 | 000,578,255 | ---- | M] () -- C:\Users\user\Downloads\adwcleaner.exe
MOD - [2012/05/30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV - [2012/09/28 14:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/01 15:15:40 | 000,217,200 | ---- | M] (SPAMfighter ApS) [On_Demand | Running] -- C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe -- (Common Toolkit Tools)
SRV - [2012/05/10 13:11:24 | 001,267,264 | ---- | M] (SPAMfighter ApS) [Auto | Running] -- C:\Program Files\Fighters\FighterSuiteService.exe -- (Suite Service)
SRV - [2012/03/20 12:49:09 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup\Engine\2.0.18.6\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2012/03/20 12:47:32 | 000,123,320 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup\Engine\2.0.18.6\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2012/02/10 10:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 10:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/04/08 07:17:40 | 000,176,848 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Users\user\Jewel Quest Games\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2010/11/02 21:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2010/10/12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/01/15 04:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/03/18 15:52:32 | 000,020,480 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2007/04/18 02:01:02 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/11/09 15:30:14 | 000,065,536 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2005/04/18 10:38:59 | 000,046,680 | R--- | M] (America Online) [On_Demand | Stopped] -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2011/05/13 02:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/10/01 09:37:42 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010/06/09 15:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 15:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2010/04/22 17:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/11/02 18:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/10/09 21:23:06 | 000,033,792 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btblan.sys -- (LeapFrog-USBLAN)
DRV - [2009/05/13 11:41:02 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2009/05/13 11:41:02 | 000,090,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscebus.sys -- (sscebus)
DRV - [2009/05/13 11:41:02 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2008/05/08 04:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 04:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/10/18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/07/06 20:15:00 | 007,568,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/05/04 01:29:10 | 001,065,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2005/12/12 08:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)
DRV - [2003/01/10 13:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{2CC70DD6-A9A3-4A4E-837B-65604BE5B7B6}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{2F9692BA-B015-45C6-9E34-1076E967AE57}: "URL" = http://search.live.c...#38;FORM=HVDUS7
IE - HKLM\..\SearchScopes\{46247275-B91A-44B5-9D9F-144803602B5F}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\user\AppData\Roaming\Move Networks\plugins\npqmp071500000347.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\user\AppData\Roaming\Move Networks\plugins\npqmp071500000347.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected] [2011/07/16 19:33:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected] [2011/07/16 19:33:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected] [2011/07/16 19:33:17 | 000,000,000 | ---D | M]

[2011/04/30 15:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Extensions
[2009/12/24 07:13:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/01/26 09:55:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\extensions
[2012/01/26 09:55:25 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2012/11/20 20:13:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Application Manager (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.459_0\npbrowserext.dll
CHR - plugin: ArcadeCandy Textlinks Plugin (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnfegheljpcijmdgonkecjpcaopjlpac\1.22.359_0\npCandyx.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: widdit (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlkjjohncghchjiniokhljcgmlajgpb\1.6_0\npwiddit.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Coupon Alert Plugin Stub (Enabled) = C:\Program Files\CouponAlert_2p\bar\1.bin\NP2pStub.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Exent\u00AE AOD Gecko Plugin (Enabled) = C:\Program Files\Free Ride Games\npExentCtl.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealArcade Mozilla Plugin (Enabled) = C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\user\AppData\Roaming\Move Networks\plugins\npqmp071500000347.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Protected Toolbar = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlkjjohncghchjiniokhljcgmlajgpb\1.6_0\
CHR - Extension: Skype Click to Call = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: ArcadeCandy Games = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnfegheljpcijmdgonkecjpcaopjlpac\1.22.359_0\

O1 HOSTS File: ([2013/01/24 22:35:19 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe File not found
O4 - HKCU..\Run: [DriverScanner] C:\Program Files\Uniblue\DriverScanner\Launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [Exetender] C:\Program Files\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [FDPRO-501] C:\Program Files\Fighters\FighterLauncher.exe (SPAMfighter ApS)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MRI_DISABLED [2010/11/24 09:49:06 | 000,000,000 | -H-D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O16 - DPF: {00085C14-0000-0000-0000-000000000000} https://cwscp.sbcis....igInstaller.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D913DF22-085F-461E-9049-97410F6329D3}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll) - c:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\Userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Users\user\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\user\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/12/09 13:16:52 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1a2154f5-139e-11df-acf4-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{1a2154f5-139e-11df-acf4-00038a000015}\Shell\AutoRun\command - "" = L:\NPSAI.exe
O33 - MountPoints2\{48fceae9-f01c-11dc-9c31-0018f3f26cd3}\Shell - "" = AutoRun
O33 - MountPoints2\{48fceae9-f01c-11dc-9c31-0018f3f26cd3}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk /p \??\K:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/24 23:13:22 | 000,000,000 | -HSD | C] -- C:\found.002
[2013/01/24 22:32:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/01/23 22:14:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2013/01/23 22:10:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2013/01/22 21:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/22 21:16:01 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/01/22 21:16:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/02/29 09:44:09 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

========== Files - Modified Within 30 Days ==========

[2013/01/25 07:20:43 | 000,671,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/25 07:20:43 | 000,124,520 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/25 07:15:27 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
[2013/01/25 07:14:55 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/25 07:13:31 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/25 07:13:31 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/25 07:13:29 | 000,000,436 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro Updates.job
[2013/01/25 07:13:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/25 07:01:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/25 06:42:02 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3573830000-260418385-2138264800-1000UA.job
[2013/01/25 04:48:15 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{BA83A949-3E47-42DA-A9E5-9C3DE16332D1}.job
[2013/01/24 22:35:19 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2013/01/24 21:55:34 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for user.job
[2013/01/24 15:42:04 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3573830000-260418385-2138264800-1000Core.job
[2013/01/24 11:00:01 | 000,000,404 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro Scan.job
[2013/01/24 08:00:59 | 000,001,951 | ---- | M] () -- C:\Users\user\Desktop\Google Chrome.lnk
[2013/01/23 22:14:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2013/01/23 22:01:11 | 000,000,032 | ---- | M] () -- C:\ProgramData\ftstate.ini
[2013/01/23 06:58:10 | 000,001,957 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/12 22:58:56 | 000,000,556 | ---- | M] () -- C:\Windows\System32\MyDefrag.debuglog
[2013/01/11 03:22:36 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForuser.job
[2012/12/26 21:24:28 | 000,000,761 | ---- | M] () -- C:\Users\Public\Desktop\Play Pirate101.lnk
[2012/12/26 18:34:57 | 000,000,755 | ---- | M] () -- C:\Users\user\Desktop\Play Wizard101.lnk

========== Files Created - No Company Name ==========

[2013/01/24 23:20:47 | 000,000,436 | ---- | C] () -- C:\Windows\tasks\PC Optimizer Pro Updates.job
[2013/01/24 23:20:46 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
[2013/01/24 08:00:59 | 000,001,951 | ---- | C] () -- C:\Users\user\Desktop\Google Chrome.lnk
[2013/01/12 22:58:56 | 000,000,556 | ---- | C] () -- C:\Windows\System32\MyDefrag.debuglog
[2012/12/26 21:24:28 | 000,000,761 | ---- | C] () -- C:\Users\Public\Desktop\Play Pirate101.lnk
[2012/12/26 18:34:57 | 000,000,755 | ---- | C] () -- C:\Users\user\Desktop\Play Wizard101.lnk
[2012/12/03 16:53:59 | 000,000,032 | ---- | C] () -- C:\ProgramData\ftstate.ini
[2012/11/02 18:14:11 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe
[2012/07/02 16:15:12 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/05/01 20:03:13 | 000,000,552 | ---- | C] () -- C:\Users\user\AppData\Local\d3d8caps.dat
[2011/07/16 19:08:11 | 000,116,189 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011/07/16 19:08:11 | 000,098,168 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011/02/10 13:51:27 | 000,000,013 | ---- | C] () -- C:\Users\user\cvdm.err
[2010/04/20 15:17:45 | 000,000,632 | RHS- | C] () -- C:\Users\user\ntuser.pol
[2008/08/26 00:03:01 | 000,007,268 | ---- | C] () -- C:\Users\user\AppData\Local\d3d9caps.dat
[2007/04/23 09:45:14 | 000,000,092 | ---- | C] () -- C:\Users\user\AppData\Local\fusioncache.dat
[2007/03/05 12:29:22 | 000,005,678 | ---- | C] () -- C:\Users\user\AppData\Roaming\wklnhst.dat
[2007/02/04 14:34:58 | 000,016,384 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 04:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2008/11/06 04:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/02 20:16:12 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2006/11/02 01:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:09CD1DC6
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:F878F14A
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:4790A691
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:FEB4D048
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:2530BFBE
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:F5D81BA1
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:F1020F9B
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:EF84937D
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:E6B3E318
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:8396B0AE
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:0E1DD4C5
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:F49E02D5
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:8DF2258A
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:501DF0E0
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:08390D61
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:FE49EF15
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:EBDA021F
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:C76BA037
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:9A1A77DD
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:665C0715
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:407F3936
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:22910851
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:0C889ACE
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:F24AD862
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:C72A744C
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:8B09E09D
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:678F890D
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:5E86F333
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:C5CE2DF6
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:AE531EFF
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:9F47F32C
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:75A5CED2
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:6C1FEFDE
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:3BA734DE
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:07F6D9E4
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:F5B3D15A
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:E7730732
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:C92A6B45
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:7434FA5A
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:093F44E8
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:6F6F26B0
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:685F5579
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:679E30C6
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:F662888F
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A46FE1DB
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:933604B8
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:B29E86D2
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:985F2B95
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:8164A00A
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:7CC16245
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:6348AC97
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:DB2BB17F
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:ACE7A9BB
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:76C56CCB
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:51EFAA18
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:E8382F78
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:E21D3CA0
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:7BB47057
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:5BEA5951
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:15606AA7
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:07A0D262
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:A93A1878
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:CBB4BFCD
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:94124B85
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:1C23B857
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:E3BD4B99
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:D2A5A561
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:3FA3A49D
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:335F49EA
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:172B8774
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0E22C5DB
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:C81971AB
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:8B4640AA
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:FEB8979F
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:EF258AD5
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:40464012
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:8B2A48B2
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:8459971E
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:4F31D675
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:298B8F0F
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:20D4F98B
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:15B5F596
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:DADCBB58
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:A18D1A5B
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:53B5A0D5
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:52C5F022
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:33C6377A
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:2540E96D
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:B35A4CE2
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:9BAFBDA0
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:245D8023
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:243034F9
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:148B621E
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:F71B881A
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:0407674B
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:66C6A515
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:4D3521E6
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:16D21E17
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0E544CF5
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:6A37FCC3
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3D4041D5
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3D2D7F22
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:C3CB23B4
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:AED4FFF5
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:68684FAE
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:0E660858
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:F0CAA752
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:E5DE9C8F
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:6A46CD9E
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:0F83FB96
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:06E98522
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:D29B16C5
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:AA199F0F
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:5064C5F0
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:4A3B96F5
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:C62F5141
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:9EBA3797
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:3318EE32
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:F6A0889A
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:CFF654D3
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:7FC2B38E
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:E98B604F
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:7FD199E4
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:4C801DF0
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:3BB3AE6B
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2E426A1F
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:FE53E4F7
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:3BCA993F
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:1E93E0ED
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:F6C0CA66
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D387C245
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:4A0829E0

< End of report >


My apolofies, i thought that i had copied the new otl log..

any web page i access i get a weird box that has the site name at the top of the box, then says something about expTypeError and some long explanation.
Then a page that KASPERHEY says is bad pops up....
  • 0

#13
Essexboy
Posted 26 January 2013 - 12:36 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Which browser do you get that in ?

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#14
flyboy1565
Posted 27 January 2013 - 10:57 PM

flyboy1565

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 403 posts
it does this in chrome, and combofix didn't create a log
  • 0

#15
Essexboy
Posted 28 January 2013 - 08:09 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you start chrome in Incognito mode to determine whether that stops the redirect problem

http://support.googl...en&answer=95464
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP