Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Laptop Windows 7 - 64-Bit Boot Problem [Solved]


  • This topic is locked This topic is locked

#1
alicia63

alicia63

    Member

  • Member
  • PipPip
  • 11 posts
I am a student and my computer has stopped booting. I REALLY need this computer for school. I saw the topic

http://www.geekstogo...up-repair-loop/

My computer is doing basically the same thing as that issue, but I do not remember seeing any virus or anything. I followed the steps up to creating the FRST.txt file. Would someone please help me? I have copied the FRST.txt contents here. If Essexboy would help me that would be great.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2013 (ATTENTION: FRST version is 23 days old)
Ran by SYSTEM at 05-04-2013 21:39:41
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet [2022976 2011-06-27] ()
HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [482661 2011-11-03] ()
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [514544 2010-11-17] ()
HKLM-x32\...\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900 [67496 2012-08-21] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [38112 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE [1681472 2012-11-22] (Bandoo Media Inc)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2731296 2013-03-06] (Conduit)
HKLM-x32\...\Run: [lxcrmon.exe] "C:\Program Files (x86) (x86)\Lexmark 2400 Series\lxcrmon.exe" [x]
HKLM-x32\...\Run: [EzPrint] "C:\Program Files (x86) (x86)\Lexmark 2400 Series\ezprint.exe" [x]
HKU\Alicia\...\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe" [x]
HKU\Alicia\...\Run: [Facebook Update] "C:\Users\Alicia\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-11-29] (Facebook Inc.)
HKU\Alicia\...\Run: [SearchProtect] C:\Users\Alicia\AppData\Roaming\SearchProtect\bin\cltmng.exe [2731296 2013-03-06] (Conduit)
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll
Startup: C:\Users\Alicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)

==================== Services (Whitelisted) ===================

2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [93984 2013-03-06] (Conduit)
2 dlea_device; C:\windows\system32\dleacoms.exe -service [1054888 2009-07-01] ( )
2 lxcr_device; C:\windows\SysWOW64\lxcrcoms.exe -service [566192 2006-12-11] ( )
2 N360; "C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\diMaster.dll" /prefetch:1 [309688 2012-04-12] (Symantec Corporation)
2 WajamUpdater; "C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe" [109064 2012-06-14] (Wajam)
2 0110751346975830mcinstcleanup; C:\Users\Alicia\AppData\Local\Temp\011075~1.EXE -cleanup -nolog [x]

==================== Drivers (Whitelisted) =====================

1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130116.013\BHDrvx64.sys [1388120 2013-01-15] (Symantec Corporation)
1 ccSet_N360; C:\Windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-09-06] (Symantec Corporation)
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130126.002\IDSvia64.sys [513184 2013-01-04] (Symantec Corporation)
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130129.005\ENG64.SYS [126192 2013-01-19] (Symantec Corporation)
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130129.005\EX64.SYS [2087664 2013-01-19] (Symantec Corporation)
3 SRTSP; C:\Windows\System32\Drivers\N360x64\0604000.009\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)
1 SRTSPX; C:\Windows\system32\drivers\N360x64\0604000.009\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)
0 SymDS; C:\Windows\System32\drivers\N360x64\0604000.009\SYMDS64.SYS [451192 2011-08-16] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\N360x64\0604000.009\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
3 SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-09-06] (Symantec Corporation)
1 SymIRON; C:\Windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS [190072 2011-11-16] (Symantec Corporation)
1 SymNetS; C:\Windows\System32\Drivers\N360x64\0604000.009\SYMNETS.SYS [405624 2011-11-16] (Symantec Corporation)
3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2013-04-04 20:18 - 2013-04-04 20:18 - 00000000 ____D C:\ProgramData\Application Data\APN
2013-04-04 20:18 - 2013-04-04 20:18 - 00000000 ____D C:\ProgramData\APN
2013-04-04 19:39 - 2013-04-04 20:32 - 00017992 ____A C:\Windows\SysWOW64\LexFiles.ulf
2013-04-04 19:39 - 2013-04-04 19:39 - 00000379 ____A C:\lxcr.log
2013-04-04 19:39 - 2006-12-11 12:12 - 00566192 ____A ( ) C:\Windows\SysWOW64\lxcrcoms.exe
2013-04-04 19:39 - 2006-12-11 12:12 - 00233392 ____A ( ) C:\Windows\SysWOW64\lxcrih.exe
2013-04-04 19:39 - 2006-12-11 11:12 - 00181168 ____A ( ) C:\Windows\SysWOW64\lxcrppls.exe
2013-04-04 19:39 - 2006-12-11 11:08 - 00002365 ____A C:\Windows\SysWOW64\lxcr.loc
2013-04-04 19:39 - 2006-11-29 06:26 - 00091136 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrinsr.dll
2013-04-04 19:39 - 2006-11-29 06:26 - 00023040 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrcur.dll
2013-04-04 19:39 - 2006-11-29 06:24 - 00131584 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrjswr.dll
2013-04-04 19:39 - 2006-11-29 06:22 - 00184320 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrinsb.dll
2013-04-04 19:39 - 2006-11-29 06:22 - 00067584 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrcub.dll
2013-04-04 19:39 - 2006-11-29 06:21 - 00236032 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrins.dll
2013-04-04 19:39 - 2006-11-29 06:21 - 00097280 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrcu.dll
2013-04-04 19:39 - 2006-11-29 06:20 - 00654336 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrutil.dll
2013-04-04 19:39 - 2006-11-28 04:57 - 00385024 ____A () C:\Windows\SysWOW64\lxcrcomx.dll
2013-04-04 19:39 - 2006-11-06 18:56 - 00409600 ____A ( ) C:\Windows\SysWOW64\lxcrpmui.dll
2013-04-04 19:39 - 2006-11-06 18:53 - 01417728 ____A ( ) C:\Windows\SysWOW64\lxcrserv.dll
2013-04-04 19:39 - 2006-11-06 18:38 - 00249856 ____A ( ) C:\Windows\SysWOW64\lxcrcomm.dll
2013-04-04 19:39 - 2006-11-06 18:34 - 00487424 ____A ( ) C:\Windows\SysWOW64\lxcrlmpm.dll
2013-04-04 19:39 - 2006-11-06 18:31 - 00226816 ____A ( ) C:\Windows\SysWOW64\lxcriesc.dll
2013-04-04 19:39 - 2006-11-06 18:27 - 00010752 ____A ( ) C:\Windows\SysWOW64\lxcrpplc.dll
2013-04-04 19:39 - 2006-11-06 18:25 - 00695808 ____A ( ) C:\Windows\SysWOW64\lxcrcomc.dll
2013-04-04 19:39 - 2006-11-06 18:24 - 00035328 ____A ( ) C:\Windows\SysWOW64\lxcrprox.dll
2013-04-04 19:39 - 2006-11-06 18:14 - 00238592 ____A ( ) C:\Windows\SysWOW64\lxcrinpa.dll
2013-04-04 19:39 - 2006-11-06 18:12 - 01099264 ____A ( ) C:\Windows\SysWOW64\lxcrusb1.dll
2013-04-04 19:39 - 2006-11-06 16:25 - 00274432 ____A C:\Windows\SysWOW64\LXCRinst.dll
2013-04-04 19:39 - 2006-09-06 05:10 - 00077824 ____A (Lexmark International) C:\Windows\SysWOW64\LXCRcfg.dll
2013-04-04 19:39 - 2006-05-09 17:11 - 00983107 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lxcrgf.dll
2013-04-04 19:39 - 2006-02-07 18:47 - 00535647 ____A C:\Windows\SysWOW64\lxcrhelp.chm
2013-04-04 15:14 - 2013-04-04 15:14 - 00000000 ____D C:\Users\Alicia\Application Data\RealNetworks
2013-04-04 15:14 - 2013-04-04 15:14 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\RealNetworks
2013-03-26 13:57 - 2013-02-11 23:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-03-20 22:59 - 2013-03-20 22:59 - 00000102 ____A C:\qehjlhawlh
2013-03-20 22:59 - 2013-03-20 22:59 - 00000101 ____A C:\Windows\SysWOW64\nocfhjfaujf
2013-03-20 22:59 - 2013-03-20 22:59 - 00000100 ____A C:\Windows\plmadfhdashd
2013-03-20 22:56 - 2013-03-20 23:04 - 00000000 ____D C:\Users\Alicia\Application Data\PerformerSoft
2013-03-20 22:56 - 2013-03-20 23:04 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\PerformerSoft
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\Local Settings\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\Local Settings\Application Data\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\AppData\Local\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Program Files (x86)\appbario7
2013-03-20 22:56 - 2012-12-19 14:53 - 00019632 ____A (PerformerSoft LLC) C:\Windows\System32\roboot64.exe
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\Application Data\SearchProtect
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\Application Data\File Scout
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\SearchProtect
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\File Scout
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\ProgramData\IBUpdaterService
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\ProgramData\Application Data\IBUpdaterService
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-03-20 22:46 - 2013-03-20 22:48 - 00000000 ____D C:\Users\Alicia\Easy Flyer Creator
2013-03-20 22:46 - 2013-03-20 22:46 - 00000000 ____D C:\Users\Alicia\Local Settings\Peridot_Technologies
2013-03-20 22:46 - 2013-03-20 22:46 - 00000000 ____D C:\Users\Alicia\Local Settings\Application Data\Peridot_Technologies
2013-03-20 22:46 - 2013-03-20 22:46 - 00000000 ____D C:\Users\Alicia\AppData\Local\Peridot_Technologies
2013-03-20 22:45 - 2013-03-20 22:46 - 00000000 ____D C:\Program Files (x86)\Easy Flyer Creator 3.0
2013-03-20 22:45 - 2013-03-20 22:45 - 00002607 ____A C:\Users\Public\Desktop\Easy Flyer Creator 3.0.lnk
2013-03-20 22:45 - 2013-03-20 22:45 - 00002607 ____A C:\ProgramData\Desktop\Easy Flyer Creator 3.0.lnk
2013-03-20 22:45 - 2013-03-20 22:45 - 00000000 ____D C:\ProgramData\Easy Flyer Creator
2013-03-20 22:45 - 2013-03-20 22:45 - 00000000 ____D C:\ProgramData\Application Data\Easy Flyer Creator
2013-03-14 02:05 - 2013-02-02 02:31 - 17815040 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-03-14 02:05 - 2013-02-02 01:58 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-03-14 02:05 - 2013-02-02 01:57 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-03-14 02:05 - 2013-02-02 01:48 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-03-14 02:05 - 2013-02-02 01:47 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-03-14 02:05 - 2013-02-02 01:47 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-03-14 02:05 - 2013-02-02 01:46 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-03-14 02:05 - 2013-02-02 01:43 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-03-14 02:05 - 2013-02-02 01:42 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-03-14 02:05 - 2013-02-02 01:42 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-03-14 02:05 - 2013-02-02 01:41 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-03-14 02:05 - 2013-02-02 01:40 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-03-14 02:05 - 2013-02-02 01:39 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-03-14 02:05 - 2013-02-02 01:38 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-03-14 02:05 - 2013-02-02 01:38 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-03-14 02:05 - 2013-02-02 01:34 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-03-14 02:05 - 2013-02-01 23:09 - 12321792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-03-14 02:05 - 2013-02-01 22:42 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-03-14 02:05 - 2013-02-01 22:38 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-03-14 02:05 - 2013-02-01 22:31 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-03-14 02:05 - 2013-02-01 22:30 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-03-14 02:05 - 2013-02-01 22:30 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-03-14 02:05 - 2013-02-01 22:29 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-03-14 02:05 - 2013-02-01 22:27 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-03-14 02:05 - 2013-02-01 22:26 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-03-14 02:05 - 2013-02-01 22:26 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-03-14 02:05 - 2013-02-01 22:26 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-03-14 02:05 - 2013-02-01 22:25 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-03-14 02:05 - 2013-02-01 22:23 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-03-14 02:05 - 2013-02-01 22:23 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-03-14 02:05 - 2013-02-01 22:23 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-03-14 02:05 - 2013-02-01 22:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-03-13 21:49 - 2013-03-13 21:49 - 00275392 ____A C:\Windows\Minidump\031313-37611-01.dmp
2013-03-13 02:01 - 2013-03-14 02:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-03-09 19:18 - 2013-03-09 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox


==================== One Month Modified Files and Folders =======

2013-04-05 21:37 - 2013-04-05 21:37 - 00000000 ____D C:\FRST
2013-04-05 20:29 - 2012-10-01 17:25 - 00000000 ___RD C:\Users\Alicia\Dropbox
2013-04-05 20:29 - 2012-10-01 17:12 - 00000000 ____D C:\Users\Alicia\Application Data\Dropbox
2013-04-05 20:29 - 2012-10-01 17:12 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\Dropbox
2013-04-05 20:29 - 2012-03-19 14:52 - 01200753 ____A C:\Windows\WindowsUpdate.log
2013-04-05 20:28 - 2012-11-29 21:45 - 00000932 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4146025234-3801914709-857404776-1001UA.job
2013-04-05 20:28 - 2012-11-29 21:45 - 00000910 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4146025234-3801914709-857404776-1001Core.job
2013-04-05 20:28 - 2012-09-06 04:05 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-04-05 20:28 - 2012-03-16 18:47 - 00000000 ____D C:\Users\Default\Local Settings\SoftThinks
2013-04-05 20:28 - 2012-03-16 18:47 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\SoftThinks
2013-04-05 20:28 - 2012-03-16 18:47 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-04-05 20:28 - 2012-03-16 18:47 - 00000000 ____D C:\Users\Default User\Local Settings\SoftThinks
2013-04-05 20:28 - 2012-03-16 18:47 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\SoftThinks
2013-04-05 20:28 - 2012-03-16 18:47 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-04-05 20:28 - 2012-03-16 18:32 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-04-04 20:46 - 2009-07-13 23:45 - 00020928 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-04-04 20:46 - 2009-07-13 23:45 - 00020928 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-04-04 20:43 - 2009-07-14 00:13 - 00779788 ____A C:\Windows\System32\PerfStringBackup.INI
2013-04-04 20:39 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-04-04 20:39 - 2009-07-13 23:51 - 00065882 ____A C:\Windows\setupact.log
2013-04-04 20:32 - 2013-04-04 19:39 - 00017992 ____A C:\Windows\SysWOW64\LexFiles.ulf
2013-04-04 20:18 - 2013-04-04 20:18 - 00000000 ____D C:\ProgramData\Application Data\APN
2013-04-04 20:18 - 2013-04-04 20:18 - 00000000 ____D C:\ProgramData\APN
2013-04-04 20:13 - 2012-11-25 12:43 - 00000000 ____D C:\Users\Alicia\Local Settings\CrashDumps
2013-04-04 20:13 - 2012-11-25 12:43 - 00000000 ____D C:\Users\Alicia\Local Settings\Application Data\CrashDumps
2013-04-04 20:13 - 2012-11-25 12:43 - 00000000 ____D C:\Users\Alicia\AppData\Local\CrashDumps
2013-04-04 20:01 - 2012-08-30 22:58 - 00000000 ____D C:\Users\Alicia\Application Data\Roxio
2013-04-04 20:01 - 2012-08-30 22:58 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\Roxio
2013-04-04 19:39 - 2013-04-04 19:39 - 00000379 ____A C:\lxcr.log
2013-04-04 15:14 - 2013-04-04 15:14 - 00000000 ____D C:\Users\Alicia\Application Data\RealNetworks
2013-04-04 15:14 - 2013-04-04 15:14 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\RealNetworks
2013-04-04 08:45 - 2013-01-30 14:24 - 00000000 ____A C:\END
2013-04-01 21:38 - 2012-08-30 13:07 - 00000000 ____D C:\Users\Alicia\Local Settings\Nero
2013-04-01 21:38 - 2012-08-30 13:07 - 00000000 ____D C:\Users\Alicia\Local Settings\Application Data\Nero
2013-04-01 21:38 - 2012-08-30 13:07 - 00000000 ____D C:\Users\Alicia\AppData\Local\Nero
2013-03-31 21:07 - 2012-10-01 17:25 - 00001025 ____A C:\Users\Alicia\Desktop\Dropbox.lnk
2013-03-21 15:39 - 2013-02-11 23:23 - 00000099 ____A C:\Users\Public\LMDebug.log
2013-03-21 13:16 - 2012-08-30 23:51 - 00000000 ____D C:\users\Alicia
2013-03-21 13:16 - 2009-07-13 23:45 - 00370832 ____A C:\Windows\System32\FNTCACHE.DAT
2013-03-21 02:13 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2013-03-20 23:04 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\Application Data\PerformerSoft
2013-03-20 23:04 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\PerformerSoft
2013-03-20 23:01 - 2012-08-30 22:57 - 00000000 ____D C:\Users\Alicia\Local Settings\VirtualStore
2013-03-20 23:01 - 2012-08-30 22:57 - 00000000 ____D C:\Users\Alicia\Local Settings\Application Data\VirtualStore
2013-03-20 23:01 - 2012-08-30 22:57 - 00000000 ____D C:\Users\Alicia\AppData\Local\VirtualStore
2013-03-20 22:59 - 2013-03-20 22:59 - 00000102 ____A C:\qehjlhawlh
2013-03-20 22:59 - 2013-03-20 22:59 - 00000101 ____A C:\Windows\SysWOW64\nocfhjfaujf
2013-03-20 22:59 - 2013-03-20 22:59 - 00000100 ____A C:\Windows\plmadfhdashd
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\Local Settings\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\Local Settings\Application Data\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\AppData\Local\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Program Files (x86)\appbario7
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\Application Data\SearchProtect
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\Application Data\File Scout
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\SearchProtect
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\File Scout
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\ProgramData\IBUpdaterService
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\ProgramData\Application Data\IBUpdaterService
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-03-20 22:48 - 2013-03-20 22:46 - 00000000 ____D C:\Users\Alicia\Easy Flyer Creator
2013-03-20 22:46 - 2013-03-20 22:46 - 00000000 ____D C:\Users\Alicia\Local Settings\Peridot_Technologies
2013-03-20 22:46 - 2013-03-20 22:46 - 00000000 ____D C:\Users\Alicia\Local Settings\Application Data\Peridot_Technologies
2013-03-20 22:46 - 2013-03-20 22:46 - 00000000 ____D C:\Users\Alicia\AppData\Local\Peridot_Technologies
2013-03-20 22:46 - 2013-03-20 22:45 - 00000000 ____D C:\Program Files (x86)\Easy Flyer Creator 3.0
2013-03-20 22:46 - 2012-08-30 23:52 - 00092208 ____A C:\Users\Alicia\Local Settings\GDIPFONTCACHEV1.DAT
2013-03-20 22:46 - 2012-08-30 23:52 - 00092208 ____A C:\Users\Alicia\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-03-20 22:46 - 2012-08-30 23:52 - 00092208 ____A C:\Users\Alicia\AppData\Local\GDIPFONTCACHEV1.DAT
2013-03-20 22:45 - 2013-03-20 22:45 - 00002607 ____A C:\Users\Public\Desktop\Easy Flyer Creator 3.0.lnk
2013-03-20 22:45 - 2013-03-20 22:45 - 00002607 ____A C:\ProgramData\Desktop\Easy Flyer Creator 3.0.lnk
2013-03-20 22:45 - 2013-03-20 22:45 - 00000000 ____D C:\ProgramData\Easy Flyer Creator
2013-03-20 22:45 - 2013-03-20 22:45 - 00000000 ____D C:\ProgramData\Application Data\Easy Flyer Creator
2013-03-14 10:36 - 2013-02-14 12:53 - 00000000 ____D C:\Users\Alicia\My Documents\OneNote Notebooks
2013-03-14 10:36 - 2013-02-14 12:53 - 00000000 ____D C:\Users\Alicia\Documents\OneNote Notebooks
2013-03-14 10:08 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-03-14 02:41 - 2012-09-06 04:05 - 00693976 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-03-14 02:41 - 2012-03-16 17:24 - 00073432 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-03-14 02:07 - 2012-09-06 19:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-03-14 02:07 - 2012-09-06 19:09 - 00000000 ____D C:\ProgramData\Application Data\Microsoft Help
2013-03-14 02:02 - 2013-03-13 02:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-03-14 02:02 - 2012-03-16 18:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-03-13 22:28 - 2012-09-04 02:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-13 22:28 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-03-13 21:49 - 2013-03-13 21:49 - 00275392 ____A C:\Windows\Minidump\031313-37611-01.dmp
2013-03-13 21:49 - 2013-01-27 09:13 - 00000000 ____D C:\Windows\Minidump
2013-03-13 21:49 - 2013-01-27 00:09 - 284618046 ____A C:\Windows\MEMORY.DMP
2013-03-12 10:29 - 2012-09-08 19:51 - 00000000 ____D C:\Users\Alicia\Application Data\Skype
2013-03-12 10:29 - 2012-09-08 19:51 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\Skype
2013-03-11 18:29 - 2013-03-03 18:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-03-09 19:18 - 2013-03-09 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-03-06 05:38 - 2011-06-11 02:58 - 00770384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-03-06 05:38 - 2011-06-11 02:58 - 00421200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll


==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-03-13 02:00:57
Restore point made on: 2013-03-14 02:01:39
Restore point made on: 2013-03-20 22:44:56
Restore point made on: 2013-03-20 23:06:44
Restore point made on: 2013-03-27 02:01:21
Restore point made on: 2013-04-04 21:14:17

==================== Memory info ===========================

Percentage of memory in use: 21%
Total physical RAM: 3692.02 MB
Available physical RAM: 2895.29 MB
Total Pagefile: 3690.22 MB
Available Pagefile: 2887.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:401.81 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:14.65 GB) (Free:5.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive f: () (Removable) (Total:3.73 GB) (Free:3.52 GB) NTFS
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 3819 MB 0 B

Partitions of Disk 0:
===============

Disk ID: FCBEF42E

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 100 MB 1024 KB
Partition 2 Primary 14 GB 101 MB
Partition 3 Primary 451 GB 14 GB

==================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 DELLUTILITY FAT Partition 100 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D Recovery NTFS Partition 14 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 451 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Disk ID: 1DAF635D

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3819 MB 31 KB

==================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F NTFS Removable 3819 MB Healthy

=========================================================
============================== MBR Partition Table ==================

==============================
Partitions of Disk 0:
===============
Disk ID: FCBEF42E

Partition 1:
=========
Hex: 00202100DEDF130C0008000000200300
Active: NO
Type: DE
Size: 100 MB

Partition 2:
=========
Hex: 80DF140C07FEFFFF0028030000C0D401
Active: YES
Type: 07 (NTFS)
Size: 15 GB

Partition 3:
=========
Hex: 00FEFFFF07FEFFFF00E8D70130706038
Active: NO
Type: 07 (NTFS)
Size: 451 GB

==============================
Partitions of Disk 1:
===============
Disk ID: 1DAF635D

Partition 1:
=========
Hex: 8001010007FE7FE53F000000C15A7700
Active: YES
Type: 07 (NTFS)
Size: 4 GB


Last Boot: 2013-04-04 21:07

==================== End Of Log =============================
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi prior to the boot failure did you download or update any programmes ? Also what error if any do you get when you try to boot

Download the attached Fixlist.txt to the same USB as FRST
[attachment=64132:fixlist.txt]
Run FRST as before and press Fix
Are you now able to boot to normal mode
  • 0

#3
alicia63

alicia63

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
I have rebooted a couple of times and it seems good so far! Thank you!! :)
  • 0

#4
alicia63

alicia63

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Here is the FRST report

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2013 (ATTENTION: FRST version is 23 days old)
Ran by SYSTEM at 05-04-2013 21:39:41
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet [2022976 2011-06-27] ()
HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [482661 2011-11-03] ()
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [514544 2010-11-17] ()
HKLM-x32\...\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900 [67496 2012-08-21] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [38112 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE [1681472 2012-11-22] (Bandoo Media Inc)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2731296 2013-03-06] (Conduit)
HKLM-x32\...\Run: [lxcrmon.exe] "C:\Program Files (x86) (x86)\Lexmark 2400 Series\lxcrmon.exe" [x]
HKLM-x32\...\Run: [EzPrint] "C:\Program Files (x86) (x86)\Lexmark 2400 Series\ezprint.exe" [x]
HKU\Alicia\...\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe" [x]
HKU\Alicia\...\Run: [Facebook Update] "C:\Users\Alicia\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-11-29] (Facebook Inc.)
HKU\Alicia\...\Run: [SearchProtect] C:\Users\Alicia\AppData\Roaming\SearchProtect\bin\cltmng.exe [2731296 2013-03-06] (Conduit)
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll
Startup: C:\Users\Alicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)

==================== Services (Whitelisted) ===================

2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [93984 2013-03-06] (Conduit)
2 dlea_device; C:\windows\system32\dleacoms.exe -service [1054888 2009-07-01] ( )
2 lxcr_device; C:\windows\SysWOW64\lxcrcoms.exe -service [566192 2006-12-11] ( )
2 N360; "C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\diMaster.dll" /prefetch:1 [309688 2012-04-12] (Symantec Corporation)
2 WajamUpdater; "C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe" [109064 2012-06-14] (Wajam)
2 0110751346975830mcinstcleanup; C:\Users\Alicia\AppData\Local\Temp\011075~1.EXE -cleanup -nolog [x]

==================== Drivers (Whitelisted) =====================

1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130116.013\BHDrvx64.sys [1388120 2013-01-15] (Symantec Corporation)
1 ccSet_N360; C:\Windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-09-06] (Symantec Corporation)
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130126.002\IDSvia64.sys [513184 2013-01-04] (Symantec Corporation)
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130129.005\ENG64.SYS [126192 2013-01-19] (Symantec Corporation)
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130129.005\EX64.SYS [2087664 2013-01-19] (Symantec Corporation)
3 SRTSP; C:\Windows\System32\Drivers\N360x64\0604000.009\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)
1 SRTSPX; C:\Windows\system32\drivers\N360x64\0604000.009\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)
0 SymDS; C:\Windows\System32\drivers\N360x64\0604000.009\SYMDS64.SYS [451192 2011-08-16] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\N360x64\0604000.009\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
3 SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-09-06] (Symantec Corporation)
1 SymIRON; C:\Windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS [190072 2011-11-16] (Symantec Corporation)
1 SymNetS; C:\Windows\System32\Drivers\N360x64\0604000.009\SYMNETS.SYS [405624 2011-11-16] (Symantec Corporation)
3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2013-04-04 20:18 - 2013-04-04 20:18 - 00000000 ____D C:\ProgramData\Application Data\APN
2013-04-04 20:18 - 2013-04-04 20:18 - 00000000 ____D C:\ProgramData\APN
2013-04-04 19:39 - 2013-04-04 20:32 - 00017992 ____A C:\Windows\SysWOW64\LexFiles.ulf
2013-04-04 19:39 - 2013-04-04 19:39 - 00000379 ____A C:\lxcr.log
2013-04-04 19:39 - 2006-12-11 12:12 - 00566192 ____A ( ) C:\Windows\SysWOW64\lxcrcoms.exe
2013-04-04 19:39 - 2006-12-11 12:12 - 00233392 ____A ( ) C:\Windows\SysWOW64\lxcrih.exe
2013-04-04 19:39 - 2006-12-11 11:12 - 00181168 ____A ( ) C:\Windows\SysWOW64\lxcrppls.exe
2013-04-04 19:39 - 2006-12-11 11:08 - 00002365 ____A C:\Windows\SysWOW64\lxcr.loc
2013-04-04 19:39 - 2006-11-29 06:26 - 00091136 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrinsr.dll
2013-04-04 19:39 - 2006-11-29 06:26 - 00023040 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrcur.dll
2013-04-04 19:39 - 2006-11-29 06:24 - 00131584 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrjswr.dll
2013-04-04 19:39 - 2006-11-29 06:22 - 00184320 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrinsb.dll
2013-04-04 19:39 - 2006-11-29 06:22 - 00067584 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrcub.dll
2013-04-04 19:39 - 2006-11-29 06:21 - 00236032 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrins.dll
2013-04-04 19:39 - 2006-11-29 06:21 - 00097280 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrcu.dll
2013-04-04 19:39 - 2006-11-29 06:20 - 00654336 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxcrutil.dll
2013-04-04 19:39 - 2006-11-28 04:57 - 00385024 ____A () C:\Windows\SysWOW64\lxcrcomx.dll
2013-04-04 19:39 - 2006-11-06 18:56 - 00409600 ____A ( ) C:\Windows\SysWOW64\lxcrpmui.dll
2013-04-04 19:39 - 2006-11-06 18:53 - 01417728 ____A ( ) C:\Windows\SysWOW64\lxcrserv.dll
2013-04-04 19:39 - 2006-11-06 18:38 - 00249856 ____A ( ) C:\Windows\SysWOW64\lxcrcomm.dll
2013-04-04 19:39 - 2006-11-06 18:34 - 00487424 ____A ( ) C:\Windows\SysWOW64\lxcrlmpm.dll
2013-04-04 19:39 - 2006-11-06 18:31 - 00226816 ____A ( ) C:\Windows\SysWOW64\lxcriesc.dll
2013-04-04 19:39 - 2006-11-06 18:27 - 00010752 ____A ( ) C:\Windows\SysWOW64\lxcrpplc.dll
2013-04-04 19:39 - 2006-11-06 18:25 - 00695808 ____A ( ) C:\Windows\SysWOW64\lxcrcomc.dll
2013-04-04 19:39 - 2006-11-06 18:24 - 00035328 ____A ( ) C:\Windows\SysWOW64\lxcrprox.dll
2013-04-04 19:39 - 2006-11-06 18:14 - 00238592 ____A ( ) C:\Windows\SysWOW64\lxcrinpa.dll
2013-04-04 19:39 - 2006-11-06 18:12 - 01099264 ____A ( ) C:\Windows\SysWOW64\lxcrusb1.dll
2013-04-04 19:39 - 2006-11-06 16:25 - 00274432 ____A C:\Windows\SysWOW64\LXCRinst.dll
2013-04-04 19:39 - 2006-09-06 05:10 - 00077824 ____A (Lexmark International) C:\Windows\SysWOW64\LXCRcfg.dll
2013-04-04 19:39 - 2006-05-09 17:11 - 00983107 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lxcrgf.dll
2013-04-04 19:39 - 2006-02-07 18:47 - 00535647 ____A C:\Windows\SysWOW64\lxcrhelp.chm
2013-04-04 15:14 - 2013-04-04 15:14 - 00000000 ____D C:\Users\Alicia\Application Data\RealNetworks
2013-04-04 15:14 - 2013-04-04 15:14 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\RealNetworks
2013-03-26 13:57 - 2013-02-11 23:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-03-20 22:59 - 2013-03-20 22:59 - 00000102 ____A C:\qehjlhawlh
2013-03-20 22:59 - 2013-03-20 22:59 - 00000101 ____A C:\Windows\SysWOW64\nocfhjfaujf
2013-03-20 22:59 - 2013-03-20 22:59 - 00000100 ____A C:\Windows\plmadfhdashd
2013-03-20 22:56 - 2013-03-20 23:04 - 00000000 ____D C:\Users\Alicia\Application Data\PerformerSoft
2013-03-20 22:56 - 2013-03-20 23:04 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\PerformerSoft
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\Local Settings\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\Local Settings\Application Data\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\AppData\Local\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Program Files (x86)\appbario7
2013-03-20 22:56 - 2012-12-19 14:53 - 00019632 ____A (PerformerSoft LLC) C:\Windows\System32\roboot64.exe
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\Application Data\SearchProtect
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\Application Data\File Scout
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\SearchProtect
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\File Scout
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\ProgramData\IBUpdaterService
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\ProgramData\Application Data\IBUpdaterService
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-03-20 22:46 - 2013-03-20 22:48 - 00000000 ____D C:\Users\Alicia\Easy Flyer Creator
2013-03-20 22:46 - 2013-03-20 22:46 - 00000000 ____D C:\Users\Alicia\Local Settings\Peridot_Technologies
2013-03-20 22:46 - 2013-03-20 22:46 - 00000000 ____D C:\Users\Alicia\Local Settings\Application Data\Peridot_Technologies
2013-03-20 22:46 - 2013-03-20 22:46 - 00000000 ____D C:\Users\Alicia\AppData\Local\Peridot_Technologies
2013-03-20 22:45 - 2013-03-20 22:46 - 00000000 ____D C:\Program Files (x86)\Easy Flyer Creator 3.0
2013-03-20 22:45 - 2013-03-20 22:45 - 00002607 ____A C:\Users\Public\Desktop\Easy Flyer Creator 3.0.lnk
2013-03-20 22:45 - 2013-03-20 22:45 - 00002607 ____A C:\ProgramData\Desktop\Easy Flyer Creator 3.0.lnk
2013-03-20 22:45 - 2013-03-20 22:45 - 00000000 ____D C:\ProgramData\Easy Flyer Creator
2013-03-20 22:45 - 2013-03-20 22:45 - 00000000 ____D C:\ProgramData\Application Data\Easy Flyer Creator
2013-03-14 02:05 - 2013-02-02 02:31 - 17815040 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-03-14 02:05 - 2013-02-02 01:58 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-03-14 02:05 - 2013-02-02 01:57 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-03-14 02:05 - 2013-02-02 01:48 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-03-14 02:05 - 2013-02-02 01:47 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-03-14 02:05 - 2013-02-02 01:47 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-03-14 02:05 - 2013-02-02 01:46 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-03-14 02:05 - 2013-02-02 01:43 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-03-14 02:05 - 2013-02-02 01:42 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-03-14 02:05 - 2013-02-02 01:42 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-03-14 02:05 - 2013-02-02 01:41 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-03-14 02:05 - 2013-02-02 01:40 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-03-14 02:05 - 2013-02-02 01:39 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-03-14 02:05 - 2013-02-02 01:38 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-03-14 02:05 - 2013-02-02 01:38 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-03-14 02:05 - 2013-02-02 01:34 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-03-14 02:05 - 2013-02-01 23:09 - 12321792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-03-14 02:05 - 2013-02-01 22:42 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-03-14 02:05 - 2013-02-01 22:38 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-03-14 02:05 - 2013-02-01 22:31 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-03-14 02:05 - 2013-02-01 22:30 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-03-14 02:05 - 2013-02-01 22:30 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-03-14 02:05 - 2013-02-01 22:29 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-03-14 02:05 - 2013-02-01 22:27 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-03-14 02:05 - 2013-02-01 22:26 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-03-14 02:05 - 2013-02-01 22:26 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-03-14 02:05 - 2013-02-01 22:26 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-03-14 02:05 - 2013-02-01 22:25 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-03-14 02:05 - 2013-02-01 22:23 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-03-14 02:05 - 2013-02-01 22:23 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-03-14 02:05 - 2013-02-01 22:23 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-03-14 02:05 - 2013-02-01 22:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-03-13 21:49 - 2013-03-13 21:49 - 00275392 ____A C:\Windows\Minidump\031313-37611-01.dmp
2013-03-13 02:01 - 2013-03-14 02:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-03-09 19:18 - 2013-03-09 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox


==================== One Month Modified Files and Folders =======

2013-04-05 21:37 - 2013-04-05 21:37 - 00000000 ____D C:\FRST
2013-04-05 20:29 - 2012-10-01 17:25 - 00000000 ___RD C:\Users\Alicia\Dropbox
2013-04-05 20:29 - 2012-10-01 17:12 - 00000000 ____D C:\Users\Alicia\Application Data\Dropbox
2013-04-05 20:29 - 2012-10-01 17:12 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\Dropbox
2013-04-05 20:29 - 2012-03-19 14:52 - 01200753 ____A C:\Windows\WindowsUpdate.log
2013-04-05 20:28 - 2012-11-29 21:45 - 00000932 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4146025234-3801914709-857404776-1001UA.job
2013-04-05 20:28 - 2012-11-29 21:45 - 00000910 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4146025234-3801914709-857404776-1001Core.job
2013-04-05 20:28 - 2012-09-06 04:05 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-04-05 20:28 - 2012-03-16 18:47 - 00000000 ____D C:\Users\Default\Local Settings\SoftThinks
2013-04-05 20:28 - 2012-03-16 18:47 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\SoftThinks
2013-04-05 20:28 - 2012-03-16 18:47 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-04-05 20:28 - 2012-03-16 18:47 - 00000000 ____D C:\Users\Default User\Local Settings\SoftThinks
2013-04-05 20:28 - 2012-03-16 18:47 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\SoftThinks
2013-04-05 20:28 - 2012-03-16 18:47 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-04-05 20:28 - 2012-03-16 18:32 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-04-04 20:46 - 2009-07-13 23:45 - 00020928 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-04-04 20:46 - 2009-07-13 23:45 - 00020928 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-04-04 20:43 - 2009-07-14 00:13 - 00779788 ____A C:\Windows\System32\PerfStringBackup.INI
2013-04-04 20:39 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-04-04 20:39 - 2009-07-13 23:51 - 00065882 ____A C:\Windows\setupact.log
2013-04-04 20:32 - 2013-04-04 19:39 - 00017992 ____A C:\Windows\SysWOW64\LexFiles.ulf
2013-04-04 20:18 - 2013-04-04 20:18 - 00000000 ____D C:\ProgramData\Application Data\APN
2013-04-04 20:18 - 2013-04-04 20:18 - 00000000 ____D C:\ProgramData\APN
2013-04-04 20:13 - 2012-11-25 12:43 - 00000000 ____D C:\Users\Alicia\Local Settings\CrashDumps
2013-04-04 20:13 - 2012-11-25 12:43 - 00000000 ____D C:\Users\Alicia\Local Settings\Application Data\CrashDumps
2013-04-04 20:13 - 2012-11-25 12:43 - 00000000 ____D C:\Users\Alicia\AppData\Local\CrashDumps
2013-04-04 20:01 - 2012-08-30 22:58 - 00000000 ____D C:\Users\Alicia\Application Data\Roxio
2013-04-04 20:01 - 2012-08-30 22:58 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\Roxio
2013-04-04 19:39 - 2013-04-04 19:39 - 00000379 ____A C:\lxcr.log
2013-04-04 15:14 - 2013-04-04 15:14 - 00000000 ____D C:\Users\Alicia\Application Data\RealNetworks
2013-04-04 15:14 - 2013-04-04 15:14 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\RealNetworks
2013-04-04 08:45 - 2013-01-30 14:24 - 00000000 ____A C:\END
2013-04-01 21:38 - 2012-08-30 13:07 - 00000000 ____D C:\Users\Alicia\Local Settings\Nero
2013-04-01 21:38 - 2012-08-30 13:07 - 00000000 ____D C:\Users\Alicia\Local Settings\Application Data\Nero
2013-04-01 21:38 - 2012-08-30 13:07 - 00000000 ____D C:\Users\Alicia\AppData\Local\Nero
2013-03-31 21:07 - 2012-10-01 17:25 - 00001025 ____A C:\Users\Alicia\Desktop\Dropbox.lnk
2013-03-21 15:39 - 2013-02-11 23:23 - 00000099 ____A C:\Users\Public\LMDebug.log
2013-03-21 13:16 - 2012-08-30 23:51 - 00000000 ____D C:\users\Alicia
2013-03-21 13:16 - 2009-07-13 23:45 - 00370832 ____A C:\Windows\System32\FNTCACHE.DAT
2013-03-21 02:13 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2013-03-20 23:04 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\Application Data\PerformerSoft
2013-03-20 23:04 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\PerformerSoft
2013-03-20 23:01 - 2012-08-30 22:57 - 00000000 ____D C:\Users\Alicia\Local Settings\VirtualStore
2013-03-20 23:01 - 2012-08-30 22:57 - 00000000 ____D C:\Users\Alicia\Local Settings\Application Data\VirtualStore
2013-03-20 23:01 - 2012-08-30 22:57 - 00000000 ____D C:\Users\Alicia\AppData\Local\VirtualStore
2013-03-20 22:59 - 2013-03-20 22:59 - 00000102 ____A C:\qehjlhawlh
2013-03-20 22:59 - 2013-03-20 22:59 - 00000101 ____A C:\Windows\SysWOW64\nocfhjfaujf
2013-03-20 22:59 - 2013-03-20 22:59 - 00000100 ____A C:\Windows\plmadfhdashd
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\Local Settings\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\Local Settings\Application Data\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Users\Alicia\AppData\Local\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-03-20 22:56 - 2013-03-20 22:56 - 00000000 ____D C:\Program Files (x86)\appbario7
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\Application Data\SearchProtect
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\Application Data\File Scout
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\SearchProtect
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\File Scout
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\ProgramData\IBUpdaterService
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\ProgramData\Application Data\IBUpdaterService
2013-03-20 22:55 - 2013-03-20 22:55 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-03-20 22:48 - 2013-03-20 22:46 - 00000000 ____D C:\Users\Alicia\Easy Flyer Creator
2013-03-20 22:46 - 2013-03-20 22:46 - 00000000 ____D C:\Users\Alicia\Local Settings\Peridot_Technologies
2013-03-20 22:46 - 2013-03-20 22:46 - 00000000 ____D C:\Users\Alicia\Local Settings\Application Data\Peridot_Technologies
2013-03-20 22:46 - 2013-03-20 22:46 - 00000000 ____D C:\Users\Alicia\AppData\Local\Peridot_Technologies
2013-03-20 22:46 - 2013-03-20 22:45 - 00000000 ____D C:\Program Files (x86)\Easy Flyer Creator 3.0
2013-03-20 22:46 - 2012-08-30 23:52 - 00092208 ____A C:\Users\Alicia\Local Settings\GDIPFONTCACHEV1.DAT
2013-03-20 22:46 - 2012-08-30 23:52 - 00092208 ____A C:\Users\Alicia\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-03-20 22:46 - 2012-08-30 23:52 - 00092208 ____A C:\Users\Alicia\AppData\Local\GDIPFONTCACHEV1.DAT
2013-03-20 22:45 - 2013-03-20 22:45 - 00002607 ____A C:\Users\Public\Desktop\Easy Flyer Creator 3.0.lnk
2013-03-20 22:45 - 2013-03-20 22:45 - 00002607 ____A C:\ProgramData\Desktop\Easy Flyer Creator 3.0.lnk
2013-03-20 22:45 - 2013-03-20 22:45 - 00000000 ____D C:\ProgramData\Easy Flyer Creator
2013-03-20 22:45 - 2013-03-20 22:45 - 00000000 ____D C:\ProgramData\Application Data\Easy Flyer Creator
2013-03-14 10:36 - 2013-02-14 12:53 - 00000000 ____D C:\Users\Alicia\My Documents\OneNote Notebooks
2013-03-14 10:36 - 2013-02-14 12:53 - 00000000 ____D C:\Users\Alicia\Documents\OneNote Notebooks
2013-03-14 10:08 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-03-14 02:41 - 2012-09-06 04:05 - 00693976 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-03-14 02:41 - 2012-03-16 17:24 - 00073432 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-03-14 02:07 - 2012-09-06 19:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-03-14 02:07 - 2012-09-06 19:09 - 00000000 ____D C:\ProgramData\Application Data\Microsoft Help
2013-03-14 02:02 - 2013-03-13 02:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-03-14 02:02 - 2012-03-16 18:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-03-13 22:28 - 2012-09-04 02:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-13 22:28 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-03-13 21:49 - 2013-03-13 21:49 - 00275392 ____A C:\Windows\Minidump\031313-37611-01.dmp
2013-03-13 21:49 - 2013-01-27 09:13 - 00000000 ____D C:\Windows\Minidump
2013-03-13 21:49 - 2013-01-27 00:09 - 284618046 ____A C:\Windows\MEMORY.DMP
2013-03-12 10:29 - 2012-09-08 19:51 - 00000000 ____D C:\Users\Alicia\Application Data\Skype
2013-03-12 10:29 - 2012-09-08 19:51 - 00000000 ____D C:\Users\Alicia\AppData\Roaming\Skype
2013-03-11 18:29 - 2013-03-03 18:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-03-09 19:18 - 2013-03-09 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-03-06 05:38 - 2011-06-11 02:58 - 00770384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-03-06 05:38 - 2011-06-11 02:58 - 00421200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll


==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-03-13 02:00:57
Restore point made on: 2013-03-14 02:01:39
Restore point made on: 2013-03-20 22:44:56
Restore point made on: 2013-03-20 23:06:44
Restore point made on: 2013-03-27 02:01:21
Restore point made on: 2013-04-04 21:14:17

==================== Memory info ===========================

Percentage of memory in use: 21%
Total physical RAM: 3692.02 MB
Available physical RAM: 2895.29 MB
Total Pagefile: 3690.22 MB
Available Pagefile: 2887.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:401.81 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:14.65 GB) (Free:5.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive f: () (Removable) (Total:3.73 GB) (Free:3.52 GB) NTFS
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 3819 MB 0 B

Partitions of Disk 0:
===============

Disk ID: FCBEF42E

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 100 MB 1024 KB
Partition 2 Primary 14 GB 101 MB
Partition 3 Primary 451 GB 14 GB

==================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 DELLUTILITY FAT Partition 100 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D Recovery NTFS Partition 14 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 451 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Disk ID: 1DAF635D

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3819 MB 31 KB

==================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F NTFS Removable 3819 MB Healthy

=========================================================
============================== MBR Partition Table ==================

==============================
Partitions of Disk 0:
===============
Disk ID: FCBEF42E

Partition 1:
=========
Hex: 00202100DEDF130C0008000000200300
Active: NO
Type: DE
Size: 100 MB

Partition 2:
=========
Hex: 80DF140C07FEFFFF0028030000C0D401
Active: YES
Type: 07 (NTFS)
Size: 15 GB

Partition 3:
=========
Hex: 00FEFFFF07FEFFFF00E8D70130706038
Active: NO
Type: 07 (NTFS)
Size: 451 GB

==============================
Partitions of Disk 1:
===============
Disk ID: 1DAF635D

Partition 1:
=========
Hex: 8001010007FE7FE53F000000C15A7700
Active: YES
Type: 07 (NTFS)
Size: 4 GB


Last Boot: 2013-04-04 21:07

==================== End Of Log =============================
  • 0

#5
alicia63

alicia63

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
I found another topic where you wanted them to run a scan with OTL. I did this and here is the OTL file

OTL logfile created on: 4/6/2013 12:11:40 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alicia\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.61 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 62.54% Memory free
7.21 Gb Paging File | 5.55 Gb Available in Paging File | 76.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 401.82 Gb Free Space | 89.09% Space Free | Partition Type: NTFS

Computer Name: ALICIA-PC | User Name: Alicia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/06 12:08:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alicia\Desktop\OTL.exe
PRC - [2013/03/12 03:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Alicia\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/12/18 07:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/29 22:45:29 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Alicia\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2012/11/22 09:53:01 | 001,681,472 | ---- | M] (Bandoo Media Inc) -- C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngrUI.exe
PRC - [2012/09/11 11:29:17 | 000,175,968 | ---- | M] (Impulse Point, LLC) -- C:\Program Files (x86)\SafeConnect\scManager.sys
PRC - [2012/08/21 15:48:28 | 003,110,808 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe
PRC - [2012/06/15 22:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccsvchst.exe
PRC - [2011/12/31 18:04:38 | 000,150,312 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
PRC - [2011/11/25 17:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/06 13:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 11:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 11:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/01 13:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/06/29 09:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
PRC - [2011/06/27 20:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
PRC - [2011/05/12 17:59:00 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/04/13 11:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010/11/17 11:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe


========== Modules (No Company Name) ==========

MOD - [2013/02/17 04:44:14 | 000,240,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll
MOD - [2013/02/17 04:36:42 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013/02/17 04:36:27 | 001,658,368 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\eea7ca5afefdfb4ffc81143d425cee9a\PresentationUI.ni.dll
MOD - [2013/02/17 04:36:20 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/02/17 04:36:05 | 001,806,848 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\4976e150a5d096db3981d4d56dda5a8e\System.Deployment.ni.dll
MOD - [2013/01/14 23:22:47 | 000,401,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll
MOD - [2013/01/14 23:22:35 | 009,922,560 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\04be51ee3cc47fbd5cbdc8761879a145\System.Data.Entity.ni.dll
MOD - [2013/01/14 23:20:15 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013/01/14 23:20:06 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013/01/13 06:03:17 | 002,347,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
MOD - [2013/01/13 05:50:54 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/01/13 05:50:08 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/01/13 05:50:06 | 000,628,224 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll
MOD - [2013/01/13 05:50:04 | 000,627,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll
MOD - [2013/01/13 05:49:57 | 006,611,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll
MOD - [2013/01/13 05:49:45 | 001,117,184 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\abf5f0f6b5d995fb86b0529ac85e14ed\System.DirectoryServices.ni.dll
MOD - [2013/01/13 05:49:43 | 001,044,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\dac9bb4d4745a4227e7ed701498a9469\System.Printing.ni.dll
MOD - [2013/01/13 05:49:41 | 002,157,056 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\284f81850cf194b71156025b06e74e06\ReachFramework.ni.dll
MOD - [2013/01/13 05:49:32 | 014,340,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/01/13 05:49:01 | 000,039,424 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\2f32b665b25e874e0222f7be18b0161f\PresentationCFFRasterizer.ni.dll
MOD - [2013/01/13 05:48:44 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/13 05:48:40 | 000,185,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a7424b1be331f4b534ea24e0c21dbe47\UIAutomationTypes.ni.dll
MOD - [2013/01/13 05:48:40 | 000,060,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\23da92e38ffc0bbf6673adb1892aa0f4\UIAutomationProvider.ni.dll
MOD - [2013/01/13 05:48:40 | 000,025,600 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll
MOD - [2013/01/13 05:48:39 | 012,237,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/01/13 05:48:16 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/13 05:48:11 | 000,684,032 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\3abd733e8fa28fafbfc99458fdf691da\System.Security.ni.dll
MOD - [2013/01/13 05:48:05 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/13 05:47:56 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/13 05:47:55 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/13 05:47:45 | 000,015,872 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\9d2a9fc04e660079633eb74b37a1d77c\Microsoft.VisualC.ni.dll
MOD - [2013/01/13 05:47:39 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2011/12/31 18:04:40 | 000,891,688 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\System.Data.SQLite.dll
MOD - [2011/12/31 18:04:32 | 000,026,408 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\AdbDetect.dll
MOD - [2011/12/31 18:04:28 | 000,251,688 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\System.ComponentModel.Composition.dll
MOD - [2011/08/18 11:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/06/29 09:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
MOD - [2011/06/27 20:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
MOD - [2011/06/27 20:25:30 | 000,058,944 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
MOD - [2011/06/25 00:21:46 | 000,322,624 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
MOD - [2011/06/25 00:20:26 | 000,565,968 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
MOD - [2010/11/24 23:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010/11/20 23:24:08 | 002,927,616 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/11/17 11:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010/03/22 16:52:42 | 006,776,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
MOD - [2010/03/16 21:28:28 | 000,326,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
MOD - [2010/03/16 21:28:16 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
MOD - [2010/03/16 21:28:04 | 001,926,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
MOD - [2010/03/11 20:52:34 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
MOD - [2010/03/11 20:52:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
MOD - [2010/03/05 16:07:58 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
MOD - [2010/03/05 16:07:58 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
MOD - [2009/06/10 17:23:19 | 000,261,632 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/12/19 16:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/12/19 15:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/27 15:06:16 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/01 14:13:46 | 001,054,888 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dleacoms.exe -- (dlea_device)
SRV:64bit: - [2009/03/03 06:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2013/03/14 03:41:33 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/09 20:18:40 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/18 07:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/11 11:29:17 | 000,175,968 | ---- | M] (Impulse Point, LLC) [Auto | Running] -- C:\Program Files (x86)\SafeConnect\scManager.sys -- (SCManager)
SRV - [2012/07/13 14:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/15 22:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe -- (N360)
SRV - [2011/11/25 17:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/10/26 09:58:10 | 000,162,816 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/08/18 11:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/06/07 13:25:12 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/05/12 17:59:00 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/11/25 06:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 06:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/08/25 21:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/12/11 13:12:22 | 000,566,192 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxcrcoms.exe -- (lxcr_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/19 16:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/12/19 15:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/11/06 07:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/09/06 20:01:23 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/09/04 01:50:20 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Running] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020200}_0)
DRV:64bit: - [2012/07/05 22:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 22:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/07 00:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/05/21 21:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/03/16 18:43:40 | 004,719,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/10 04:10:04 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)
DRV:64bit: - [2011/11/16 23:38:00 | 000,405,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/11/16 23:17:50 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\ironx64.sys -- (SymIRON)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/16 02:51:40 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\symds64.sys -- (SymDS)
DRV:64bit: - [2011/06/16 18:08:26 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/06/16 18:08:24 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/05/27 15:06:16 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/05/17 02:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/31 23:35:12 | 000,355,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/20 12:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/12/16 02:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/29 20:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/03/19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2013/01/19 11:24:27 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130129.005\ex64.sys -- (NAVEX15)
DRV - [2013/01/19 11:24:27 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130129.005\eng64.sys -- (NAVENG)
DRV - [2013/01/15 22:51:11 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130116.013\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/01/04 18:26:54 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130126.002\IDSviA64.sys -- (IDSVia64)
DRV - [2012/09/06 20:22:57 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {6926c7f7-6006-42d1-b046-eba1b3010315} - C:\Program Files (x86)\appbario7\prxtbappb.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...54-584E7DE30C4B
IE - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\..\URLSearchHook: {6926c7f7-6006-42d1-b046-eba1b3010315} - C:\Program Files (x86)\appbario7\prxtbappb.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0007ce9d3aa6f16
IE - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = Playbryte-fa-v/search/redirect/?type=default&user_id=3099b29a-2cb1-43ed-bcdf-885b91144a84&query={searchTerms}
IE - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..CT3227981.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultthis.engineName: "appbario7 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "appbario7 Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://search.condui...4-584E7DE30C4B"
FF - prefs.js..extensions.enabledAddons: %7B1FD91A9C-410C-4090-BBCC-55D3450EF433%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B6926c7f7-6006-42d1-b046-eba1b3010315%7D:10.15.0.562
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..keyword.URL: "http://search.condui...2517910&UM=&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Alicia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\ [2013/03/01 19:52:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\ [2013/03/01 19:52:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/03/01 19:52:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/20 23:56:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/20 23:56:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/11/25 04:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alicia\AppData\Roaming\Mozilla\Extensions
[2013/03/21 19:31:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions
[2013/03/21 19:31:46 | 000,000,000 | ---D | M] (appbario7) -- C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}
[2012/11/25 04:08:55 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}
[2013/03/20 23:55:46 | 000,000,995 | ---- | M] () -- C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\searchplugins\conduit.xml
[2012/11/25 04:08:39 | 000,002,687 | ---- | M] () -- C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\searchplugins\Search_Results.xml
[2013/03/09 20:18:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/09 20:18:35 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/11/25 04:09:01 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES (X86)\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2013/03/09 20:18:41 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/03/03 19:56:00 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/25 04:08:39 | 000,002,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2013/03/03 19:56:00 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (DataMngr) - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media Inc)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O2 - BHO: (appbario7 Toolbar) - {6926c7f7-6006-42d1-b046-eba1b3010315} - C:\Program Files (x86)\appbario7\prxtbappb.dll (Conduit Ltd.)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (DataMngr) - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media Inc)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Search-Results Toolbar) - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (appbario7 Toolbar) - {6926c7f7-6006-42d1-b046-eba1b3010315} - C:\Program Files (x86)\appbario7\prxtbappb.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngrUI.exe (Bandoo Media Inc)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [EzPrint] "C:\Program Files (x86) (x86)\Lexmark 2400 Series\ezprint.exe" File not found
O4 - HKLM..\Run: [lxcrmon.exe] "C:\Program Files (x86) (x86)\Lexmark 2400 Series\lxcrmon.exe" File not found
O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()
O4 - HKLM..\Run: [RoxWatchTray] c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4146025234-3801914709-857404776-1001..\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe" File not found
O4 - HKU\S-1-5-21-4146025234-3801914709-857404776-1001..\Run: [Facebook Update] C:\Users\Alicia\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Alicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Alicia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5439173D-549B-4585-934D-351BCE055891}: DhcpNameServer = 65.32.5.111 65.32.5.112
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngr.dll (Bandoo Media Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Search Results Toolbar\Datamngr\IEBHO.dll (Bandoo Media Inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/04/06 12:08:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alicia\Desktop\OTL.exe
[2013/04/05 22:37:14 | 000,000,000 | ---D | C] -- C:\FRST
[2013/04/04 21:30:26 | 000,000,000 | ---D | C] -- C:\drivers
[2013/04/04 21:18:21 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/04/04 20:39:41 | 000,077,824 | ---- | C] (Lexmark International) -- C:\windows\SysWow64\LXCRcfg.dll
[2013/04/04 20:39:40 | 000,654,336 | ---- | C] (Lexmark International, Inc.) -- C:\windows\SysWow64\lxcrutil.dll
[2013/04/04 20:39:39 | 000,983,107 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\lxcrgf.dll
[2013/04/04 20:39:39 | 000,236,032 | ---- | C] (Lexmark International, Inc.) -- C:\windows\SysWow64\lxcrins.dll
[2013/04/04 20:39:39 | 000,184,320 | ---- | C] (Lexmark International, Inc.) -- C:\windows\SysWow64\lxcrinsb.dll
[2013/04/04 20:39:39 | 000,131,584 | ---- | C] (Lexmark International, Inc.) -- C:\windows\SysWow64\lxcrjswr.dll
[2013/04/04 20:39:39 | 000,097,280 | ---- | C] (Lexmark International, Inc.) -- C:\windows\SysWow64\lxcrcu.dll
[2013/04/04 20:39:39 | 000,091,136 | ---- | C] (Lexmark International, Inc.) -- C:\windows\SysWow64\lxcrinsr.dll
[2013/04/04 20:39:39 | 000,067,584 | ---- | C] (Lexmark International, Inc.) -- C:\windows\SysWow64\lxcrcub.dll
[2013/04/04 20:39:39 | 000,023,040 | ---- | C] (Lexmark International, Inc.) -- C:\windows\SysWow64\lxcrcur.dll
[2013/04/04 16:14:43 | 000,000,000 | ---D | C] -- C:\Users\Alicia\AppData\Roaming\RealNetworks
[2013/03/26 14:57:38 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023.sys
[2013/03/20 23:56:48 | 000,000,000 | ---D | C] -- C:\Users\Alicia\AppData\Roaming\PerformerSoft
[2013/03/20 23:56:46 | 000,019,632 | ---- | C] (PerformerSoft LLC) -- C:\windows\SysNative\roboot64.exe
[2013/03/20 23:56:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\appbario7
[2013/03/20 23:46:58 | 000,000,000 | ---D | C] -- C:\Users\Alicia\AppData\Local\Peridot_Technologies
[2013/03/20 23:46:57 | 000,000,000 | ---D | C] -- C:\Users\Alicia\Easy Flyer Creator
[2013/03/20 23:45:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Flyer Creator 3.0
[2013/03/20 23:45:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy Flyer Creator 3.0
[2013/03/20 23:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Easy Flyer Creator
[2013/03/14 03:05:36 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/03/14 03:05:36 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/03/14 03:05:35 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/03/14 03:05:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/03/14 03:05:35 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/03/14 03:05:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/03/14 03:05:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/03/14 03:05:34 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/03/14 03:05:34 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/03/14 03:05:33 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/03/14 03:05:33 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/03/14 03:05:33 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/03/14 03:05:31 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/03/14 03:05:31 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/03/14 03:05:30 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/03/14 03:05:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/13 03:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/09 20:18:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[10 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[10 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/04/06 12:08:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alicia\Desktop\OTL.exe
[2013/04/06 12:08:13 | 000,779,788 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/04/06 12:08:13 | 000,660,770 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/04/06 12:08:13 | 000,121,408 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/04/06 12:06:04 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/04/06 11:50:00 | 000,000,932 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-4146025234-3801914709-857404776-1001UA.job
[2013/04/06 11:41:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/04/06 11:31:01 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/06 11:31:01 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/06 11:23:13 | 2903,519,232 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/05 21:47:49 | 265,979,894 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013/04/05 21:28:27 | 000,000,910 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-4146025234-3801914709-857404776-1001Core.job
[2013/04/04 21:32:16 | 000,017,992 | ---- | M] () -- C:\windows\SysWow64\LexFiles.ulf
[2013/04/04 09:45:36 | 000,000,000 | ---- | M] () -- C:\END
[2013/03/31 22:07:32 | 000,001,055 | ---- | M] () -- C:\Users\Alicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/03/31 22:07:19 | 000,001,025 | ---- | M] () -- C:\Users\Alicia\Desktop\Dropbox.lnk
[2013/03/21 14:16:21 | 000,370,832 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/03/20 23:45:56 | 000,002,607 | ---- | M] () -- C:\Users\Public\Desktop\Easy Flyer Creator 3.0.lnk
[2013/03/14 03:41:33 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/03/14 03:41:33 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[10 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[10 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/04/04 20:39:43 | 000,385,024 | ---- | C] () -- C:\windows\SysWow64\lxcrcomx.dll
[2013/04/04 20:39:43 | 000,274,432 | ---- | C] () -- C:\windows\SysWow64\LXCRinst.dll
[2013/04/04 20:39:41 | 000,181,168 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrppls.exe
[2013/04/04 20:39:40 | 000,238,592 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrinpa.dll
[2013/04/04 20:39:40 | 000,226,816 | ---- | C] ( ) -- C:\windows\SysWow64\lxcriesc.dll
[2013/04/04 20:39:39 | 001,417,728 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrserv.dll
[2013/04/04 20:39:39 | 001,099,264 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrusb1.dll
[2013/04/04 20:39:39 | 000,695,808 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrcomc.dll
[2013/04/04 20:39:39 | 000,566,192 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrcoms.exe
[2013/04/04 20:39:39 | 000,535,647 | ---- | C] () -- C:\windows\SysWow64\lxcrhelp.chm
[2013/04/04 20:39:39 | 000,487,424 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrlmpm.dll
[2013/04/04 20:39:39 | 000,409,600 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrpmui.dll
[2013/04/04 20:39:39 | 000,249,856 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrcomm.dll
[2013/04/04 20:39:39 | 000,233,392 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrih.exe
[2013/04/04 20:39:39 | 000,035,328 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrprox.dll
[2013/04/04 20:39:39 | 000,017,992 | ---- | C] () -- C:\windows\SysWow64\LexFiles.ulf
[2013/04/04 20:39:39 | 000,010,752 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrpplc.dll
[2013/04/04 20:39:39 | 000,002,365 | ---- | C] () -- C:\windows\SysWow64\lxcr.loc
[2013/03/20 23:45:56 | 000,002,607 | ---- | C] () -- C:\Users\Public\Desktop\Easy Flyer Creator 3.0.lnk
[2012/12/19 15:52:22 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012/12/19 15:52:22 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
[2012/03/16 18:42:00 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012/03/16 18:31:30 | 000,017,776 | ---- | C] () -- C:\windows\EvtMessage.dll
[2012/02/26 08:02:17 | 000,000,096 | ---- | C] () -- C:\windows\LaunApp.ini
[2012/02/26 08:02:12 | 000,000,325 | ---- | C] () -- C:\windows\Prelaunch.ini
[2012/02/26 08:02:12 | 000,000,271 | ---- | C] () -- C:\windows\WisPriority.ini
[2012/02/26 08:02:12 | 000,000,035 | ---- | C] () -- C:\windows\DELL_LANGCODE.ini
[2012/02/26 08:02:12 | 000,000,033 | ---- | C] () -- C:\windows\DELL_OSTYPE.ini
[2012/02/26 08:02:12 | 000,000,032 | ---- | C] () -- C:\windows\WisHWDest.ini
[2012/02/26 08:02:12 | 000,000,028 | ---- | C] () -- C:\windows\WisLangCode.ini
[2012/02/26 08:02:12 | 000,000,023 | ---- | C] () -- C:\windows\WisSysInfo.ini
[2012/02/26 06:54:12 | 000,774,004 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/09/12 18:06:16 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 21:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2010/11/20 23:24:08 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 21:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 23:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 23:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 18:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2012/06/02 01:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2012/06/02 00:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 23:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 23:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/03 02:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 21:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 21:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 21:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 23:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 21:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 21:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 21:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 13:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 07:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 02:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 21:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 23:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 23:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 23:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 23:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 23:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 23:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 23:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 23:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 21:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 01:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 23:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 23:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 23:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 23:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 23:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 23:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 23:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 23:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 23:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 18:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 23:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 23:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 23:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 23:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SERVICES >
[2009/06/10 17:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.ASFX >
[2012/12/18 10:28:54 | 000,002,637 | ---- | M] () MD5=016DFC4F3F133AE19338EECD1924886A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services\Services.asfx
[2012/12/18 10:28:56 | 000,002,970 | ---- | M] () MD5=05A68D76420994EF8DF33184BFA98E04 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services\Services.asfx
[2012/12/18 10:28:44 | 000,002,555 | ---- | M] () MD5=272301585AC133486E70228DA27659AC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services\Services.asfx
[2012/12/18 10:28:38 | 000,002,562 | ---- | M] () MD5=27CE9BD3209B549BB776B8C877455A91 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services\Services.asfx
[2012/12/18 10:28:42 | 000,002,632 | ---- | M] () MD5=2998A4AE8D0EF5122CCB985CF7E9D9D3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services\Services.asfx
[2012/12/18 10:28:42 | 000,002,545 | ---- | M] () MD5=2EEC9DDBD0B4EE5F65532322C383938A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services\Services.asfx
[2012/12/18 10:28:46 | 000,002,629 | ---- | M] () MD5=3A0082D76426A87FB4937D426C491C10 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services\Services.asfx
[2012/12/18 10:28:50 | 000,002,590 | ---- | M] () MD5=448953BD0CF26CE03D9E7CC1A7B278BC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services\Services.asfx
[2012/12/18 10:28:28 | 000,002,605 | ---- | M] () MD5=5A2C5D0DA3EAAB2AA77F16947D0E14FF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services\Services.asfx
[2012/12/18 10:28:48 | 000,002,679 | ---- | M] () MD5=5DD2704563A6A79C466E44CD966B2655 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services\Services.asfx
[2012/12/18 10:28:28 | 000,002,711 | ---- | M] () MD5=6B0E7B068BD530B8FCEBC04CC8844AA9 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services\Services.asfx
[2012/12/18 10:28:52 | 000,002,582 | ---- | M] () MD5=797FC263D59784AD1498560C34FA7DA1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services\Services.asfx
[2012/12/18 10:28:24 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services\Services.asfx
[2012/12/18 10:28:40 | 000,002,634 | ---- | M] () MD5=912DD5C0C7C8D7572AD598414D56E24A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services\Services.asfx
[2012/12/18 10:28:26 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\Services.asfx
[2012/12/18 10:28:58 | 000,002,638 | ---- | M] () MD5=C2C37202B0E55877A64ADDBDE738284E -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services\Services.asfx
[2012/12/18 10:28:46 | 000,002,589 | ---- | M] () MD5=C313AD3602D4965A1918E86B9F3E84CF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services\Services.asfx
[2012/12/18 10:28:58 | 000,002,609 | ---- | M] () MD5=C7FA88C21103C70826F274A0E865AEDF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services\Services.asfx
[2012/12/18 10:29:00 | 000,002,576 | ---- | M] () MD5=D27D52045EB6A2EE031F7D2EA0349BC3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services\Services.asfx
[2012/12/18 10:28:34 | 000,002,560 | ---- | M] () MD5=D5642B1BFE0A70231D14C11D3D3FD60D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services\Services.asfx
[2012/12/18 10:28:50 | 000,002,588 | ---- | M] () MD5=DB216743CDE75637621E2FD39431BBD4 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services\Services.asfx
[2012/12/18 10:28:30 | 000,002,620 | ---- | M] () MD5=DCF7A8843832327386B81ABD189AC236 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services\Services.asfx
[2012/12/18 10:28:50 | 000,002,997 | ---- | M] () MD5=DD3F4DAF426555D8D85FF4D7C5A04F37 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services\Services.asfx
[2010/11/15 22:02:32 | 000,000,228 | R--- | M] () MD5=E09422BE0C7636A7B63A1527C4C1372D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx
[2012/12/18 10:28:36 | 000,002,599 | ---- | M] () MD5=F09D769A94767C3C7E7015A5C6C99A39 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services\Services.asfx
[2012/12/18 10:28:34 | 000,002,628 | ---- | M] () MD5=F844D742DB53C7D671BF7ED6517414D1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services\Services.asfx
[2012/12/18 10:28:32 | 000,002,582 | ---- | M] () MD5=FED4BDA3B6A9EB9DB59C254D8C987495 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services\Services.asfx

< MD5 for: SERVICES.ASFX1 >
[2010/11/15 22:02:32 | 000,000,228 | R--- | M] () MD5=A7B7A4CC1A717292474115CD3A4AC121 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx1

< MD5 for: SERVICES.ASFX10 >
[2010/11/15 22:02:34 | 000,000,233 | R--- | M] () MD5=3382FAB54FC906B0E40269D903A8D690 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx10

< MD5 for: SERVICES.ASFX11 >
[2010/11/15 22:02:26 | 000,000,227 | R--- | M] () MD5=F36865AB3B9813962B7EDBE66FA1C28A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx11

< MD5 for: SERVICES.ASFX12 >
[2010/11/15 22:02:30 | 000,000,225 | R--- | M] () MD5=9287C7268CC0F37F1DDE18CEBB128685 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx12

< MD5 for: SERVICES.ASFX13 >
[2010/11/15 22:02:30 | 000,000,228 | R--- | M] () MD5=95326C46AC2654AFF5C8543DFE22CCB3 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx13

< MD5 for: SERVICES.ASFX14 >
[2010/11/15 22:02:26 | 000,000,228 | R--- | M] () MD5=14DA84ECAF57B5ADA36B9093FF04CF32 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx14

< MD5 for: SERVICES.ASFX15 >
[2010/11/15 22:02:26 | 000,000,231 | R--- | M] () MD5=CF94F061685A38BABE0BBD463191EDE7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx15

< MD5 for: SERVICES.ASFX16 >
[2010/11/15 22:02:34 | 000,000,232 | R--- | M] () MD5=B6E63D87C73CED2D6B433C542C5C3965 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx16

< MD5 for: SERVICES.ASFX17 >
[2010/11/15 22:02:34 | 000,000,230 | R--- | M] () MD5=545E97C4F4CEA743A8D86B685EE2EDBB -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx17

< MD5 for: SERVICES.ASFX18 >
[2010/11/15 22:02:24 | 000,000,230 | R--- | M] () MD5=2577B66F38E0DEA25F328DA4A0FED322 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx18

< MD5 for: SERVICES.ASFX19 >
[2010/11/15 22:02:26 | 000,000,225 | R--- | M] () MD5=0A27F1D6595A69800A43CDE155B1E4A0 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx19

< MD5 for: SERVICES.ASFX2 >
[2010/11/15 22:02:36 | 000,000,264 | R--- | M] () MD5=0652D24D4E2799851A6DF1705E2BFFDA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx2

< MD5 for: SERVICES.ASFX20 >
[2010/11/15 22:02:38 | 000,000,231 | R--- | M] () MD5=C85F2519DC6AECF93F67AA613A320136 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx20

< MD5 for: SERVICES.ASFX21 >
[2010/11/15 22:02:26 | 000,000,231 | R--- | M] () MD5=8C95C0528EA7049A1DFC7A7342461D75 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx21

< MD5 for: SERVICES.ASFX22 >
[2010/11/15 22:02:24 | 000,000,231 | R--- | M] () MD5=9F2731666F5771CC5C1E4EEDC8FB8607 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx22

< MD5 for: SERVICES.ASFX23 >
[2010/11/15 22:02:26 | 000,000,225 | R--- | M] () MD5=0E89BE53F56B22390CF61584B649CE01 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx23

< MD5 for: SERVICES.ASFX24 >
[2010/11/15 22:02:32 | 000,000,229 | R--- | M] () MD5=E57594DB9B9D78AB4B53D34CAFEB8497 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx24

< MD5 for: SERVICES.ASFX25 >
[2010/11/15 22:02:36 | 000,000,232 | R--- | M] () MD5=611CB9CC21D2DDAD711690671F70EF39 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx25

< MD5 for: SERVICES.ASFX3 >
[2010/11/15 22:02:34 | 000,000,229 | R--- | M] () MD5=F9824728970AC8199BABDC9CBA5E038C -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx3

< MD5 for: SERVICES.ASFX4 >
[2010/11/15 22:02:26 | 000,000,226 | R--- | M] () MD5=55EA57D90AE22BDF0132597EF0D7C9C7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx4

< MD5 for: SERVICES.ASFX5 >
[2010/11/15 22:02:34 | 000,000,233 | R--- | M] () MD5=846C265B751189E88B74F0155DB6B828 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx5

< MD5 for: SERVICES.ASFX6 >
[2010/11/15 22:02:36 | 000,000,231 | R--- | M] () MD5=89BD37C4118540FD5AA8CDD0C24D6C0A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx6

< MD5 for: SERVICES.ASFX7 >
[2010/11/15 22:02:34 | 000,000,245 | R--- | M] () MD5=0B82FAB8FF5F988C5311DF1144A7D740 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx7

< MD5 for: SERVICES.ASFX8 >
[2010/11/15 22:02:34 | 000,000,231 | R--- | M] () MD5=5226417D3C8206000A8983BDC1243075 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx8

< MD5 for: SERVICES.ASFX9 >
[2010/11/15 22:02:30 | 000,000,234 | R--- | M] () MD5=EBD8D036504F2935675F5F432F076DBA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx9

< MD5 for: SERVICES.CFG >
[2012/12/18 10:28:18 | 000,558,791 | ---- | M] () MD5=A9983CC532F9B3FB1E87918D2313731D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2010/11/15 22:02:22 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 03:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\windows\SysNative\en-US\services.exe.mui
[2010/11/21 03:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\windows\SysNative\wbem\services.mof
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2010/11/21 03:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\en-US\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\services.msc
[2010/11/21 03:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 03:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 03:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PNG >
[2012/09/04 01:52:26 | 000,001,509 | ---- | M] () MD5=F4EC3ABEAE15FA9BB42D721E9D543F44 -- C:\Program Files\Dell Support Center\Images\icons\png\24_24\services.png

< MD5 for: SERVICES.PTXML >
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< End of report >
  • 0

#6
alicia63

alicia63

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Here is the Extras file

OTL Extras logfile created on: 4/6/2013 12:11:40 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alicia\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.61 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 62.54% Memory free
7.21 Gb Paging File | 5.55 Gb Available in Paging File | 76.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 401.82 Gb Free Space | 89.09% Space Free | Partition Type: NTFS

Computer Name: ALICIA-PC | User Name: Alicia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4146025234-3801914709-857404776-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Alicia\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Alicia\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{041B8DD5-6BC5-44A7-BDA4-448CC43EFF48}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0F9AB8E4-698E-430F-B74F-4B3B9D758D83}" = lport=137 | protocol=17 | dir=in | app=system |
"{19A081C2-1959-4FA7-B3C1-4B0ACBD4D492}" = lport=445 | protocol=6 | dir=in | app=system |
"{2191A861-BAB1-4FCE-AF33-BDBC32F56F3E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3A7D3300-F721-4E84-B69B-337298B8FD95}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{3AF05087-2013-4660-8FEB-E8A70EA011E4}" = lport=9702 | protocol=6 | dir=in | name=syncup_tcp_9702 |
"{3FBB2200-3F41-4AB9-BA48-C7250BF41615}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{437220B2-92B4-488D-B71C-C79AE9C4EC12}" = lport=9701 | protocol=6 | dir=in | name=syncup_tcp_9701 |
"{48E185E4-984B-4E8B-9303-371358297419}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5F199454-1B85-40D0-A4E6-6871A9864C2D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6B4FACBA-71CB-44E6-8127-D2205EF528F2}" = rport=137 | protocol=17 | dir=out | app=system |
"{76629D69-D2C9-4278-95A7-25815A763AEE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{78CE6F19-AC19-4A8A-BC15-9F4A7B628BE2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{83B7C9E9-6570-405A-AFAC-A5EACBCE0508}" = lport=138 | protocol=17 | dir=in | app=system |
"{8F42ABB5-A91D-4800-982C-EC4BCCD3A342}" = rport=139 | protocol=6 | dir=out | app=system |
"{9055794B-5C3D-4429-95C8-E7C2B7B8E316}" = lport=2869 | protocol=6 | dir=in | app=system |
"{997280A6-0E35-4C36-9407-D7B34B9F6EA1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A1D92DAC-BE22-4AC7-ACAC-784D14A7AC17}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{A4B03561-4E8E-47D8-B346-6BA75D7A06F4}" = lport=9700 | protocol=6 | dir=in | name=syncup_tcp_9700 |
"{ADE05FAF-A97A-4381-8302-C64EAB548793}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{AFAE74A2-9957-4EA6-8FD0-1B70FAA3C8F0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B4ADA880-D6F1-489E-A08A-2C8A46EB71D5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C5A403A5-5497-4594-90C7-FCBC24700079}" = rport=445 | protocol=6 | dir=out | app=system |
"{D4D2935F-5E68-4A61-B103-098478F321E7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E01DA2BE-B259-4209-93DE-6B2051F768D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{E2BDB99A-D9BB-4007-A1B2-324CD7F90BC1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ECADD4D5-460A-4CB4-B879-B9F7AF3F11A7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EDA2D252-45E9-4C78-BFFE-86884B208B76}" = lport=9700 | protocol=17 | dir=in | name=syncup_udp_9700 |
"{FFB6A1D4-756E-4F34-911E-971B214E3C5E}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05CCF7EA-3C79-4078-9EC8-126492A371C5}" = protocol=6 | dir=in | app=c:\program files (x86) (x86)\lexmark 2400 series\lxcraiox.exe |
"{0CB76CD7-4988-4125-A167-7007D1AA8E91}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0EDACC19-527D-499C-BC55-C8DBFBC60872}" = dir=in | app=c:\users\alicia\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{0F62007B-79CF-4C6C-815F-3634FBC7A8EE}" = dir=in | app=c:\program files\dell stage\musicstage\musicstageengine.exe |
"{18EDE64F-F4A5-4AA6-B586-64E0DCF50407}" = protocol=6 | dir=in | app=c:\users\alicia\appdata\roaming\dropbox\bin\dropbox.exe |
"{1928E2BE-F0CA-4457-BA86-F887DCA1997C}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe |
"{20C1CE96-1F94-414A-A098-DD870EB1E65F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2114D8E5-3017-4196-B409-FCE6F6BCD28C}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe |
"{225769E7-4FD1-457E-8415-28696B1E4727}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{24924752-AACB-478D-A6D7-E76C3B48BC82}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe |
"{2E9496E0-2835-4D83-9138-EFA543A0CD8B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2E992147-7143-42C1-A951-B0A53CA4DC74}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{33498BCB-DE24-4816-AA4F-A6350179CED9}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{4314E2EC-4C10-4913-99EF-F77E50AB2042}" = protocol=17 | dir=in | app=c:\program files (x86) (x86)\lexmark 2400 series\lxcrmon.exe |
"{4FA47844-3004-4076-812C-BD09FAECC28F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5155CBF3-006F-4D1F-9908-55D8E4744620}" = protocol=1 | dir=out | [email protected],-28544 |
"{557BCB47-10F5-42D8-A645-58BFC2457696}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"{611316DB-0364-40D5-A88E-08DD6D6168F0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{61D822E2-D412-49CD-8AB8-4FC3F4B6F072}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe |
"{6A62BC68-86EB-45A3-9958-2E95532CF4D1}" = protocol=17 | dir=in | app=c:\program files (x86) (x86)\lexmark 2400 series\lxcraiox.exe |
"{6CDEF4AE-D39C-4723-A491-6755F6F9E2CF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{70B04FEF-349E-444C-BE48-54DEB9F4C47A}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe |
"{71D2FE6D-A755-48EB-A0F2-7BE510E60C24}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe |
"{79ACEF92-B514-4007-8B08-EAAC735EBDD1}" = dir=in | app=c:\windows\system32\dleacoms.exe |
"{7A27D0F4-326A-4819-94DC-A0D912E0D3BF}" = protocol=6 | dir=in | app=c:\program files (x86) (x86)\lexmark 2400 series\lxcrmon.exe |
"{7EA0A212-CE31-4FB8-81C6-F480C55F4AEC}" = protocol=58 | dir=in | [email protected],-28545 |
"{85F675C1-093E-4C28-AAB6-201014E6FC5B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{89069800-6F90-4F41-B6C8-8628A805A556}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8A673BB7-C70C-4550-A58F-82646EA902F1}" = protocol=1 | dir=in | [email protected],-28543 |
"{8B4F0914-D46D-45B5-9CA5-FE82F921F234}" = dir=in | app=c:\users\alicia\appdata\local\torch\plugins\torrent\torchtorrent.exe |
"{8CF7963E-248E-49B7-9852-12FD657CE2EE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9019255E-748E-499B-A0AE-BCA847EEA00B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94478C0C-8A2C-43D8-87B7-DD92E9780D8C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9DD3448D-C400-4D89-8E26-A3E06D8B09B0}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe |
"{A41CD9A5-DF92-4A0A-91BD-6A715D2F8516}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nero\bdcore\nero blu-ray player\blu-rayplayer.exe |
"{A55412F2-1389-401B-BE68-CC32210276E8}" = protocol=6 | dir=out | app=system |
"{A64AFDF0-A822-4C97-AE41-76952F36471D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B112B3FF-8253-408D-B67D-04A42424071F}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"{B97D966A-CFCE-4BFA-AD6A-B35F1DA2ED29}" = dir=in | app=c:\program files\dell stage\dell stage\stage_primary.exe |
"{BA2CF4E9-E510-4B06-8C2A-8BE950AC59AF}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{BA3231BA-F9C5-4AB6-8966-C5AF4AEF7EFB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C38B640A-C1A0-4736-A0E7-DD3FF76ADE22}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nero\bdcore\nero blu-ray player\blu-rayplayer.exe |
"{C8BF87A9-2013-4B00-AAC4-8B830D2E4B31}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DBA92E0D-E7B1-451C-B1F6-3BF5CBE3F58F}" = protocol=17 | dir=in | app=c:\users\alicia\appdata\roaming\dropbox\bin\dropbox.exe |
"{DE7C1980-448D-40C7-B546-F417A7911F33}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{E1C6AF86-26FF-4DAB-83DF-D0B5AF68D171}" = protocol=58 | dir=out | [email protected],-28546 |
"{E7CA05CD-BF80-4C59-A2A8-C21E06B5C617}" = dir=in | app=c:\program files\dell stage\dell stage\accuweather\accuweather.exe |
"{EB0CB568-13CD-4189-840C-CC5345F26B62}" = protocol=6 | dir=in | app=c:\program files (x86)\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{EB361A9D-24D9-4873-8AA0-A665EB828C39}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe |
"{EDAC6850-F58E-4C07-B42F-48F56600CF3C}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{EE3FDF5F-96CB-434E-8FD6-DC9C1FCF5E61}" = protocol=17 | dir=in | app=c:\program files (x86)\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{EEDC47E9-AF64-42E8-A0D9-63B293027591}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F3A93DCE-EB89-4400-953A-D9ED1DAC1FD5}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{F608933B-DE96-46CF-B79D-39A981FF54D1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"TCP Query User{9A8AD9A2-8B0A-4B3F-8789-C004B2689CD6}C:\users\alicia\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\alicia\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{07071858-8CEF-4751-A2D4-29C2FC946555}C:\users\alicia\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\alicia\appdata\roaming\dropbox\bin\dropbox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0838B70E-B35E-AC61-EF41-3E9472AD6C41}" = AMD Drag and Drop Transcoding
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2029C99D-3DF5-1AE1-ECE6-C512AA2EDA04}" = AMD Fuel
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java™ 7 Update 1 (64-bit)
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6A29BC26-68EB-EE27-0775-C6A5D9880FB8}" = ATI AVIVO64 Codecs
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8E7D00D0-255E-F084-28A3-400DCD5EF8A7}" = ccc-utility64
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F37A899E-1745-52F5-658F-9A4DA4D46BB7}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F800CF18-6470-D909-B460-73F2F41030B4}" = AMD Accelerated Video Transcoding
"{F9434B34-EDCA-DF34-FD55-8D66DF8DBECF}" = AMD Media Foundation Decoders
"DW WLAN Card" = DW WLAN Card
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PC-Doctor for Windows" = Dell Support Center

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C91919D-0386-C260-0822-7A01C5BCD58A}" = CCC Help Greek
"{0ECFCB07-9BFE-4970-ACA1-D568D982760B}" = Complete Care Business Service Agreement
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F99CA59-7CB4-4167-A43A-4B1D5E584281}" = Dell Stage
"{143593DA-4632-50AE-A6D9-7676695B33C8}" = CCC Help Finnish
"{16584456-9AD2-3FA4-C8B5-B2EE2D856E6C}" = Catalyst Control Center Localization All
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java™ 7 Update 1
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{33365E1D-B501-AA04-F802-88BF0A4DB9F7}" = CCC Help French
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3BD7DD08-991B-4A2F-A165-614ED14EAADD}" = Dell MusicStage
"{400182B4-CA55-46A9-9D88-F8413DCFB36D}" = Blio
"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{43C5AF90-0558-590E-30A3-7A8FEEA4B45B}" = Catalyst Control Center Graphics Previews Common
"{441B922B-E0AC-F7BB-E577-095E3E3B8D03}" = CCC Help Turkish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5C03C49F-662A-B4EF-E5EC-1C1FFFDD6578}" = CCC Help Norwegian
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69ABD76E-52E6-E809-9E6B-B6E194DF6E30}" = CCC Help Portuguese
"{6C84C3D8-F2E1-EF85-34E2-EFD8C583A414}" = CCC Help Swedish
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell" = WildTangent Games App (Dell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7DA5255C-EE35-848E-4482-407BB876BD15}" = CCC Help Russian
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{831C840A-8331-E269-24EE-52A3EDEC8830}" = CCC Help Chinese Traditional
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualxServ Service Agreement
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF92104-2955-867B-E374-63FA2AB55CC4}" = CCC Help Korean
"{9BC10B90-1592-3C5A-BBA7-BACDA0B52405}" = CCC Help Japanese
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A71AF1EF-6C46-DC9A-84C0-0DADE7F3BEEE}" = CCC Help Hungarian
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7527D8A-4C50-9D56-CB37-922E1EC96B82}" = CCC Help Thai
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.6) MUI
"{AF4D3C63-009B-4A17-B02E-D395065DD3F0}" = Dell Stage Remote
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}" = Dell Digital Delivery
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B07CB2BA-819B-41C5-BBE0-484A4C23972E}" = Easy Flyer Creator 3.0
"{B7416D0F-8282-468A-5C3D-CA5713B6F4C0}" = AMD VISION Engine Control Center
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BD21728C-22C5-2D69-2F52-C4437E8FF02E}" = Catalyst Control Center InstallProxy
"{C0E5147E-C9F3-4360-9ED0-2E875F11766C}" = Respondus LockDown Browser
"{C28D96C0-6A90-459E-A077-A6706F4EC0FC}" = Bing Bar
"{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}" = Premium Service Agreement
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CA311B78-954E-44BC-913F-B5B8B74A786B}" = CCC Help German
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E0184F33-58CA-A249-0D1B-F23F9206410D}" = CCC Help English
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E28884AE-E40E-2F71-9511-8CC8C071147F}" = CCC Help Chinese Standard
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3DB1759-C652-E0E3-5B88-76286BF9B6D0}" = CCC Help Dutch
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E4F26D72-E0BA-33B5-E5A4-542C545EFAAA}" = CCC Help Polish
"{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller
"{E72F1051-B87E-4EF4-AE9F-8FDD229CC438}" = Catalyst Control Center - Branding
"{E9820957-CB43-3BD1-3A00-25C7CB37EE1D}" = CCC Help Danish
"{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}" = Cozi
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECC9BBF1-5735-F27B-E25A-5522D8B3F044}" = CCC Help Italian
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEC3A4C1-2B49-00CF-DA00-B27DC267236E}" = CCC Help Spanish
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}" = Accidental Damage Services Agreement
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F47662E5-C972-89F6-0416-5BAC56E835F9}" = CCC Help Czech
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"appbario7 Toolbar" = appbario7 Toolbar
"BabylonToolbar" = Babylon toolbar on IE
"Dell Webcam Central" = Dell Webcam Central
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"iLivid" = iLivid
"ilividtoolbarguid" = Search-Results Toolbar
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton 360
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Playbryte" = PlayBryte
"RealPlayer 15.0" = RealPlayer
"SafeConnect" = SafeConnect
"Samsung Printer Live Update" = Samsung Printer Live Update
"SearchProtect" = Search Protect by conduit
"SMPlayer" = SMPlayer 0.6.9
"The Weather Channel App" = The Weather Channel App
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"Wajam" = Wajam
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WT089409" = Bejeweled 2 Deluxe
"WT089410" = Blackhawk Striker 2
"WT089411" = Build-a-lot 2
"WT089412" = Cake Mania
"WT089413" = Chuzzle Deluxe
"WT089414" = Diner Dash 2 Restaurant Rescue
"WT089415" = Dora's World Adventure
"WT089418" = FATE
"WT089420" = Jewel Quest
"WT089422" = Jewel Quest Solitaire 2
"WT089426" = Poker Superstars III
"WT089430" = Virtual Villagers 4 - The Tree of Life
"WT089433" = Polar Golfer
"WT089434" = Escape Whisper Valley ™
"WT089440" = Namco All-Stars PAC-MAN
"WT089443" = Bounce Symphony
"WT089444" = Final Drive Nitro
"WT089445" = Penguins!
"WT089446" = Wedding Dash - Ready, Aim, Love!
"WT089448" = Zuma Deluxe
"WT089450" = Farm Frenzy
"WT089452" = Plants vs. Zombies - Game of the Year
"WT089499" = Final Drive Fury
"WT089503" = Samantha Swift
"WT089507" = Luxor
"WT089508" = Polar Bowler
"ZinioReader4" = Zinio Reader 4

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4146025234-3801914709-857404776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Torch" = Torch

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2/28/2013 10:51:30 AM | Computer Name = Alicia-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/28/2013 11:11:06 AM | Computer Name = Alicia-PC | Source = Application Error | ID = 1000
Description = Faulting application name: msiexec.exe, version: 5.0.7601.17514, time
stamp: 0x4ce79d93 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x000000000009970a Faulting
process id: 0x16e4 Faulting application start time: 0x01ce15c5d3991ea4 Faulting application
path: C:\windows\system32\msiexec.exe Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report
Id: 12634ea5-81b9-11e2-9ba6-24b6fd2ae714

Error - 2/28/2013 11:15:30 AM | Computer Name = Alicia-PC | Source = Application Hang | ID = 1002
Description = The program hpzdui40.exe version 14.0.301.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 17f4 Start
Time: 01ce15c60044713f Termination Time: 16 Application Path: C:\Users\Alicia\AppData\Local\Temp\7zS5B09\Setup\hpzdui40.exe

Report
Id:

Error - 2/28/2013 11:40:35 AM | Computer Name = Alicia-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 2/28/2013 11:42:27 AM | Computer Name = Alicia-PC | Source = Application Error | ID = 1000
Description = Faulting application name: firefox.exe, version: 19.0.0.4794, time
stamp: 0x511ed1c1 Faulting module name: xul.dll, version: 19.0.0.4794, time stamp:
0x511ed0fe Exception code: 0xc0000005 Fault offset: 0x00155858 Faulting process id:
0x488 Faulting application start time: 0x01ce15c4eae85600 Faulting application path:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: C:\Program
Files (x86)\Mozilla Firefox\xul.dll Report Id: 73d4e453-81bd-11e2-9ba6-24b6fd2ae714

Error - 3/1/2013 12:26:36 PM | Computer Name = Alicia-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 3/1/2013 8:23:50 PM | Computer Name = Alicia-PC | Source = Application Error | ID = 1000
Description = Faulting application name: csc.exe, version: 8.0.50727.4927, time
stamp: 0x4a275157 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x000000000009970a Faulting
process id: 0xe10 Faulting application start time: 0x01ce16dc353d12b1 Faulting application
path: C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe Faulting module path:
C:\windows\SYSTEM32\ntdll.dll Report Id: 7409a412-82cf-11e2-9ba6-24b6fd2ae714

Error - 3/1/2013 7:41:34 PM | Computer Name = Alicia-PC | Source = WinMgmt | ID = 10
Description =

Error - 3/1/2013 7:49:50 PM | Computer Name = Alicia-PC | Source = Application Error | ID = 1000
Description = Faulting application name: taskeng.exe, version: 6.1.7601.17514, time
stamp: 0x4ce79d2c Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x000000000009970a Faulting
process id: 0x8c0 Faulting application start time: 0x01ce16d77656ce2c Faulting application
path: C:\windows\system32\taskeng.exe Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report
Id: b49cebd5-82ca-11e2-ae94-24b6fd2ae714

Error - 3/1/2013 6:53:31 PM | Computer Name = Alicia-PC | Source = WinMgmt | ID = 10
Description =

Error - 3/1/2013 6:56:23 PM | Computer Name = Alicia-PC | Source = Application Error | ID = 1000
Description = Faulting application name: DllHost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bca54 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x000000000009970a Faulting
process id: 0xaa0 Faulting application start time: 0x01ce16cffea1e0c8 Faulting application
path: C:\windows\system32\DllHost.exe Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report
Id: 3c89ee0f-82c3-11e2-8c7b-24b6fd2ae714

[ Dell Events ]
Error - 8/30/2012 1:21:34 PM | Computer Name = Alicia-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 8/30/2012 1:21:34 PM | Computer Name = Alicia-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/4/2012 1:34:48 AM | Computer Name = Alicia-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/4/2012 1:34:48 AM | Computer Name = Alicia-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

[ System Events ]
Error - 3/1/2013 7:40:48 PM | Computer Name = Alicia-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 3/1/2013 7:42:11 PM | Computer Name = Alicia-PC | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 3/1/2013 7:44:43 PM | Computer Name = Alicia-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
BHDrvx64 ccSet_N360 SymIRON

Error - 3/1/2013 7:44:55 PM | Computer Name = Alicia-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 3/1/2013 7:45:25 PM | Computer Name = Alicia-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 3/1/2013 7:46:52 PM | Computer Name = Alicia-PC | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 3/3/2013 8:57:57 AM | Computer Name = Alicia-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the DNS
Client service to connect.

Error - 3/3/2013 8:57:57 AM | Computer Name = Alicia-PC | Source = Service Control Manager | ID = 7000
Description = The DNS Client service failed to start due to the following error:
%%1053

Error - 3/3/2013 8:58:20 AM | Computer Name = Alicia-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
BHDrvx64 ccSet_N360 SymIRON

Error - 3/3/2013 9:00:29 AM | Computer Name = Alicia-PC | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).


< End of report >
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
My apologies I meant to add that but must have had a blonde moment :)

On completion of this can you let me know what problems remain

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\URLSearchHook: {6926c7f7-6006-42d1-b046-eba1b3010315} - C:\Program Files (x86)\appbario7\prxtbappb.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...54-584E7DE30C4B
IE - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\..\URLSearchHook: {6926c7f7-6006-42d1-b046-eba1b3010315} - C:\Program Files (x86)\appbario7\prxtbappb.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0007ce9d3aa6f16
IE - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = Playbryte-fa-v/search/redirect/?type=default&user_id=3099b29a-2cb1-43ed-bcdf-885b91144a84&query={searchTerms}
IE - HKU\S-1-5-21-4146025234-3801914709-857404776-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
FF - prefs.js..CT3227981.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultthis.engineName: "appbario7 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3227981&CUI=UN30396999542517910&UM=2&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "appbario7 Customized Web Search"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3227981&SearchSource=2&CUI=UN30396999542517910&UM=&q="
[2013/03/21 19:31:46 | 000,000,000 | ---D | M] (appbario7) -- C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}
[2012/11/25 04:08:55 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}
[2013/03/20 23:55:46 | 000,000,995 | ---- | M] () -- C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\searchplugins\conduit.xml
[2012/11/25 04:08:39 | 000,002,687 | ---- | M] () -- C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\searchplugins\Search_Results.xml
[2012/11/25 04:09:01 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES (X86)\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2012/11/25 04:08:39 | 000,002,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
O2:64bit: - BHO: (DataMngr) - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media Inc)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (appbario7 Toolbar) - {6926c7f7-6006-42d1-b046-eba1b3010315} - C:\Program Files (x86)\appbario7\prxtbappb.dll (Conduit Ltd.)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (DataMngr) - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media Inc)
O2 - BHO: (Search-Results Toolbar) - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (appbario7 Toolbar) - {6926c7f7-6006-42d1-b046-eba1b3010315} - C:\Program Files (x86)\appbario7\prxtbappb.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngrUI.exe (Bandoo Media Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngr.dll (Bandoo Media Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Search Results Toolbar\Datamngr\IEBHO.dll (Bandoo Media Inc)
[2013/03/20 23:56:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\appbario7

:Files
C:\Program Files (x86)\Search Results Toolbar
C:\Program Files (x86)\BabylonToolbar
C:\Program Files (x86)\appbario7
C:\Program Files (x86)\Wajam

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that
  • 0

#8
alicia63

alicia63

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Here is the log after reboot

All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{6926c7f7-6006-42d1-b046-eba1b3010315} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6926c7f7-6006-42d1-b046-eba1b3010315}\ deleted successfully.
C:\Program Files (x86)\appbario7\prxtbappb.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
HKU\S-1-5-21-4146025234-3801914709-857404776-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-4146025234-3801914709-857404776-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{6926c7f7-6006-42d1-b046-eba1b3010315} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6926c7f7-6006-42d1-b046-eba1b3010315}\ not found.
File C:\Program Files (x86)\appbario7\prxtbappb.dll not found.
HKEY_USERS\S-1-5-21-4146025234-3801914709-857404776-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-4146025234-3801914709-857404776-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-4146025234-3801914709-857404776-1001\Software\Microsoft\Internet Explorer\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}\ not found.
Registry key HKEY_USERS\S-1-5-21-4146025234-3801914709-857404776-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Prefs.js: "true" removed from CT3227981.browser.search.defaultthis.engineName
Prefs.js: "appbario7 Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.condui...={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "appbario7 Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.condui...2517910&UM=&q=" removed from keyword.URL
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\Plugins folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\modules folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\META-INF folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\lib folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\defaults\preferences folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\defaults folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\sl folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\lib\jquery.alerts\images folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\lib\jquery.alerts folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\lib scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\core folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\SEARCH\view\script folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\SEARCH\view scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\SEARCH scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\PRICE_GONG scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\NOTIFICATION scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\MULTI_RSS scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\EMAIL_NOTIFIER scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\404 folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ui\menu\js folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ui\menu\img folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ui\menu\css folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ui\menu folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ui\gf\js folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ui\gf\img folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ui\gf\css folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ui\gf folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ui\dlg\ftd folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ui\dlg scheduled to be moved on reboot.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ui scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\sp\spsd\images folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\sp\spsd folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\sp\spbd\images folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\sp\spbd folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\sp\js folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\sp scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\options\js\resources folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\options\js folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\options\images folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\options\css folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\options scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\msd folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\api folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ac\res folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ac\img folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ac\css folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ac folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\aboutBox\js folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\aboutBox\images folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\aboutBox folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\logic\uninstall\dialog\js folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\logic\uninstall\dialog\images folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\logic\uninstall\dialog\css folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\logic\uninstall\dialog folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\logic\uninstall scheduled to be moved on reboot.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\logic scheduled to be moved on reboot.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981 scheduled to be moved on reboot.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315} scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\components folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\searchbar folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\options folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib\uwa folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib\panels\images folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib\panels\default folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib\panels\css folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib\panels scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib\debugbar folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\locale\toolbar folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\locale\lib folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\locale folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\data\weather folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\data\search folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\data folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\content\widgets\net.vmn.www.RadioBeta folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\content\widgets\com.djboxservice.dj.DJBox folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\content\widgets scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\content\modules folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\content\lib folder moved successfully.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f} scheduled to be moved on reboot.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\searchplugins\conduit.xml moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\searchplugins\Search_Results.xml moved successfully.
C:\PROGRAM FILES (X86)\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION\content folder moved successfully.
C:\PROGRAM FILES (X86)\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION\components folder moved successfully.
C:\PROGRAM FILES (X86)\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}\ deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6926c7f7-6006-42d1-b046-eba1b3010315}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6926c7f7-6006-42d1-b046-eba1b3010315}\ not found.
File C:\Program Files (x86)\appbario7\prxtbappb.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}\ deleted successfully.
C:\Program Files (x86)\Wajam\IE\priam_bho.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}\ deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\BrowserConnection.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f34c9277-6577-4dff-b2d7-7d58092f272f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f34c9277-6577-4dff-b2d7-7d58092f272f}\ deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{6926c7f7-6006-42d1-b046-eba1b3010315} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6926c7f7-6006-42d1-b046-eba1b3010315}\ not found.
File C:\Program Files (x86)\appbario7\prxtbappb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{b278d9f8-0fa9-465e-9938-0c392605d8e3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b278d9f8-0fa9-465e-9938-0c392605d8e3}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{f34c9277-6577-4dff-b2d7-7d58092f272f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f34c9277-6577-4dff-b2d7-7d58092f272f}\ not found.
File C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngrUI.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\IEBHO.dll moved successfully.
C:\Program Files (x86)\appbario7 folder moved successfully.
========== FILES ==========
C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64 folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\components folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\searchbar folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\css folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\debugbar folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\lib folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\data\weather folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\data\search folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\data folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\modules folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1 folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\css folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar folder moved successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh folder moved successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12 folder moved successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar folder moved successfully.
C:\Program Files (x86)\BabylonToolbar folder moved successfully.
File\Folder C:\Program Files (x86)\appbario7 not found.
C:\Program Files (x86)\Wajam\Updater folder moved successfully.
C:\Program Files (x86)\Wajam\IE folder moved successfully.
C:\Program Files (x86)\Wajam folder moved successfully.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Alicia
->Temp folder emptied: 1463917046 bytes
->Temporary Internet Files folder emptied: 9775293 bytes
->Java cache emptied: 887095 bytes
->FireFox cache emptied: 427053816 bytes
->Flash cache emptied: 99651 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 168114767 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 382291 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67697 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,974.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 04062013_142829

Files\Folders moved on Reboot...
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\lib folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\wa folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ui\dlg folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\ui folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\sp folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al\options folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb\al folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\tb folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\logic\uninstall folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content\logic folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981\content folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome\CT3227981 folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}\chrome folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315} folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib\panels folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin\lib folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\skin folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\content\widgets folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome\content folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}\chrome folder moved successfully.
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f} folder moved successfully.
C:\Users\Alicia\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
After AdwCleaner has run could you let me know how the computer is behaving
  • 0

#10
alicia63

alicia63

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Here is the log after Quick Scan

OTL logfile created on: 4/6/2013 2:36:22 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alicia\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.61 Gb Total Physical Memory | 2.45 Gb Available Physical Memory | 67.82% Memory free
7.21 Gb Paging File | 5.91 Gb Available in Paging File | 81.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 403.72 Gb Free Space | 89.51% Space Free | Partition Type: NTFS

Computer Name: ALICIA-PC | User Name: Alicia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/06 12:08:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alicia\Desktop\OTL.exe
PRC - [2013/03/14 03:41:33 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013/03/12 03:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Alicia\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/03/09 20:18:41 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/12/19 16:49:30 | 000,642,808 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
PRC - [2012/12/18 07:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/11 11:29:17 | 000,175,968 | ---- | M] (Impulse Point, LLC) -- C:\Program Files (x86)\SafeConnect\scManager.sys
PRC - [2012/08/21 16:20:02 | 000,067,496 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe
PRC - [2012/06/15 22:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccsvchst.exe
PRC - [2011/11/25 17:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/06 13:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 11:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 11:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/01 13:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/06/29 09:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
PRC - [2011/06/27 20:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
PRC - [2011/05/12 17:59:00 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/04/13 11:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010/11/17 11:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/14 03:41:33 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013/03/09 20:18:40 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/02/17 04:36:20 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/01/14 23:20:15 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013/01/13 05:50:54 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/01/13 05:49:32 | 014,340,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/01/13 05:48:44 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/13 05:48:39 | 012,237,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/01/13 05:48:16 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/13 05:48:05 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/13 05:47:56 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/13 05:47:55 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/13 05:47:39 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/08/21 16:20:02 | 000,067,496 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe
MOD - [2011/08/18 11:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/06/29 09:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
MOD - [2011/06/27 20:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
MOD - [2011/06/27 20:25:30 | 000,058,944 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
MOD - [2011/06/25 00:21:46 | 000,322,624 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
MOD - [2011/06/25 00:20:26 | 000,565,968 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
MOD - [2010/11/24 23:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010/11/17 11:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010/03/22 16:52:42 | 006,776,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
MOD - [2010/03/16 21:28:28 | 000,326,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
MOD - [2010/03/16 21:28:16 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
MOD - [2010/03/16 21:28:04 | 001,926,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
MOD - [2010/03/11 20:52:34 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
MOD - [2010/03/11 20:52:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
MOD - [2010/03/05 16:07:58 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
MOD - [2010/03/05 16:07:58 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/12/19 16:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/12/19 15:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/27 15:06:16 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/01 14:13:46 | 001,054,888 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dleacoms.exe -- (dlea_device)
SRV:64bit: - [2009/03/03 06:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2013/03/14 03:41:33 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/09 20:18:40 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/18 07:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/11 11:29:17 | 000,175,968 | ---- | M] (Impulse Point, LLC) [Auto | Running] -- C:\Program Files (x86)\SafeConnect\scManager.sys -- (SCManager)
SRV - [2012/07/13 14:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/15 22:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe -- (N360)
SRV - [2011/11/25 17:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/10/26 09:58:10 | 000,162,816 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/08/18 11:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/06/07 13:25:12 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/05/12 17:59:00 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/11/25 06:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 06:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/08/25 21:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/12/11 13:12:22 | 000,566,192 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxcrcoms.exe -- (lxcr_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/19 16:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/12/19 15:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/11/06 07:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/09/06 20:01:23 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/09/04 01:50:20 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020200}_0)
DRV:64bit: - [2012/07/05 22:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 22:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/07 00:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/05/21 21:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/03/16 18:43:40 | 004,719,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/10 04:10:04 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)
DRV:64bit: - [2011/11/16 23:38:00 | 000,405,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/11/16 23:17:50 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\ironx64.sys -- (SymIRON)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/16 02:51:40 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\symds64.sys -- (SymDS)
DRV:64bit: - [2011/06/16 18:08:26 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/06/16 18:08:24 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/05/27 15:06:16 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/05/17 02:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/31 23:35:12 | 000,355,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/20 12:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/12/16 02:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/29 20:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/03/19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2013/01/19 11:24:27 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130129.005\ex64.sys -- (NAVEX15)
DRV - [2013/01/19 11:24:27 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130129.005\eng64.sys -- (NAVENG)
DRV - [2013/01/15 22:51:11 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130116.013\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/01/04 18:26:54 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130126.002\IDSviA64.sys -- (IDSVia64)
DRV - [2012/09/06 20:22:57 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..CT3227981.browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://search.condui...4-584E7DE30C4B"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Alicia\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\ [2013/03/01 19:52:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\ [2013/03/01 19:52:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/03/01 19:52:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/20 23:56:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/20 23:56:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/11/25 04:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alicia\AppData\Roaming\Mozilla\Extensions
[2013/04/06 14:34:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\extensions
[2013/03/09 20:18:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/09 20:18:35 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/03/09 20:18:41 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/03/03 19:56:00 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/03 19:56:00 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2013/04/06 14:29:22 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [EzPrint] "C:\Program Files (x86) (x86)\Lexmark 2400 Series\ezprint.exe" File not found
O4 - HKLM..\Run: [lxcrmon.exe] "C:\Program Files (x86) (x86)\Lexmark 2400 Series\lxcrmon.exe" File not found
O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()
O4 - HKLM..\Run: [RoxWatchTray] c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe" File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\Alicia\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - Startup: C:\Users\Alicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Alicia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5439173D-549B-4585-934D-351BCE055891}: DhcpNameServer = 65.32.5.111 65.32.5.112
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/06 14:28:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/04/06 12:08:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alicia\Desktop\OTL.exe
[2013/04/05 22:37:14 | 000,000,000 | ---D | C] -- C:\FRST
[2013/04/04 21:30:26 | 000,000,000 | ---D | C] -- C:\drivers
[2013/04/04 21:18:21 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/04/04 16:14:43 | 000,000,000 | ---D | C] -- C:\Users\Alicia\AppData\Roaming\RealNetworks
[2013/03/20 23:56:48 | 000,000,000 | ---D | C] -- C:\Users\Alicia\AppData\Roaming\PerformerSoft
[2013/03/20 23:56:46 | 000,019,632 | ---- | C] (PerformerSoft LLC) -- C:\windows\SysNative\roboot64.exe
[2013/03/20 23:46:58 | 000,000,000 | ---D | C] -- C:\Users\Alicia\AppData\Local\Peridot_Technologies
[2013/03/20 23:46:57 | 000,000,000 | ---D | C] -- C:\Users\Alicia\Easy Flyer Creator
[2013/03/20 23:45:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Flyer Creator 3.0
[2013/03/20 23:45:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy Flyer Creator 3.0
[2013/03/20 23:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Easy Flyer Creator
[2013/03/14 03:05:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/13 03:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/09 20:18:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[10 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[10 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/04/06 14:41:03 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/04/06 14:40:14 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/06 14:40:14 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/06 14:32:41 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/04/06 14:32:32 | 2903,519,232 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/06 14:29:22 | 000,000,098 | ---- | M] () -- C:\windows\SysNative\drivers\etc\Hosts
[2013/04/06 14:27:07 | 000,779,788 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/04/06 14:27:07 | 000,660,770 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/04/06 14:27:07 | 000,121,408 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/04/06 12:43:12 | 000,613,083 | ---- | M] () -- C:\Users\Alicia\Desktop\adwcleaner.exe
[2013/04/06 12:08:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alicia\Desktop\OTL.exe
[2013/04/06 11:50:00 | 000,000,932 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-4146025234-3801914709-857404776-1001UA.job
[2013/04/05 21:47:49 | 265,979,894 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013/04/05 21:28:27 | 000,000,910 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-4146025234-3801914709-857404776-1001Core.job
[2013/04/04 21:32:16 | 000,017,992 | ---- | M] () -- C:\windows\SysWow64\LexFiles.ulf
[2013/04/04 09:45:36 | 000,000,000 | ---- | M] () -- C:\END
[2013/03/31 22:07:32 | 000,001,055 | ---- | M] () -- C:\Users\Alicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/03/31 22:07:19 | 000,001,025 | ---- | M] () -- C:\Users\Alicia\Desktop\Dropbox.lnk
[2013/03/21 14:16:21 | 000,370,832 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/03/20 23:45:56 | 000,002,607 | ---- | M] () -- C:\Users\Public\Desktop\Easy Flyer Creator 3.0.lnk
[10 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[10 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/04/06 12:43:12 | 000,613,083 | ---- | C] () -- C:\Users\Alicia\Desktop\adwcleaner.exe
[2013/04/04 20:39:43 | 000,385,024 | ---- | C] () -- C:\windows\SysWow64\lxcrcomx.dll
[2013/04/04 20:39:43 | 000,274,432 | ---- | C] () -- C:\windows\SysWow64\LXCRinst.dll
[2013/04/04 20:39:41 | 000,181,168 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrppls.exe
[2013/04/04 20:39:40 | 000,238,592 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrinpa.dll
[2013/04/04 20:39:40 | 000,226,816 | ---- | C] ( ) -- C:\windows\SysWow64\lxcriesc.dll
[2013/04/04 20:39:39 | 001,417,728 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrserv.dll
[2013/04/04 20:39:39 | 001,099,264 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrusb1.dll
[2013/04/04 20:39:39 | 000,695,808 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrcomc.dll
[2013/04/04 20:39:39 | 000,566,192 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrcoms.exe
[2013/04/04 20:39:39 | 000,535,647 | ---- | C] () -- C:\windows\SysWow64\lxcrhelp.chm
[2013/04/04 20:39:39 | 000,487,424 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrlmpm.dll
[2013/04/04 20:39:39 | 000,409,600 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrpmui.dll
[2013/04/04 20:39:39 | 000,249,856 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrcomm.dll
[2013/04/04 20:39:39 | 000,233,392 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrih.exe
[2013/04/04 20:39:39 | 000,035,328 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrprox.dll
[2013/04/04 20:39:39 | 000,017,992 | ---- | C] () -- C:\windows\SysWow64\LexFiles.ulf
[2013/04/04 20:39:39 | 000,010,752 | ---- | C] ( ) -- C:\windows\SysWow64\lxcrpplc.dll
[2013/04/04 20:39:39 | 000,002,365 | ---- | C] () -- C:\windows\SysWow64\lxcr.loc
[2013/03/20 23:45:56 | 000,002,607 | ---- | C] () -- C:\Users\Public\Desktop\Easy Flyer Creator 3.0.lnk
[2012/12/19 15:52:22 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012/12/19 15:52:22 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
[2012/03/16 18:42:00 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012/03/16 18:31:30 | 000,017,776 | ---- | C] () -- C:\windows\EvtMessage.dll
[2012/02/26 08:02:17 | 000,000,096 | ---- | C] () -- C:\windows\LaunApp.ini
[2012/02/26 08:02:12 | 000,000,325 | ---- | C] () -- C:\windows\Prelaunch.ini
[2012/02/26 08:02:12 | 000,000,271 | ---- | C] () -- C:\windows\WisPriority.ini
[2012/02/26 08:02:12 | 000,000,035 | ---- | C] () -- C:\windows\DELL_LANGCODE.ini
[2012/02/26 08:02:12 | 000,000,033 | ---- | C] () -- C:\windows\DELL_OSTYPE.ini
[2012/02/26 08:02:12 | 000,000,032 | ---- | C] () -- C:\windows\WisHWDest.ini
[2012/02/26 08:02:12 | 000,000,028 | ---- | C] () -- C:\windows\WisLangCode.ini
[2012/02/26 08:02:12 | 000,000,023 | ---- | C] () -- C:\windows\WisSysInfo.ini
[2012/02/26 06:54:12 | 000,774,004 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/09/12 18:06:16 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/09/04 03:26:06 | 000,000,000 | ---D | M] -- C:\Users\Alicia\AppData\Roaming\Babylon
[2012/09/04 03:26:49 | 000,000,000 | ---D | M] -- C:\Users\Alicia\AppData\Roaming\BabylonToolbar
[2013/04/06 14:34:18 | 000,000,000 | ---D | M] -- C:\Users\Alicia\AppData\Roaming\Dropbox
[2012/08/30 23:58:44 | 000,000,000 | ---D | M] -- C:\Users\Alicia\AppData\Roaming\Fingertapps
[2012/08/30 23:58:26 | 000,000,000 | ---D | M] -- C:\Users\Alicia\AppData\Roaming\Leadertech
[2012/09/10 16:48:06 | 000,000,000 | ---D | M] -- C:\Users\Alicia\AppData\Roaming\PCDr
[2013/03/21 00:04:10 | 000,000,000 | ---D | M] -- C:\Users\Alicia\AppData\Roaming\PerformerSoft
[2012/09/10 22:13:00 | 000,000,000 | ---D | M] -- C:\Users\Alicia\AppData\Roaming\SoftGrid Client
[2012/09/03 11:58:00 | 000,000,000 | ---D | M] -- C:\Users\Alicia\AppData\Roaming\TP

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#11
alicia63

alicia63

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Here is the log from ADW Cleaner

# AdwCleaner v2.200 - Logfile created 04/06/2013 at 14:49:35
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Alicia - ALICIA-PC
# Boot Mode : Normal
# Running from : C:\Users\Alicia\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\user.js
File Deleted : C:\Users\Alicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Deleted : C:\Users\Alicia\Desktop\iLivid.lnk
File Deleted : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
Folder Deleted : C:\Program Files (x86)\Playbryte
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\Alicia\AppData\Local\Ilivid
Folder Deleted : C:\Users\Alicia\AppData\Local\Wajam
Folder Deleted : C:\Users\Alicia\AppData\LocalLow\appbario7
Folder Deleted : C:\Users\Alicia\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Alicia\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Alicia\AppData\LocalLow\ilividtoolbarguid
Folder Deleted : C:\Users\Alicia\AppData\LocalLow\Playbryte
Folder Deleted : C:\Users\Alicia\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\Alicia\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Alicia\AppData\Roaming\BabylonToolbar
Folder Deleted : C:\Users\Alicia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\ilividtoolbarguid
Folder Deleted : C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\Smartbar
Folder Deleted : C:\Users\Alicia\AppData\Roaming\PerformerSoft

***** [Registry] *****

Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\AppDataLow\Software\appbario7
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ilividtoolbarguid
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\ilividtoolbarguid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6926C7F7-6006-42D1-B046-EBA1B3010315}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKLM\Software\appbario7
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1
Key Deleted : HKLM\Software\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Deleted : HKLM\Software\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3227981
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\iLividSRTB
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6628343D-1E52-404D-A133-B839098ACA5E}
Key Deleted : HKLM\Software\Playbryte
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6628343D-1E52-404D-A133-B839098ACA5E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{334F8381-78ED-45DD-A440-40D7E806E9C2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{535CEF7F-7CDA-4AB3-A454-09D89166BA0A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\appbario7 Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbarguid
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Playbryte
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\DataMngr

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\yir5u8j3.default\prefs.js

Deleted : user_pref("CT3227981.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT3227981.1000082.state", "{\"state\":\"stopped\",\"text\":\"1.FM (Cou...\",\"description[...]
Deleted : user_pref("CT3227981.CT3227981ads1.enc", "JTdCJTIyYWRzJTIyJTNBJTVCJTdCJTIyYWlkJTIyJTNBJTIyMzY3MzIlMj[...]
Deleted : user_pref("CT3227981.CT3227981current_term.enc", "");
Deleted : user_pref("CT3227981.CT3227981sdate.enc", "MjA=");
Deleted : user_pref("CT3227981.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3227981.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3227981.FF19Solved", "true");
Deleted : user_pref("CT3227981.FirstTime", "true");
Deleted : user_pref("CT3227981.FirstTimeFF3", "true");
Deleted : user_pref("CT3227981.PG_ENABLE", "dHJ1ZQ==");
Deleted : user_pref("CT3227981.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...]
Deleted : user_pref("CT3227981.UserID", "UN30396999542517910");
Deleted : user_pref("CT3227981.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3227981.autoDisableScopes", -1);
Deleted : user_pref("CT3227981.bDay_InstallDate.enc", "MjAtMg==");
Deleted : user_pref("CT3227981.bDay_InstallFromToolbar.enc", "eWVz");
Deleted : user_pref("CT3227981.browser.search.defaultthis.engineName", "");
Deleted : user_pref("CT3227981.defaultSearch", "true");
Deleted : user_pref("CT3227981.embeddedsData", "[{\"appId\":\"129837882913311618\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3227981.enableAlerts", "always");
Deleted : user_pref("CT3227981.enableFix404ByUser", "FALSE");
Deleted : user_pref("CT3227981.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT3227981.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3227981.fixPageNotFoundError", "true");
Deleted : user_pref("CT3227981.fixPageNotFoundErrorByUser", "true");
Deleted : user_pref("CT3227981.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3227981.fixUrls", true);
Deleted : user_pref("CT3227981.installDate", "20/3/2013 23:55:45");
Deleted : user_pref("CT3227981.installId", "installbrain");
Deleted : user_pref("CT3227981.installType", "conduitnsisintegration");
Deleted : user_pref("CT3227981.installerVersion", "1.3.7.3");
Deleted : user_pref("CT3227981.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3227981.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3227981.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3227981.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3227981.keyword", "true");
Deleted : user_pref("CT3227981.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]
Deleted : user_pref("CT3227981.lastVersion", "10.15.0.562");
Deleted : user_pref("CT3227981.mam_gk_CouponBuddy_appState.enc", "b24=");
Deleted : user_pref("CT3227981.mam_gk_PriceGong_appState.enc", "b24=");
Deleted : user_pref("CT3227981.mam_gk_appStateReportTime.enc", "MTM2MzgzODE5MjQxNg==");
Deleted : user_pref("CT3227981.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...]
Deleted : user_pref("CT3227981.mam_gk_appsDefaultEnabled.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3227981.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImN[...]
Deleted : user_pref("CT3227981.mam_gk_currentVersion.enc", "MS40LjMuMg==");
Deleted : user_pref("CT3227981.mam_gk_eventsCache.enc", "eyI1ZDY5MjY3YS1hNDdkLTQ4NmEtODE3NC02Y2RhNGQxNGRiZmIiO[...]
Deleted : user_pref("CT3227981.mam_gk_first_time.enc", "MQ==");
Deleted : user_pref("CT3227981.mam_gk_gadgetOpen.enc", "MQ==");
Deleted : user_pref("CT3227981.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Deleted : user_pref("CT3227981.mam_gk_lastLoginTime.enc", "MTM2MzgzODE5MDA1NA==");
Deleted : user_pref("CT3227981.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50[...]
Deleted : user_pref("CT3227981.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3227981.mam_gk_settings1.4.3.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Deleted : user_pref("CT3227981.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3227981.mam_gk_showWelcomeGadget.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3227981.mam_gk_userId.enc", "MWNkYzU5MTctNGYwZS00NGY1LWE2ZDctMTAyMGRhZTliOTEy");
Deleted : user_pref("CT3227981.mam_gk_user_apps_selection.enc", "");
Deleted : user_pref("CT3227981.migrateAppsAndComponents", true);
Deleted : user_pref("CT3227981.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\":OTL\\r\\nIE:64bit: - HKLM\\\\..[...]
Deleted : user_pref("CT3227981.openThankYouPage", "false");
Deleted : user_pref("CT3227981.openUninstallPage", "true");
Deleted : user_pref("CT3227981.price-gong.isManagedApp", "true");
Deleted : user_pref("CT3227981.revertSettingsEnabled", "false");
Deleted : user_pref("CT3227981.search.searchAppId", "129837882913311618");
Deleted : user_pref("CT3227981.search.searchCount", "0");
Deleted : user_pref("CT3227981.searchFromAddressBarEnabledByUser", "true");
Deleted : user_pref("CT3227981.searchInNewTabEnabledByUser", "true");
Deleted : user_pref("CT3227981.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3227981.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3227981.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3227981.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3227981.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3227981.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3227981.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3227981.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3227981.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1364781840896");
Deleted : user_pref("CT3227981.serviceLayer_services_appsMetadata_lastUpdate", "1365272754987");
Deleted : user_pref("CT3227981.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1365083070553");
Deleted : user_pref("CT3227981.serviceLayer_services_location_lastUpdate", "1365264513122");
Deleted : user_pref("CT3227981.serviceLayer_services_login_10.14.65.43_lastUpdate", "1363890085069");
Deleted : user_pref("CT3227981.serviceLayer_services_login_10.15.0.562_lastUpdate", "1365266287909");
Deleted : user_pref("CT3227981.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1365083070283");
Deleted : user_pref("CT3227981.serviceLayer_services_searchAPI_lastUpdate", "1365264513114");
Deleted : user_pref("CT3227981.serviceLayer_services_serviceMap_lastUpdate", "1365264512799");
Deleted : user_pref("CT3227981.serviceLayer_services_setupAPI_lastUpdate", "1363838179368");
Deleted : user_pref("CT3227981.serviceLayer_services_toolbarContextMenu_lastUpdate", "1365083069918");
Deleted : user_pref("CT3227981.serviceLayer_services_toolbarSettings_lastUpdate", "1365272754523");
Deleted : user_pref("CT3227981.serviceLayer_services_translation_lastUpdate", "1365264513053");
Deleted : user_pref("CT3227981.settingsINI", true);
Deleted : user_pref("CT3227981.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3227981.showToolbarPermission", "false");
Deleted : user_pref("CT3227981.smartbar.CTID", "CT3227981");
Deleted : user_pref("CT3227981.smartbar.Uninstall", "0");
Deleted : user_pref("CT3227981.smartbar.homepage", true);
Deleted : user_pref("CT3227981.smartbar.toolbarName", "appbario7 ");
Deleted : user_pref("CT3227981.startPage", "true");
Deleted : user_pref("CT3227981.toolbarBornServerTime", "21-3-2013");
Deleted : user_pref("CT3227981.toolbarCurrentServerTime", "6-4-2013");
Deleted : user_pref("CT3227981.toolbarLoginClientTime", "Thu Mar 21 2013 19:31:59 GMT-0400 (Eastern Daylight T[...]
Deleted : user_pref("CT3227981_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3227981&octid=CT322798[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "appbario7 Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227981[...]
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3227981");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3227981&octid=CT3227981&Sea[...]
Deleted : user_pref("smartBar.searchInNewTabOwner", "CT3227981");
Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3227981&octid=CT3227981[...]
Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Deleted : user_pref("smartbar.machineId", "V1QEUI8LRABFWPHRZKF7IUSD1KTG7BPKTCFFOK2BSFOJNK/GWRIIYZZUWZZNQLVRVOZ[...]
Deleted : user_pref("smartbar.originalHomepage", "hxxp://www.google.com/");
Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appi[...]
Deleted : user_pref("smartbar.originalSearchEngine", "");

*************************

AdwCleaner[S1].txt - [24304 octets] - [06/04/2013 14:49:35]

########## EOF - C:\AdwCleaner[S1].txt - [24365 octets] ##########
  • 0

#12
alicia63

alicia63

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
My computer seems to be running better. :)
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK one final scan before I tidy up and send you on your merry way, this should take no more than 5 minutes :)

Please download Malwarebytes Anti-Malware to your desktop.

  • Right-click and Run as Administrator mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan as shown below.

    Posted Image
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.


The log can also be found here:

Windows 2000 & Windows XP:
C:\Documents and Settings\<USERNAME>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

Windows Vista & Win7:
C:\Users\<USERNAME>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs
----------
  • 0

#14
alicia63

alicia63

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
okay, the report is here

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.04.06.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Alicia :: ALICIA-PC [administrator]

4/6/2013 3:30:29 PM
mbam-log-2013-04-06 (15-30-29).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210379
Time elapsed: 3 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 2
HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow|playbryte.com (PUP.PlayBryte) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|playbrytetoolbar_Playbryte (PUP.PlayBryte) -> Data: -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

Clear Restore Points

Go Start > All Programmes > Accessories > System tools
Right click Disc Cleanup and select run as administrator
When it pops up at the first prompt select OK after it has done some calculations the tabs will appear
Select More Options tab
Press Sytem Restore and Shadow Copies Cleanup button
Posted Image


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

If you use on-line banking then as an added layer of protection install Trusteer Rapport

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP