Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Touchpad & keyboard disabled on start up


  • Please log in to reply

#1
aka_GForce

aka_GForce

    Member

  • Member
  • PipPip
  • 25 posts
Hi everyone, not sure what is going on with my laptop so hope someone can help me out.
The touchpad and keyboard on my Dell Studio 1535 are being locked after I login on a normal start up. They both work in safe mode and before logging in to my user account. Scans haven't detected any viruses, but MBAM did remove 2 instances of PUP.InstallBrain on last scan.
If I uninstall the touchpad driver and restart the touchpad will work again in normal mode (and occasionally both the touchpad and keyboard will work at the same time) until I shut down again. There is also an additional popup window on reboot that wants me to restart again for changes to take effect when the touchpad driver has already been successfully reinstalled. I ignore that one.

The following OTL.txt was run in safe mode. I'm thinking you probably need one run in normal mode since that is where the issue occurs. Will see if I can do.


OTL logfile created on: 5/8/2013 12:05:46 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brandley\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 63.34% Memory free
4.23 Gb Paging File | 3.68 Gb Available in Paging File | 87.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.08 Gb Total Space | 65.78 Gb Free Space | 29.48% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 5.10 Gb Free Space | 52.27% Space Free | Partition Type: NTFS

Computer Name: GAYLESLAP | User Name: Brandley | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/07 23:59:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brandley\Desktop\OTL.exe
PRC - [2013/04/16 23:32:36 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
PRC - [2013/04/11 14:24:05 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/16 23:32:35 | 016,032,648 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_169.dll
MOD - [2013/04/11 14:24:04 | 003,133,336 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter -- (sprtsvc_dellsupportcenter)
SRV - [2013/04/16 23:32:37 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/11 14:24:04 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/26 06:09:22 | 001,225,312 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012/11/26 06:09:20 | 000,659,040 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/05/02 15:26:00 | 000,294,224 | ---- | M] (DigitalPersona, Inc.) [Auto | Stopped] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2010/03/04 13:00:56 | 000,025,704 | R--- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2009/03/16 19:59:20 | 000,254,042 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\stacsv.exe -- (STacSV)
SRV - [2009/03/16 19:59:18 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe -- (AESTFilters)
SRV - [2008/08/16 15:42:34 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2008/05/05 17:46:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) [Auto | Stopped] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008/04/28 13:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Stopped] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/01/20 18:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 12:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wdcsam.sys -- (WDC_SAM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pcdrndisuio.sys -- (PcdrNdisuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ivusb.sys -- (ivusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwmodem.sys -- (btwmodem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwhid.sys -- (btwhid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - [2012/11/20 12:00:58 | 000,027,496 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VirtualAudio.sys -- (WsAudio_Device)
DRV - [2012/10/30 15:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 15:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 15:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 15:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/10/30 15:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/30 15:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/08 19:53:56 | 000,026,080 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV - [2012/03/06 15:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)
DRV - [2010/09/08 12:20:01 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2010/09/01 00:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/03/08 10:02:58 | 000,062,496 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2009/03/16 19:59:22 | 000,398,336 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/03/08 17:06:00 | 000,280,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2009/03/06 07:30:08 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008/05/05 19:08:52 | 000,475,136 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2008/05/04 00:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008/05/04 00:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/03/11 06:24:46 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/03/10 22:42:24 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2008/03/10 22:24:46 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2008/03/10 22:24:44 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/03/10 22:24:42 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/03/10 22:22:44 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/01/20 18:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/06/18 16:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/04/03 10:43:28 | 001,131,136 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ph3xIB32.sys -- (Ph3xIB32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=2080817
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://my.msn.com/
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\SearchScopes\{7974E3A4-C0F5-4243-9383-D8875DD99076}: "URL" = http://search.condui...&ctid=CT3220468
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\SearchScopes\{8046BD4D-45D6-4CA9-AA1E-D83CFB044571}: "URL" = http://websearch.ask...79-BB6EAB3D2CE0
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6R8OrYjx9x&i=26
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8118

========== FireFox ==========

FF - prefs.js..browser.search..defaultengine: "Yahoo"
FF - prefs.js..browser.search..defaultenginename: "Yahoo"
FF - prefs.js..browser.search..order.1: "Yahoo"
FF - prefs.js..browser.search..selectedEngine: "Yahoo"
FF - prefs.js..browser.search..selectedEngineURL: "http://fileservehome...={searchTerms}"
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngineURL: "http://fileservehome...={searchTerms}"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: pbupload%40photobucket.com:1.3.3
FF - prefs.js..extensions.enabledAddons: %7BF17C1572-C9EC-4e5c-A542-D05CBB5C5A08%7D:9.7.0.7
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7B288479BE-1B9E-11E2-80EA-F3246188709B%7D:1.1
FF - prefs.js..extensions.enabledAddons: tfdlookup%40nohup.in:2.7
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8
FF - prefs.js..extensions.enabledAddons: speedtestanalysis%40SpeedAnalysis.com:1.0.0.0
FF - prefs.js..extensions.enabledAddons: %7B7473b6bd-4691-4744-a82b-7854eb3d70b6%7D:10.15.0.562
FF - prefs.js..extensions.enabledAddons: %7BBAEBEF65-9289-47c5-8524-C345CC5D860D%7D:1.12
FF - prefs.js..extensions.enabledAddons: button%40youtubeclipextractor.com:2.2.0.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:3.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.13
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.7.0.7
FF - prefs.js..extensions.enabledItems: [email protected]:6.0.1367
FF - prefs.js..extensions.enabledItems: {3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}:1.2.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: [email protected]:3.12.2.100009
FF - prefs.js..extensions.enabledItems: {BAEBEF65-9289-47c5-8524-C345CC5D860D}:1.9
FF - prefs.js..extensions.enabledItems: {b947750f-94cc-4d60-9f68-281d51279131}:3.8.0.8
FF - prefs.js..keyword.URL: "http://fileservehome...02ff&Keywords="
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "5.6.7.8"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 1080
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"

FF - user.js..keyword.URL: "http://fileservehome...02ff&Keywords="
FF - user.js..keyword.enabled: 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nbc.com/DirectPlayer: C:\Program Files\NBC Direct\npDirectPlayerMozilla.dll File not found
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brandley\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brandley\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SpeedBit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/13 20:47:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/11 20:09:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2012/05/29 17:22:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/12/12 15:24:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/11 14:24:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/11 14:23:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2011/10/28 19:52:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/13 20:47:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]om: C:\Program Files\DigitalPersona\Bin\firefoxext [2012/05/29 17:22:28 | 000,000,000 | ---D | M]

[2010/01/05 23:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Extensions
[2013/04/16 02:32:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions
[2010/07/26 01:16:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/12 06:45:26 | 000,000,000 | ---D | M] (Veehd Plugin) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}
[2010/07/22 13:42:52 | 000,000,000 | ---D | M] (Xinha Here!) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{5B280457-4290-40c2-9441-EA647775F824}
[2013/03/26 23:44:39 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2013/02/24 01:16:34 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/12/16 13:58:52 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2013/03/15 12:57:58 | 000,000,000 | ---D | M] (Speed Test Analysis) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2013/04/16 02:32:24 | 000,322,488 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/09/14 07:22:53 | 000,025,950 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/12/18 17:36:18 | 000,053,364 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/12/16 13:51:41 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/12/18 17:36:17 | 000,002,716 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{288479BE-1B9E-11E2-80EA-F3246188709B}.xpi
[2013/04/08 00:24:05 | 000,154,271 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{BAEBEF65-9289-47c5-8524-C345CC5D860D}.xpi
[2013/02/14 03:19:43 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/03/01 02:10:58 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012/09/21 15:05:03 | 000,002,299 | ---- | M] () -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\searchplugins\askcom.xml
[2011/05/11 15:21:46 | 000,001,213 | ---- | M] () -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\searchplugins\fileserve.xml
[2012/12/16 13:55:40 | 000,002,203 | ---- | M] () -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\searchplugins\MyStart Search.xml
[2013/04/11 14:23:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/04/11 14:23:34 | 000,000,000 | ---D | M] (Clip Extractor) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2012/12/12 15:24:44 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/10/28 19:52:48 | 000,000,000 | ---D | M] (Download Accelerator Plus (DAP) extension) -- C:\PROGRAM FILES\DAP\DAPFIREFOX
[2012/01/11 20:09:12 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013/04/11 14:24:06 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/11/19 22:17:14 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/11 15:21:45 | 000,001,213 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fileserve.xml
[2013/02/19 14:32:21 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: MyStart Search (Enabled)
CHR - default_search_provider: search_url = http://mystart.incre...6R8OrYjx9x&i=26
CHR - default_search_provider: suggest_url =
CHR - homepage: http://my.msn.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome DAP extension (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.8_0\lib/npdapchrome.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Brandley\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Angry Birds = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.14.253.3_0\
CHR - Extension: Download Accelerator Plus (DAP) = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.8_0\
CHR - Extension: Keep My Opt-Outs = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe\1.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: New tab for Chrome\u2122 = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Speed Test Analysis = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0\

O1 HOSTS File: ([2011/05/19 10:47:48 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Speed Test Analysis) - {310D38FE-EB4C-467C-8781-B7C2AEB7847D} - C:\Program Files\Speed Test Analysis\ScriptHost.dll (SpeedAnalysis.com)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Download Accelerator Plus Integration) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\S-1-5-21-313869043-597203798-2405295701-1000..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-313869043-597203798-2405295701-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Download with YouTube Clip Extractor - {a5837a04-1cda-49e5-80f5-25baef5e6a32} - C:\Program Files\Clip Extractor\ClipExtractor.exe File not found
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: CabBuilder http://kiw.imgag.com...llerControl.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.112.128.2 204.17.139.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C455C83-8DBA-41B3-A6B2-0A67DB9441EC}: DhcpNameServer = 209.112.128.2 204.17.139.2
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O24 - Desktop WallPaper: C:\Users\Brandley\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Brandley\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-313869043-597203798-2405295701-1000\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-21-313869043-597203798-2405295701-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/07 23:59:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Brandley\Desktop\OTL.exe
[2013/05/04 12:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/04/15 18:56:04 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/04/11 14:23:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

========== Files - Modified Within 30 Days ==========

[2013/05/07 23:59:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brandley\Desktop\OTL.exe
[2013/05/07 23:48:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/07 23:40:43 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/07 23:40:43 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/07 23:40:29 | 000,036,864 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2013/05/07 23:24:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-313869043-597203798-2405295701-1000UA.job
[2013/05/07 14:38:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/07 10:47:00 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2013/05/07 05:24:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-313869043-597203798-2405295701-1000Core.job
[2013/05/04 02:18:58 | 000,039,936 | ---- | M] () -- C:\Windows\System32\umstartup000.etl
[2013/05/04 01:48:35 | 000,271,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/04 01:47:09 | 000,035,550 | ---- | M] () -- C:\Users\Brandley\Documents\cc_20130504_014702.reg
[2013/05/04 01:43:09 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/05/04 01:28:22 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/22 20:37:36 | 000,604,752 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/04/22 20:37:36 | 000,109,022 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/04/20 18:14:32 | 269,029,013 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/04/11 00:20:08 | 000,002,100 | ---- | M] () -- C:\Users\Brandley\Desktop\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2013/05/04 01:47:05 | 000,035,550 | ---- | C] () -- C:\Users\Brandley\Documents\cc_20130504_014702.reg
[2012/06/06 13:49:33 | 000,049,091 | ---- | C] () -- C:\Users\Brandley\lorealparisargentinafb2.jpg
[2012/06/06 13:48:35 | 000,045,317 | ---- | C] () -- C:\Users\Brandley\lorealparisargentinafb.jpg
[2012/06/05 21:10:01 | 000,026,711 | ---- | C] () -- C:\Users\Brandley\P060212_2002.jpg
[2012/06/05 20:56:38 | 068,010,654 | ---- | C] () -- C:\Users\Brandley\LTT-Seattle.zip
[2012/05/11 23:18:06 | 000,000,680 | ---- | C] () -- C:\Users\Brandley\AppData\Local\d3d9caps.dat
[2012/04/22 12:59:40 | 000,068,071 | ---- | C] () -- C:\Users\Brandley\Your travel document PBORB5362355094.eml
[2011/11/17 18:24:01 | 001,174,083 | ---- | C] () -- C:\Windows\unins000.exe
[2011/11/17 18:24:01 | 000,017,783 | ---- | C] () -- C:\Windows\unins000.dat
[2011/11/11 21:42:20 | 000,000,218 | ---- | C] () -- C:\Users\Brandley\.recently-used.xbel
[2011/10/28 19:52:43 | 000,109,216 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll
[2011/10/28 19:52:43 | 000,084,480 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll
[2011/09/02 21:38:48 | 000,000,997 | ---- | C] () -- C:\Users\Brandley\index.html
[2011/09/01 22:27:49 | 000,000,118 | ---- | C] () -- C:\Users\Brandley\Cari Man up radio.m3u
[2011/05/10 02:21:59 | 000,000,160 | ---- | C] () -- C:\ProgramData\~39968504r
[2011/05/10 02:21:58 | 000,000,152 | ---- | C] () -- C:\ProgramData\~39968504
[2011/05/10 02:20:43 | 000,000,336 | ---- | C] () -- C:\ProgramData\39968504
[2011/05/10 00:14:07 | 000,000,336 | ---- | C] () -- C:\ProgramData\44490488
[2010/06/06 15:07:50 | 000,000,613 | ---- | C] () -- C:\Users\Brandley\AppData\Roaming\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
[2010/05/24 12:04:56 | 000,000,145 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010/04/13 13:21:09 | 000,010,948 | -HS- | C] () -- C:\Users\Brandley\AppData\Local\7SkRgtbX5FlAM
[2010/04/13 13:21:09 | 000,010,948 | -HS- | C] () -- C:\ProgramData\7SkRgtbX5FlAM
[2009/09/01 15:47:41 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008/10/19 04:53:12 | 000,000,552 | ---- | C] () -- C:\Users\Brandley\AppData\Local\d3d8caps.dat
[2008/10/04 10:30:54 | 000,023,909 | ---- | C] () -- C:\Users\Brandley\AppData\Roaming\UserTile.png
[2008/09/04 16:30:00 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/09/02 18:21:28 | 000,049,664 | ---- | C] () -- C:\Users\Brandley\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/29 22:28:08 | 000,008,248 | ---- | C] () -- C:\Users\Brandley\AppData\Local\en.ini

========== ZeroAccess Check ==========

[2006/11/02 04:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 09:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 22:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 22:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008/09/16 02:58:24 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\aAvgApi
[2012/12/18 16:06:47 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Aimersoft Video Converter Ultimate
[2009/10/20 17:20:58 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Amazon
[2009/10/24 14:41:25 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Any Video Converter
[2013/03/15 12:50:28 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Apowersoft
[2010/12/07 02:52:42 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Ashampoo
[2010/03/22 12:39:29 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Audacity
[2011/04/28 09:10:11 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\AVG10
[2010/04/24 13:45:09 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\AVG9
[2012/12/17 01:33:30 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2010/08/16 16:18:25 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Clip Extractor
[2013/03/28 12:59:29 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\com.amazon.music.uploader
[2009/07/30 11:41:59 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\DataCast
[2012/05/29 14:43:43 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\DigitalPersona
[2012/10/20 17:27:16 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\foxyproxy
[2011/11/04 23:59:43 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\gtk-2.0
[2009/09/16 10:53:00 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\IDM
[2009/11/21 17:52:17 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\LimeWire
[2011/12/14 02:04:07 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Mobipocket
[2009/09/10 23:10:19 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\MPEG Streamclip
[2009/07/05 09:49:26 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\MusicNet
[2009/09/16 10:53:13 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\NBC Direct
[2011/11/04 22:45:51 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Participatory Culture Foundation
[2010/12/15 19:17:45 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\PCDr
[2012/10/22 17:50:48 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\PCF-VLC
[2008/10/04 10:30:53 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\PeerNetworking
[2011/01/17 21:02:20 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Philipp Winterberg
[2011/12/19 01:44:45 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Rovio
[2010/10/19 21:25:08 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\SendSpace Wizard
[2013/03/15 12:57:57 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\SpeedTestAnalysis
[2013/01/13 15:24:15 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Spotify
[2011/02/13 23:07:20 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Uniblue
[2013/05/04 01:08:54 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\uTorrent
[2011/12/23 14:47:02 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Visan
[2011/11/11 23:52:43 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Western Digital
[2010/05/24 12:05:00 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Western DigitalTemp
[2011/11/28 17:17:34 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Windows Live Writer
[2012/06/10 19:09:37 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\DigitalPersona
[2013/04/16 22:19:39 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\SendSpace Wizard

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 857 bytes -> C:\Users\Brandley\Your travel document PBORB5362355094.eml:OECustomProperty
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:CD060F93
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2B11E0DF
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:010ADD2C
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:553CA6CA
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D74B6CF5
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >
  • 0

Advertisements


#2
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hello aka_GForce, :wave: Welcome to the forums!
:welcome:. My name is godawgs and I will be assisting you with your Virus / Malware issues.
I will start working on your Malware issues. This may, or may not, solve other issues you have with your machine. The fixes are specific to your problem and should only be used for this issue on this machine!

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.
If you have not, please adhere to the guidelines below and then carefully follow all future instructions:

You must reply to posts within four days. If you haven't replied within that time, the topic will be closed! If you need additional time to complete things, just let me know.
If you're not sure, or if something unexpected happens, Do NOT continue! Stop and ask!

This board can notify you when a new reply is added to a topic. Please read this topic to find out how to do that.

Please do not run any tools unless instructed to do so.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability. Do as the instructions ask, nothing extra. Do Not run things twice unless instructed.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • If I ask a Question just answer it, don't run anything unless directed to.
Please read every post completely before doing anything.
  • Pay special attention to the NOTE: lines, or anything in red. These entries identify an individual issue or important step in the cleanup process.
  • Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. Some of the steps I will be asking you to do may require you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
Logs from malware diagnostic or removal programs (OTL is one of them) can take some time to analyze.
  • I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forum, (sometimes :lol: )
  • Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
Lastly, Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. Some infections are so severe that we might encounter situations where the only recourse is to re-format and re-install your operating system. Don't worry, this only happens in severe cases, but, sadly, it does happen.
In light of this be prepared to back up your data. Have means of backing up your data available.

IMPORTANT:Change your browser(s) to download any tools to the desktop.
Follow the directions here
For FireFox check the dot beside "Always ask me where to save files."
For Chrome, check the box beside "Ask where to save each file before downloading"
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

When OTL runs the first time it creates a file named Extras.txt. It should be in the same directory you ran OTL from. Please post the contents of that file.

Let's see what we can do.


Step-1.

Posted Image OTL Fix

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

1. Please copy all of the text in the quote box below (Do Not copy the word Quote. To do this, highlight everything
inside the quote box (except the word Quote) , right click and click Copy.

:PROCESSES
killallprocesses

:COMMANDS
[createrestopepoint]

:OTL
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\SearchScopes\{7974E3A4-C0F5-4243-9383-D8875DD99076}: "URL" = http://search.condui...&ctid=CT3220468
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6R8OrYjx9x&i=26
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8118
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "5.6.7.8"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 1080
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox
[2011/06/12 06:45:26 | 000,000,000 | ---D | M] (Veehd Plugin) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}
[2012/12/16 13:58:52 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2013/03/15 12:57:58 | 000,000,000 | ---D | M] (Speed Test Analysis) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/12/16 13:51:41 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/12/16 13:55:40 | 000,002,203 | ---- | M] () -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\searchplugins\MyStart Search.xml
[2013/04/11 14:23:34 | 000,000,000 | ---D | M] (Clip Extractor) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
O2 - BHO: (Speed Test Analysis) - {310D38FE-EB4C-467C-8781-B7C2AEB7847D} - C:\Program Files\Speed Test Analysis\ScriptHost.dll (SpeedAnalysis.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Download with YouTube Clip Extractor - {a5837a04-1cda-49e5-80f5-25baef5e6a32} - C:\Program Files\Clip Extractor\ClipExtractor.exe File not found
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: CabBuilder http://kiw.imgag.com...llerControl.cab (Reg Error: Key error.)
[2011/05/10 02:21:59 | 000,000,160 | ---- | C] () -- C:\ProgramData\~39968504r
[2011/05/10 02:21:58 | 000,000,152 | ---- | C] () -- C:\ProgramData\~39968504
[2011/05/10 02:20:43 | 000,000,336 | ---- | C] () -- C:\ProgramData\39968504
[2011/05/10 00:14:07 | 000,000,336 | ---- | C] () -- C:\ProgramData\44490488
[2010/06/06 15:07:50 | 000,000,613 | ---- | C] () -- C:\Users\Brandley\AppData\Roaming\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
[2010/04/13 13:21:09 | 000,010,948 | -HS- | C] () -- C:\Users\Brandley\AppData\Local\7SkRgtbX5FlAM
[2010/04/13 13:21:09 | 000,010,948 | -HS- | C] () -- C:\ProgramData\7SkRgtbX5FlAM

:FILES
ipconfig /flushdns /c
C:\Program Files\IB Updater

:COMMANDS
[reboot]


Warning: This fix is relevant for this system and no other. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

2. Please re-open Posted Image on your desktop. To do that:
  • Vista and 7 users: Right click the icon and click Run as Administrator
3. Place the mouse pointer inside the Posted Image textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).

When the computer reboots, see if it will boot into normal windows and run normally and run the tools below. If it won't, uninstall the touchpad driver again and when you restart if you get the popup asking you to restart again for the changes to take effect allow it. Then see if Windows will start and run normally.

If it still won't start and run normally, reboot into safe mode and run the tools below.


Step-2.

AdwCleaner by Xplode

Download AdwCleaner from here to your desktop.
Close all open windows and browsers.

  • XP users, double click the adwcleaner.exe file to run AdwCleaner. (Vista and 7 users)right click The adwcleaner.exe, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    Posted Image
  • Click the Search button and wait for the scan to finish.
  • Once done it may ask to reboot, allow this.
  • Do Not delete anything at this point.
  • On reboot a log will be produced please copy/paste that in your next reply. This report is also saved to C:\AdwCleaner[R1].txt


Step-3.

Run OTL again and click the Posted Image button. Post the log it produces in your next reply.


Step-4.

Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The OTL fixes log
2. Let me know if the system boots into normal windows and runs
3. The Extras.txt log
4. The new OTL.txt log
5. The AdwCleaner[R1].txt log
  • 0

#3
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Thank-you for your quick response and for your help in advance :)
Okay here goes.
First of all I tried running the fix while in normal mode and OTL threw an error:
Cannot create file
C:\users\Brandley\AppData\Roaming\Mozilla\FireFox\Profiles\8w3rm9w.default\prefs.js.
The program hung afterwards at the remove 8080 port line, waited 15 minutes for it to respond then was forced to shut down because it was unresponsive.
Rebooted in safe mode and ran the fix again.
Results:

========== PROCESSES ==========
All processes killed
========== COMMANDS ==========
Error: Unable to interpret <[createrestopepoint]> in the current context!
========== OTL ==========
HKEY_USERS\S-1-5-21-313869043-597203798-2405295701-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-313869043-597203798-2405295701-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7974E3A4-C0F5-4243-9383-D8875DD99076}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7974E3A4-C0F5-4243-9383-D8875DD99076}\ not found.
Registry key HKEY_USERS\S-1-5-21-313869043-597203798-2405295701-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.
HKU\S-1-5-21-313869043-597203798-2405295701-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: "MyStart Search" removed from browser.search.defaultenginename
Prefs.js: "127.0.0.1" removed from network.proxy.ftp
Prefs.js: 8080 removed from network.proxy.ftp_port
Prefs.js: "5.6.7.8" removed from network.proxy.gopher
Prefs.js: 8080 removed from network.proxy.gopher_port
Prefs.js: "127.0.0.1" removed from network.proxy.http
Prefs.js: 8080 removed from network.proxy.http_port
Prefs.js: "localhost,127.0.0.1" removed from network.proxy.no_proxies_on
Prefs.js: "127.0.0.1" removed from network.proxy.socks
Prefs.js: 1080 removed from network.proxy.socks_port
Prefs.js: 8080 removed from network.proxy.ssl_port
Prefs.js: "chrome://browser-region/locale/region.properties" removed from sweetim.toolbar.previous.keyword.URL
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected] deleted successfully.
File C:\Program Files\MyWebSearch\bar\1.bin not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
File C:\Program Files\IB Updater\Firefox not found.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}\components folder moved successfully.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}\chrome\content\id_veehd folder moved successfully.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}\chrome\content folder moved successfully.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}\chrome folder moved successfully.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{3DB5ABE1-407D-458F-AD5D-8D89BD625CCC} folder moved successfully.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]\content\imgs\flgs folder moved successfully.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]\content\imgs folder moved successfully.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]\content folder moved successfully.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected] folder moved successfully.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]\chrome\skin folder moved successfully.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]\chrome\content\mz folder moved successfully.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]\chrome\content folder moved successfully.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]\chrome folder moved successfully.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected] folder moved successfully.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected] moved successfully.
C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\searchplugins\MyStart Search.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\[email protected]\skin folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\[email protected]\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\[email protected]\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\[email protected]\defaults\preferences folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\[email protected]\defaults folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\[email protected]\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\[email protected] folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{310D38FE-EB4C-467C-8781-B7C2AEB7847D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{310D38FE-EB4C-467C-8781-B7C2AEB7847D}\ deleted successfully.
C:\Program Files\Speed Test Analysis\ScriptHost.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Sothink SWF Catcher\ deleted successfully.
C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{a5837a04-1cda-49e5-80f5-25baef5e6a32}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5837a04-1cda-49e5-80f5-25baef5e6a32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E19ADC6E-3909-43E4-9A89-B7B676377EE3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E19ADC6E-3909-43E4-9A89-B7B676377EE3}\ deleted successfully.
File C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E19ADC6E-3909-43E4-9A89-B7B676377EE3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E19ADC6E-3909-43E4-9A89-B7B676377EE3}\ not found.
File C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm not found.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
C:\Windows\Downloaded Program Files\OnlineScanner.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\Windows\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Starting removal of ActiveX control CabBuilder
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\CabBuilder\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\CabBuilder\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\CabBuilder\ not found.
C:\ProgramData\~39968504r moved successfully.
C:\ProgramData\~39968504 moved successfully.
C:\ProgramData\39968504 moved successfully.
C:\ProgramData\44490488 moved successfully.
C:\Users\Brandley\AppData\Roaming\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml moved successfully.
C:\Users\Brandley\AppData\Local\7SkRgtbX5FlAM moved successfully.
C:\ProgramData\7SkRgtbX5FlAM moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Brandley\Desktop\cmd.bat deleted successfully.
C:\Users\Brandley\Desktop\cmd.txt deleted successfully.
File\Folder C:\Program Files\IB Updater not found.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 05082013_115422

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



On reboot (normal mode) keyboard functional, touchpad quit after login.
Uninstalled touchpad driver. First reboot both keyboard and touchpad work, after clicking popup on second reboot have keyboard but no touchpad.
Proceeded to reboot in Safe, but touchpad still unresponsive. First time it hasn't worked in safe mode. (Using USB wireless mouse in order to carry out directions)
Logs follow.

Extras.txt from 1st scan:

OTL Extras logfile created on: 5/8/2013 12:05:46 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brandley\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 63.34% Memory free
4.23 Gb Paging File | 3.68 Gb Available in Paging File | 87.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.08 Gb Total Space | 65.78 Gb Free Space | 29.48% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 5.10 Gb Free Space | 52.27% Space Free | Partition Type: NTFS

Computer Name: GAYLESLAP | User Name: Brandley | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-313869043-597203798-2405295701-1000\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.pif [@ = piffile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{038C2AE7-49A8-4F7B-A515-359E1FECB07E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{055A1A61-3C33-4C72-BCAC-40EF484185D3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0C7BF8DE-15C5-4C0A-A8EC-C702FF368CAE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0CF8790F-7E7C-4210-8EB8-757B53075736}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{1B6F37D2-7DE9-47CD-92C1-4649D71D8D72}" = rport=10243 | protocol=6 | dir=out | app=system |
"{207250CE-A235-4B59-A247-3B40CE97D778}" = rport=139 | protocol=6 | dir=out | app=system |
"{23F418CD-4726-4880-A09B-E7924AE0EC28}" = lport=137 | protocol=17 | dir=in | app=system |
"{2CD0A597-0B61-4492-AB10-6F30F97748A7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{47D21D26-900D-4503-ACAD-7991F82E727F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4C0EF976-15A3-4E80-8423-19A70B0E9973}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{51BD9806-3391-4673-AF28-A5C5B30A3282}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{57E27F01-0AAA-4D4F-BC05-91FF46BEB0D9}" = lport=445 | protocol=6 | dir=in | app=system |
"{5A0141A2-FB6D-47CC-A09E-ED3FDEFD6ECF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5E0B3FF9-987D-4E0D-A1E1-40D8F1E7F3BB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{63671C4A-D2C8-4CBE-96D8-E69F30A5C1B6}" = rport=138 | protocol=17 | dir=out | app=system |
"{733E2D69-A44D-4A71-9BAD-74BEF736B466}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7C84B89E-7872-48F6-BB6D-10904F1BD8C1}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8A1D40B8-3F59-4DA3-BF4C-FDF07BB124F6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8E70E978-F51C-4BD2-AC00-934033D0154D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{92A482C4-D861-4628-8E37-1FD1527319A3}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A536B4A5-966C-40BC-94DF-00C03742A9FB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A8356B3D-BE66-4374-9B32-21F8760E0018}" = rport=137 | protocol=17 | dir=out | app=system |
"{AE1A28D7-AD07-44C3-BE5D-140864D2B016}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B3F6A9AD-287D-47CE-AE75-680A98D487E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B6A401E3-703F-489E-8CDB-433529566011}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{B9A8FA70-4BB8-455E-9DD8-AEA0EAA90897}" = lport=139 | protocol=6 | dir=in | app=system |
"{BCE1C725-0992-4C57-8EFC-28645AAF5A2E}" = rport=445 | protocol=6 | dir=out | app=system |
"{BE93AD03-4F58-4880-A278-33CC2F49ECD3}" = lport=138 | protocol=17 | dir=in | app=system |
"{CBB3A368-475F-4D70-8E27-78675C7822B5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CE4E21A4-654A-45B2-AAA2-A16ECC6DDC95}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F815423F-89B0-46E2-9557-4298B70B288D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0258D3B1-1226-4309-AACC-A6549C358E99}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0D4559A3-A06F-41E8-AFE3-691C8CE3A0E8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1814B692-A5FA-4CBA-A61F-F33A2607F8A6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{22891BB6-1A67-4EAF-A5E9-CDB3D2DA9C23}" = protocol=6 | dir=in | app=c:\program files\sendspace\wizard\sendspace wizard.exe |
"{265A3F4C-B564-4D0C-862E-82B708194217}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{27102979-7A70-43BB-9908-F6AFF52034C3}" = dir=in | app=c:\program files\apowersoft\streaming video recorder\apowersoftplayer.dll |
"{2E0B39A5-073F-4529-95B0-2E0216A45780}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{34078472-D4FA-4906-8A65-1859E6DC7EE3}" = protocol=17 | dir=in | app=c:\program files\sendspace\wizard\sendspace wizard.exe |
"{35BD8D11-E6F6-47B2-A4F3-80A6D206A652}" = dir=in | app=c:\program files\apowersoft\streaming video recorder\streaming video recorder.exe |
"{37BC3B14-9ADF-404B-A7DB-D270C704AF06}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3C921F5E-2CC2-41F5-8DFC-5A290C381651}" = dir=in | app=c:\program files\apowersoft\streaming video recorder\apowersoftac.dll |
"{40711D1E-8876-4610-9D4B-9860D7FE34D4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{49B564AA-76D1-4402-BF89-303A7E76AC0E}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{54C466D1-EA04-49D0-B657-525FC6BA4D00}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{644A7936-8A14-4139-9FD8-201E58B27576}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{6625E9FB-77E3-44B5-BBAC-F1312AE8B2F8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6BC0F33A-524A-4C2C-A419-E46CB6794005}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{6F2E7791-2679-4550-AB87-5F7367D35914}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{705B7B13-636F-481B-A336-1703AF931F68}" = protocol=58 | dir=out | [email protected],-28546 |
"{75A244E0-3494-4817-813F-60B8B7D1BE00}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{75E5409B-F252-41F6-8D44-43BEB8DA3DCA}" = protocol=1 | dir=in | [email protected],-28543 |
"{7A18D0DD-8432-4809-8AA9-C540166F0BAE}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{7B1F2988-8D24-4DBF-8AC3-73C05A5EC0A9}" = protocol=58 | dir=in | [email protected],-28545 |
"{7D2DE810-3A17-4FA3-BA27-B084B91E003D}" = protocol=1 | dir=out | [email protected],-28544 |
"{852DACAF-5C70-4222-B9C5-C9839D3C3D18}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85BD3D46-0ADA-4499-A3F2-0B104E2C8ED0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8C98E882-FB57-42B5-AEB9-69C315907449}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{8D3B6BC2-71B6-4ED0-9E29-94A04EB95B4B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{940E47B4-DBC6-4986-A4D4-AFC151D90331}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{A05EDBC9-5187-4C1B-9D17-D893B61BFEE9}" = dir=in | app=c:\program files\apowersoft\streaming video recorder\apowersoftsrv.dll |
"{A10BB823-B140-406A-B7CD-544D99ABB6C3}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{A24AB2CA-5121-4BED-A366-42690E9FB02F}" = protocol=17 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |
"{AAB3D41E-B8CC-4369-91F0-50F874D53B41}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AE2E5968-A31C-409B-AFFC-EF8DE8550E95}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{B6E1E3FE-F4A2-40CD-9CF3-4B702182A4F6}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{BC167C4D-C6C6-408C-B2DB-87E7A51B264D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{BF9F9311-979F-4A34-8317-002B1742A195}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{C1ADB429-8344-46AA-8933-A58BE8696575}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C1F76493-03EA-46CD-86CE-D6CA6098DC84}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C8129AF8-BA13-4EF3-82A8-C263E3BDEB50}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C9A6B5AC-3B38-49E0-9442-699D0E637340}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CE3F8859-9EC5-4F80-B755-58FE96DD5F08}" = protocol=6 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |
"{E40AF638-A289-4D64-AF6C-C522309200F3}" = protocol=6 | dir=out | app=system |
"{E7E3DB0A-8572-4D7E-8242-761241DBFF88}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{EE8ECBDD-255B-4814-B2BE-3B1DCB8E2977}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{EF251687-FC80-4A5F-9419-66C4636E3857}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F4551209-27AF-45D1-B5F3-BD182D63A687}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{F565030B-AF42-4D35-8CD4-38EFBD49F2C5}" = dir=in | app=c:\program files\apowersoft\streaming video recorder\apowersoftdump.dll |
"{F7F7494E-94FD-4C78-BEDD-33CCA3933933}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"TCP Query User{2D8C75E2-247E-4FCE-A512-A5081B236793}C:\users\brandley\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\brandley\appdata\roaming\spotify\spotify.exe |
"TCP Query User{3E139837-8A00-4B21-97BB-14A6E50AC220}C:\program files\amazon\utilities\amazon music importer\amazon music importer.exe" = protocol=6 | dir=in | app=c:\program files\amazon\utilities\amazon music importer\amazon music importer.exe |
"TCP Query User{595F4028-0A3E-4037-81E2-EC262FBA3C64}C:\program files\participatory culture foundation\miro\miro_downloader.exe" = protocol=6 | dir=in | app=c:\program files\participatory culture foundation\miro\miro_downloader.exe |
"TCP Query User{7F1C0DAD-EBB1-4F3D-966A-F330DC770251}C:\program files\participatory culture foundation\miro\miro_downloader.exe" = protocol=6 | dir=in | app=c:\program files\participatory culture foundation\miro\miro_downloader.exe |
"TCP Query User{86FA79C4-1434-4E6E-A714-0EB10F2D9386}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{8B20C2F3-77DC-47E0-A20C-C7C44B9CA3A0}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{AA699B09-EEBB-4E12-A3CB-300CF635D74C}C:\users\brandley\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\brandley\appdata\roaming\spotify\spotify.exe |
"TCP Query User{AC6DD145-F4A9-4914-94CF-847ABABD23C1}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{B502BA3F-71F4-495D-8DF5-5025D29FF28F}C:\program files\dap\dap.exe" = protocol=6 | dir=in | app=c:\program files\dap\dap.exe |
"TCP Query User{B62D1E23-E922-4664-8BAC-77E4E5C8BB47}C:\users\brandley\downloads\tiiveni_tv_190111.exe" = protocol=6 | dir=in | app=c:\users\brandley\downloads\tiiveni_tv_190111.exe |
"TCP Query User{BB71AF34-E1A2-4888-99DB-830673661249}C:\program files\dell video chat\dellvideochat.exe" = protocol=6 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |
"TCP Query User{C07FF9CF-9151-487F-ACD9-92F6633239F1}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{F6FD7B19-FAB1-4B6E-A427-37D232CC6DE0}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{0A134494-EC65-42A9-8C46-977A05434640}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{129B1D2A-78FB-468D-B925-904E79F0E2A4}C:\program files\participatory culture foundation\miro\miro_downloader.exe" = protocol=17 | dir=in | app=c:\program files\participatory culture foundation\miro\miro_downloader.exe |
"UDP Query User{1A46A63A-1256-492E-81F9-3B17AD176EEB}C:\program files\dell video chat\dellvideochat.exe" = protocol=17 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |
"UDP Query User{1BD03980-333F-43E5-9DBB-298F8E82D1E0}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{1E9FDF45-4BD5-42EE-9AC4-0165A650729B}C:\program files\dap\dap.exe" = protocol=17 | dir=in | app=c:\program files\dap\dap.exe |
"UDP Query User{2E917737-C005-4BD5-B268-8189C9F59CB9}C:\users\brandley\downloads\tiiveni_tv_190111.exe" = protocol=17 | dir=in | app=c:\users\brandley\downloads\tiiveni_tv_190111.exe |
"UDP Query User{48A9623F-019E-4C16-80AE-BEDA5EDF2AB5}C:\users\brandley\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\brandley\appdata\roaming\spotify\spotify.exe |
"UDP Query User{49A5ACF0-CA84-4449-8A91-FCAF0CA0EBD1}C:\program files\amazon\utilities\amazon music importer\amazon music importer.exe" = protocol=17 | dir=in | app=c:\program files\amazon\utilities\amazon music importer\amazon music importer.exe |
"UDP Query User{64046048-F5D0-4C96-B943-FB21371ED48C}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{6CB2609E-EE25-4835-AAED-6F63B7501BF5}C:\program files\participatory culture foundation\miro\miro_downloader.exe" = protocol=17 | dir=in | app=c:\program files\participatory culture foundation\miro\miro_downloader.exe |
"UDP Query User{A5D51BD6-3F34-4DFC-B2F7-2B477CF9F7A1}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{B0426E09-957D-4FCF-9324-C4136122C0F3}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{EBBC5B58-6AFB-44C7-9686-717D0644C59D}C:\users\brandley\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\brandley\appdata\roaming\spotify\spotify.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{023A5624-E58D-4103-B329-D7F5B7FA4CD5}_is1" = Angry Birds Seasons 2.1.0
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05A677ED-F6EB-C225-0852-C8EDA143F637}" = Catalyst Control Center Core Implementation
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1339C679-8EBD-A264-F51B-8AFF9E5178AB}" = Catalyst Control Center Localization Chinese Standard
"{140BF0D0-E848-405C-9A01-D3256B918B6D}" = AuthenTec Fingerprint System
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{293FE8CE-376E-4F5E-B129-D3A2065F2EA7}" = Amazon Cloud Drive
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1" = Streaming Video Recorder V4.3.0
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33D38429-A417-2939-F2ED-68B02C60524B}" = CCC Help Italian
"{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
"{343A1706-26A4-45EA-88CF-37CA172B0F27}" = D1600
"{348982C0-1053-041B-90E9-27E52C5CBAC4}" = Catalyst Control Center Localization Chinese Traditional
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3683198D-D48D-8F78-D544-E0CEEDA9A5AD}" = Catalyst Control Center Localization Norwegian
"{39874C29-6A64-A5E4-15E8-48CAB1630758}" = Catalyst Control Center Graphics Full New
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{497CDC20-F32E-B732-D5A7-C508832901B1}" = Catalyst Control Center Localization Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CA09BF7-1CFC-44B8-80EA-7B4D15D12DC5}" = Catalyst Control Center - Branding
"{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online
"{4E8B4C51-20A4-A946-F2FD-361E1E64CBFE}" = Catalyst Control Center Localization Dutch
"{4F94119D-1B71-400e-9F04-B4E5CEAE71F8}_is1" = Sothink Movie DVD Maker
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{64595B3D-19A5-420D-B217-775CF395EE04}" = DigitalPersona Fingerprint Software 5.30
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{66E07661-1C3B-EBB3-DDD7-CA2D9CF728E5}" = CCC Help Chinese Standard
"{67192DDF-D12C-7C14-0891-1999A8322D9A}" = ccc-core-static
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{693C5CAC-E43C-4A5F-0793-DB1A91576F00}" = Catalyst Control Center Localization Swedish
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6BA2D1B0-0892-AF53-1542-767C1B1B558F}" = CCC Help German
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{706136D4-648C-92B9-FF9E-BDAC45C977CB}" = CCC Help Norwegian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{732784F2-BBB3-AF93-F0F8-2B28D93F023E}" = Catalyst Control Center Localization Finnish
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{75554025-5756-D2A8-E12A-3996A174E1AF}" = Catalyst Control Center Localization German
"{759142E8-25B0-42AE-B408-4215065D3F4B}" = Windows Live Family Safety
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7842F022-6597-76DA-4DE4-DA3FBD82ECF2}" = Skins
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A4CE9D2-DC5E-4B5B-0ED2-A2F66E76DD52}" = CCC Help Russian
"{7BE855E5-8130-A624-1C47-D5EB13FA6DF2}" = Catalyst Control Center Graphics Previews Vista
"{7D712AFE-2D7C-13B8-DEB7-BA8A28FED665}" = Catalyst Control Center Localization Danish
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E00AAF2-89F3-F7FC-A8F2-8C651449671E}" = CCC Help English
"{7FC84AD6-D939-41A0-A3DF-FB9B511FF275}_is1" = Sothink SWF Catcher for Internet Explorer
"{828816F4-629A-233E-DB02-A6F8BD004643}" = Catalyst Control Center Localization Portuguese
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90601456-1F28-AD6C-C1CE-740526D3BC27}" = Catalyst Control Center Localization French
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96178C0A-BAF9-4E49-A2A5-CDE76722105B}" = HP Deskjet D1600 Printer Driver Software 14.0 Rel. 6
"{975F5675-8FC8-04A8-92CD-4653BD12282F}" = CCC Help French
"{97900633-AADE-35DC-A424-21380BFC5431}" = Catalyst Control Center Graphics Previews Common
"{98823CC0-51DA-565C-FF90-DCC72D47BD24}" = Amazon Music Importer
"{98C948A6-5498-9DEE-BA4C-74B0A96CB521}" = CCC Help Danish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7969E95-7E39-A1AC-2D6F-85531D8A371D}" = CCC Help Japanese
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9C78107-7CBC-B05B-083B-562FA9C1EA0B}" = CCC Help Portuguese
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B8EF780F-126C-4CF0-AAB2-1B68BF06BA1C}" = Motorola Driver Installation 3.7.0
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BB883D70-5B1D-9430-E626-7F495925590D}" = Catalyst Control Center Localization Spanish
"{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1" = Sothink SWF Decompiler
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{C49E407D-A6A0-6F9A-767D-67387EF5523F}" = CCC Help Finnish
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9B2F671-870B-43A0-8B9D-7DB30CEBD87E}" = DJ_SF_06_D1600_SW_Min
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CBF91610-C661-3464-8831-DA8AE2589DB9}" = Catalyst Control Center Localization Japanese
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D2DB5404-378B-2821-513E-A8F230A0E948}" = ccc-utility
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5D92C28-42FB-5E24-DBFA-07232A50D670}" = CCC Help Dutch
"{D6A0DD73-6EF2-9A8D-6F60-4F338F922B37}" = BBC iPlayer Desktop
"{D9DD6E03-ACE1-2503-205E-4FA74267CDC6}" = CCC Help Spanish
"{DB549485-9D94-E7AE-2FE7-DCB33A54FBD7}" = Catalyst Control Center Localization Russian
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE200E10-45BD-E11E-EC8E-1DAD80EF8EA9}" = Catalyst Control Center Graphics Full Existing
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF19AE8-B330-CF2A-AEAA-1E23BBBC7B00}" = CCC Help Chinese Traditional
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5BE4931-F31C-2BA0-F06E-4FEC56725673}" = CCC Help Swedish
"{EC2C71BB-42DF-6F53-FB23-F7B3B160467B}" = Catalyst Control Center Graphics Light
"{ED0AA855-3250-47F9-AF04-251325649D2C}" = FoxyProxy VPN Utility
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1465B68-4D9A-D412-2528-4F84A681F15C}" = Catalyst Control Center Localization Korean
"{F1E18790-4053-4031-483B-80E932CE3910}" = CCC Help Korean
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"17D5EDB8CF9DBD67DDA7675D6772B06BA5809565" = Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (05/01/2008 8.0.26.3)
"7-Zip" = 7-Zip 4.65
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.5
"AudibleManager" = AudibleManager
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"CCleaner" = CCleaner
"com.amazon.music.uploader" = Amazon Music Importer
"Creative OA001" = Integrated Webcam Driver (1.06.03.0309)
"Defraggler" = Defraggler
"Dell Video Chat" = Dell Video Chat (remove only)
"Dell Webcam Central" = Dell Webcam Central
"Digsby" = Digsby
"DivX Setup" = DivX Setup
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"ffdshow_is1" = ffdshow [rev 2202] [2008-10-10]
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.7.0 (Standard)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Miro" = Miro
"Mozilla Firefox 20.0.1 (x86 en-US)" = Mozilla Firefox 20.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"P2PFilter" = P2PFilter 3.0.5
"PC-Doctor for Windows" = Dell Support Center
"RarZilla Free Unrar" = RarZilla Free Unrar
"Secunia PSI" = Secunia PSI (3.0.0.6001)
"SendSpaceWizard" = SendSpace Wizard
"SendToKindle" = Amazon Send to Kindle
"Shop for HP Supplies" = Shop for HP Supplies
"Speed Test Analysis" = Speed Test Analysis
"uTorrent" = µTorrent
"uTorrentControl_v2 Toolbar" = uTorrentControl_v2 Toolbar
"VLC media player" = VLC media player 2.0.5
"WinLiveSuite" = Windows Live Essentials
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-313869043-597203798-2405295701-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/6/2013 3:26:28 AM | Computer Name = GaylesLap | Source = WinMgmt | ID = 10
Description =

Error - 5/6/2013 3:34:51 AM | Computer Name = GaylesLap | Source = WinMgmt | ID = 10
Description =

Error - 5/6/2013 3:50:01 AM | Computer Name = GaylesLap | Source = WinMgmt | ID = 10
Description =

Error - 5/6/2013 6:59:09 AM | Computer Name = GaylesLap | Source = Perflib | ID = 1010
Description =

Error - 5/6/2013 6:59:11 AM | Computer Name = GaylesLap | Source = Perflib | ID = 1008
Description =

Error - 5/7/2013 3:17:00 AM | Computer Name = GaylesLap | Source = WinMgmt | ID = 10
Description =

Error - 5/7/2013 5:56:42 PM | Computer Name = GaylesLap | Source = WinMgmt | ID = 10
Description =

Error - 5/7/2013 6:10:24 PM | Computer Name = GaylesLap | Source = WinMgmt | ID = 10
Description =

Error - 5/8/2013 3:22:29 AM | Computer Name = GaylesLap | Source = WinMgmt | ID = 10
Description =

Error - 5/8/2013 3:49:17 AM | Computer Name = GaylesLap | Source = EventSystem | ID = 4609
Description =

Error - 5/8/2013 3:49:26 AM | Computer Name = GaylesLap | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 3/15/2009 4:15:42 AM | Computer Name = GaylesLap | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 7/19/2009 9:26:08 PM | Computer Name = GaylesLap | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/7/2009 6:52:08 PM | Computer Name = GaylesLap | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/2/2009 4:40:51 PM | Computer Name = GaylesLap | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 1/15/2010 2:33:20 PM | Computer Name = GaylesLap | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ OSession Events ]
Error - 6/12/2009 5:50:53 AM | Computer Name = GaylesLap | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 13, Application Name: Microsoft Office OneNote, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/12/2010 6:30:32 PM | Computer Name = GaylesLap | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1/11/2011 5:20:34 AM | Computer Name = GaylesLap | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5833
seconds with 3840 seconds of active time. This session ended with a crash.

Error - 2/25/2011 7:52:10 PM | Computer Name = GaylesLap | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 39
seconds with 0 seconds of active time. This session ended with a crash.

Error - 11/12/2011 3:37:46 AM | Computer Name = GaylesLap | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 5/8/2013 3:37:46 AM | Computer Name = GaylesLap | Source = Service Control Manager | ID = 7043
Description =

Error - 5/8/2013 3:37:46 AM | Computer Name = GaylesLap | Source = DCOM | ID = 10010
Description =

Error - 5/8/2013 3:48:45 AM | Computer Name = GaylesLap | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 5/8/2013 3:49:12 AM | Computer Name = GaylesLap | Source = DCOM | ID = 10005
Description =

Error - 5/8/2013 3:49:17 AM | Computer Name = GaylesLap | Source = DCOM | ID = 10005
Description =

Error - 5/8/2013 3:49:18 AM | Computer Name = GaylesLap | Source = DCOM | ID = 10005
Description =

Error - 5/8/2013 3:49:22 AM | Computer Name = GaylesLap | Source = DCOM | ID = 10005
Description =

Error - 5/8/2013 3:49:23 AM | Computer Name = GaylesLap | Source = DCOM | ID = 10005
Description =

Error - 5/8/2013 3:49:27 AM | Computer Name = GaylesLap | Source = Service Control Manager | ID = 7001
Description =

Error - 5/8/2013 3:49:27 AM | Computer Name = GaylesLap | Source = Service Control Manager | ID = 7026
Description =


< End of report >


New OTL Log:

OTL logfile created on: 5/8/2013 12:31:41 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brandley\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 76.19% Memory free
4.23 Gb Paging File | 3.93 Gb Available in Paging File | 93.01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.08 Gb Total Space | 65.97 Gb Free Space | 29.57% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 5.10 Gb Free Space | 52.27% Space Free | Partition Type: NTFS

Computer Name: GAYLESLAP | User Name: Brandley | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/07 23:59:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brandley\Desktop\OTL.exe
PRC - [2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter -- (sprtsvc_dellsupportcenter)
SRV - [2013/04/16 23:32:37 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/11 14:24:04 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/26 06:09:22 | 001,225,312 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012/11/26 06:09:20 | 000,659,040 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/05/02 15:26:00 | 000,294,224 | ---- | M] (DigitalPersona, Inc.) [Auto | Stopped] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2010/03/04 13:00:56 | 000,025,704 | R--- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2009/03/16 19:59:20 | 000,254,042 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\stacsv.exe -- (STacSV)
SRV - [2009/03/16 19:59:18 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe -- (AESTFilters)
SRV - [2008/08/16 15:42:34 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2008/05/05 17:46:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) [Auto | Stopped] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008/04/28 13:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Stopped] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/01/20 18:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 12:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wdcsam.sys -- (WDC_SAM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pcdrndisuio.sys -- (PcdrNdisuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ivusb.sys -- (ivusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwmodem.sys -- (btwmodem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwhid.sys -- (btwhid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - [2012/11/20 12:00:58 | 000,027,496 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VirtualAudio.sys -- (WsAudio_Device)
DRV - [2012/10/30 15:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 15:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 15:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 15:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/10/30 15:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/30 15:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/08 19:53:56 | 000,026,080 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV - [2012/03/06 15:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)
DRV - [2010/09/08 12:20:01 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2010/09/01 00:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/03/08 10:02:58 | 000,062,496 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2009/03/16 19:59:22 | 000,398,336 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/03/08 17:06:00 | 000,280,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2009/03/06 07:30:08 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008/05/05 19:08:52 | 000,475,136 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2008/05/04 00:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008/05/04 00:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/03/11 06:24:46 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/03/10 22:42:24 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2008/03/10 22:24:46 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2008/03/10 22:24:44 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/03/10 22:24:42 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/03/10 22:22:44 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/01/20 18:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/06/18 16:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/04/03 10:43:28 | 001,131,136 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ph3xIB32.sys -- (Ph3xIB32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=2080817
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://my.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8046BD4D-45D6-4CA9-AA1E-D83CFB044571}: "URL" = http://websearch.ask...79-BB6EAB3D2CE0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

========== FireFox ==========

FF - prefs.js..browser.search..defaultengine: "Yahoo"
FF - prefs.js..browser.search..defaultenginename: "Yahoo"
FF - prefs.js..browser.search..order.1: "Yahoo"
FF - prefs.js..browser.search..selectedEngine: "Yahoo"
FF - prefs.js..browser.search..selectedEngineURL: "http://fileservehome...={searchTerms}"
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngineURL: "http://fileservehome...={searchTerms}"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: pbupload%40photobucket.com:1.3.3
FF - prefs.js..extensions.enabledAddons: %7BF17C1572-C9EC-4e5c-A542-D05CBB5C5A08%7D:9.7.0.7
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7B288479BE-1B9E-11E2-80EA-F3246188709B%7D:1.1
FF - prefs.js..extensions.enabledAddons: tfdlookup%40nohup.in:2.7
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8
FF - prefs.js..extensions.enabledAddons: speedtestanalysis%40SpeedAnalysis.com:1.0.0.0
FF - prefs.js..extensions.enabledAddons: %7B7473b6bd-4691-4744-a82b-7854eb3d70b6%7D:10.15.0.562
FF - prefs.js..extensions.enabledAddons: %7BBAEBEF65-9289-47c5-8524-C345CC5D860D%7D:1.12
FF - prefs.js..extensions.enabledAddons: button%40youtubeclipextractor.com:2.2.0.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:3.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.13
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.7.0.7
FF - prefs.js..extensions.enabledItems: [email protected]:6.0.1367
FF - prefs.js..extensions.enabledItems: {3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}:1.2.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: [email protected]:3.12.2.100009
FF - prefs.js..extensions.enabledItems: {BAEBEF65-9289-47c5-8524-C345CC5D860D}:1.9
FF - prefs.js..extensions.enabledItems: {b947750f-94cc-4d60-9f68-281d51279131}:3.8.0.8
FF - prefs.js..keyword.URL: "http://fileservehome...02ff&Keywords="
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: ""
FF - prefs.js..network.proxy.http: ""
FF - prefs.js..network.proxy.http_port: ""
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.socks: ""
FF - prefs.js..network.proxy.socks_port: ""
FF - prefs.js..network.proxy.ssl_port: ""
FF - prefs.js..network.proxy.type: 0

FF - user.js..keyword.URL: "http://fileservehome...02ff&Keywords="
FF - user.js..keyword.enabled: 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nbc.com/DirectPlayer: C:\Program Files\NBC Direct\npDirectPlayerMozilla.dll File not found
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brandley\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brandley\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SpeedBit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/13 20:47:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/11 20:09:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2012/05/29 17:22:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/12/12 15:24:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/11 14:24:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/11 14:23:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2011/10/28 19:52:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/13 20:47:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DigitalPersona\Bin\firefoxext [2012/05/29 17:22:28 | 000,000,000 | ---D | M]

[2010/01/05 23:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Extensions
[2013/05/08 11:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions
[2010/07/26 01:16:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/22 13:42:52 | 000,000,000 | ---D | M] (Xinha Here!) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{5B280457-4290-40c2-9441-EA647775F824}
[2013/03/26 23:44:39 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2013/02/24 01:16:34 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/04/16 02:32:24 | 000,322,488 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/09/14 07:22:53 | 000,025,950 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/12/18 17:36:18 | 000,053,364 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/12/18 17:36:17 | 000,002,716 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{288479BE-1B9E-11E2-80EA-F3246188709B}.xpi
[2013/04/08 00:24:05 | 000,154,271 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{BAEBEF65-9289-47c5-8524-C345CC5D860D}.xpi
[2013/02/14 03:19:43 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/03/01 02:10:58 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012/09/21 15:05:03 | 000,002,299 | ---- | M] () -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\searchplugins\askcom.xml
[2011/05/11 15:21:46 | 000,001,213 | ---- | M] () -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\searchplugins\fileserve.xml
[2013/05/08 11:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/12/12 15:24:44 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/10/28 19:52:48 | 000,000,000 | ---D | M] (Download Accelerator Plus (DAP) extension) -- C:\PROGRAM FILES\DAP\DAPFIREFOX
[2012/01/11 20:09:12 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\[email protected]M
File not found (No name found) -- C:\USERS\BRANDLEY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8W3RM69W.DEFAULT\EXTENSIONS\[email protected]
[2013/04/11 14:24:06 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/11/19 22:17:14 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/11 15:21:45 | 000,001,213 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fileserve.xml
[2013/02/19 14:32:21 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: MyStart Search (Enabled)
CHR - default_search_provider: search_url = http://mystart.incre...6R8OrYjx9x&i=26
CHR - default_search_provider: suggest_url =
CHR - homepage: http://my.msn.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome DAP extension (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.8_0\lib/npdapchrome.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Brandley\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Angry Birds = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.14.253.3_0\
CHR - Extension: Download Accelerator Plus (DAP) = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.8_0\
CHR - Extension: Keep My Opt-Outs = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe\1.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: New tab for Chrome\u2122 = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Speed Test Analysis = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0\

O1 HOSTS File: ([2011/05/19 10:47:48 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Download Accelerator Plus Integration) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.112.128.2 204.17.139.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C455C83-8DBA-41B3-A6B2-0A67DB9441EC}: DhcpNameServer = 209.112.128.2 204.17.139.2
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O24 - Desktop WallPaper: C:\Users\Brandley\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Brandley\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/08 11:37:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/05/07 23:59:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Brandley\Desktop\OTL.exe
[2013/05/04 12:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/04/15 18:56:04 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/04/11 14:23:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

========== Files - Modified Within 30 Days ==========

[2013/05/08 12:12:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/08 12:06:55 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/08 12:06:55 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/08 11:55:41 | 000,271,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/08 11:47:00 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2013/05/08 11:38:16 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/08 11:24:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-313869043-597203798-2405295701-1000UA.job
[2013/05/08 11:17:06 | 000,628,743 | ---- | M] () -- C:\Users\Brandley\Desktop\adwcleaner.exe
[2013/05/07 23:59:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brandley\Desktop\OTL.exe
[2013/05/07 23:40:29 | 000,036,864 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2013/05/07 05:24:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-313869043-597203798-2405295701-1000Core.job
[2013/05/04 02:18:58 | 000,039,936 | ---- | M] () -- C:\Windows\System32\umstartup000.etl
[2013/05/04 01:47:09 | 000,035,550 | ---- | M] () -- C:\Users\Brandley\Documents\cc_20130504_014702.reg
[2013/05/04 01:43:09 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/05/04 01:28:22 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/22 20:37:36 | 000,604,752 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/04/22 20:37:36 | 000,109,022 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/04/20 18:14:32 | 269,029,013 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/04/11 00:20:08 | 000,002,100 | ---- | M] () -- C:\Users\Brandley\Desktop\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2013/05/08 11:17:01 | 000,628,743 | ---- | C] () -- C:\Users\Brandley\Desktop\adwcleaner.exe
[2013/05/04 01:47:05 | 000,035,550 | ---- | C] () -- C:\Users\Brandley\Documents\cc_20130504_014702.reg
[2012/06/06 13:49:33 | 000,049,091 | ---- | C] () -- C:\Users\Brandley\lorealparisargentinafb2.jpg
[2012/06/06 13:48:35 | 000,045,317 | ---- | C] () -- C:\Users\Brandley\lorealparisargentinafb.jpg
[2012/06/05 21:10:01 | 000,026,711 | ---- | C] () -- C:\Users\Brandley\P060212_2002.jpg
[2012/06/05 20:56:38 | 068,010,654 | ---- | C] () -- C:\Users\Brandley\LTT-Seattle.zip
[2012/05/11 23:18:06 | 000,000,680 | ---- | C] () -- C:\Users\Brandley\AppData\Local\d3d9caps.dat
[2012/04/22 12:59:40 | 000,068,071 | ---- | C] () -- C:\Users\Brandley\Your travel document PBORB5362355094.eml
[2011/11/17 18:24:01 | 001,174,083 | ---- | C] () -- C:\Windows\unins000.exe
[2011/11/17 18:24:01 | 000,017,783 | ---- | C] () -- C:\Windows\unins000.dat
[2011/11/11 21:42:20 | 000,000,218 | ---- | C] () -- C:\Users\Brandley\.recently-used.xbel
[2011/10/28 19:52:43 | 000,109,216 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll
[2011/10/28 19:52:43 | 000,084,480 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll
[2011/09/02 21:38:48 | 000,000,997 | ---- | C] () -- C:\Users\Brandley\index.html
[2011/09/01 22:27:49 | 000,000,118 | ---- | C] () -- C:\Users\Brandley\Cari Man up radio.m3u
[2010/05/24 12:04:56 | 000,000,145 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2009/09/01 15:47:41 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008/10/19 04:53:12 | 000,000,552 | ---- | C] () -- C:\Users\Brandley\AppData\Local\d3d8caps.dat
[2008/10/04 10:30:54 | 000,023,909 | ---- | C] () -- C:\Users\Brandley\AppData\Roaming\UserTile.png
[2008/09/04 16:30:00 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/09/02 18:21:28 | 000,049,664 | ---- | C] () -- C:\Users\Brandley\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/29 22:28:08 | 000,008,248 | ---- | C] () -- C:\Users\Brandley\AppData\Local\en.ini

========== ZeroAccess Check ==========

[2006/11/02 04:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 09:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 22:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 22:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008/09/16 02:58:24 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\aAvgApi
[2012/12/18 16:06:47 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Aimersoft Video Converter Ultimate
[2009/10/20 17:20:58 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Amazon
[2009/10/24 14:41:25 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Any Video Converter
[2013/03/15 12:50:28 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Apowersoft
[2010/12/07 02:52:42 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Ashampoo
[2010/03/22 12:39:29 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Audacity
[2011/04/28 09:10:11 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\AVG10
[2010/04/24 13:45:09 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\AVG9
[2012/12/17 01:33:30 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2010/08/16 16:18:25 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Clip Extractor
[2013/03/28 12:59:29 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\com.amazon.music.uploader
[2009/07/30 11:41:59 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\DataCast
[2012/05/29 14:43:43 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\DigitalPersona
[2012/10/20 17:27:16 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\foxyproxy
[2011/11/04 23:59:43 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\gtk-2.0
[2009/09/16 10:53:00 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\IDM
[2009/11/21 17:52:17 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\LimeWire
[2011/12/14 02:04:07 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Mobipocket
[2009/09/10 23:10:19 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\MPEG Streamclip
[2009/07/05 09:49:26 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\MusicNet
[2009/09/16 10:53:13 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\NBC Direct
[2011/11/04 22:45:51 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Participatory Culture Foundation
[2010/12/15 19:17:45 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\PCDr
[2012/10/22 17:50:48 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\PCF-VLC
[2008/10/04 10:30:53 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\PeerNetworking
[2011/01/17 21:02:20 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Philipp Winterberg
[2011/12/19 01:44:45 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Rovio
[2010/10/19 21:25:08 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\SendSpace Wizard
[2013/03/15 12:57:57 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\SpeedTestAnalysis
[2013/01/13 15:24:15 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Spotify
[2011/02/13 23:07:20 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Uniblue
[2013/05/04 01:08:54 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\uTorrent
[2011/12/23 14:47:02 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Visan
[2011/11/11 23:52:43 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Western Digital
[2010/05/24 12:05:00 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Western DigitalTemp
[2011/11/28 17:17:34 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 857 bytes -> C:\Users\Brandley\Your travel document PBORB5362355094.eml:OECustomProperty
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:CD060F93
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2B11E0DF
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:010ADD2C
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:553CA6CA
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D74B6CF5
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >


AdwCleaner Log:

# AdwCleaner v2.300 - Logfile created 05/08/2013 at 12:15:58
# Updated 28/04/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Brandley - GAYLESLAP
# Boot Mode : Safe mode with networking
# Running from : C:\Users\Brandley\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\user.js
File Found : C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\searchplugins\Askcom.xml
Folder Found : C:\Program Files\Common Files\Speedbit
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\Perion
Folder Found : C:\Program Files\uTorrentControl_v2
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Speedbit
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\Brandley\AppData\Local\Conduit
Folder Found : C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Folder Found : C:\Users\Brandley\AppData\Local\PackageAware
Folder Found : C:\Users\Brandley\AppData\LocalLow\AVG Security Toolbar
Folder Found : C:\Users\Brandley\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Brandley\AppData\LocalLow\Conduit
Folder Found : C:\Users\Brandley\AppData\LocalLow\FunWebProducts
Folder Found : C:\Users\Brandley\AppData\LocalLow\incredibar.com
Folder Found : C:\Users\Brandley\AppData\LocalLow\Kiwee Toolbar
Folder Found : C:\Users\Brandley\AppData\LocalLow\MyWebSearch
Folder Found : C:\Users\Brandley\AppData\LocalLow\Toolbar4
Folder Found : C:\Users\Brandley\AppData\LocalLow\uTorrentControl_v2
Folder Found : C:\Users\Brandley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Found : C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\ConduitCommon
Folder Found : C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\CT3220468
Folder Found : C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Folder Found : C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\jetpack
Folder Found : C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\Smartbar
Folder Found : C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\SweetIMToolbarData

***** [Registry] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Found : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Found : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\Toolbar
Key Found : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\cacaoweb
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Homepage Protection Service
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl_v2 Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WNLT
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Kiwee Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4260E0CC-0F75-462E-88A3-1E05C248BF4C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260E0CC-0F75-462E-88A3-1E05C248BF4C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\SpeedBit
Key Found : HKCU\Software\Zugo
Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4260E0CC-0F75-462E-88A3-1E05C248BF4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\InstallerControl.InstallerObject
Key Found : HKLM\SOFTWARE\Classes\InstallerControl.InstallerObject.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2320606
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2540548
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3BCF582D-CA87-4C6F-AF3D-B3548A976AB3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Key Found : HKLM\Software\IB Updater
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0D66491E-44CE-490D-9955-541C1C67FA1D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5736992-BA20-4FDA-8978-3D4B967EC050}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Found : HKLM\Software\SpeedBit
Key Found : HKLM\Software\Tarma Installer
Key Found : HKLM\Software\uTorrentControl_v2
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\prefs.js

Found : user_pref("CT2370974..clientLogIsEnabled", true);
Found : user_pref("CT2370974..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2370974..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2370974.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2370974.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2370974.AppTrackingLastCheckTime", "Tue Nov 29 2011 09:13:15 GMT-0900 (Alaskan Standard[...]
Found : user_pref("CT2370974.CT2370974", "CT2370974");
Found : user_pref("CT2370974.CurrentServerDate", "29-11-2011");
Found : user_pref("CT2370974.DSInstall", false);
Found : user_pref("CT2370974.DialogsAlignMode", "LTR");
Found : user_pref("CT2370974.DialogsGetterLastCheckTime", "Mon Nov 28 2011 17:13:06 GMT-0900 (Alaskan Standa[...]
Found : user_pref("CT2370974.DownloadReferralCookieData", "{\"BannerName\":\"Toolbar_Image_cover1\",\"Banner[...]
Found : user_pref("CT2370974.FirstServerDate", "29-11-2011");
Found : user_pref("CT2370974.FirstTime", true);
Found : user_pref("CT2370974.FirstTimeFF3", true);
Found : user_pref("CT2370974.FixPageNotFoundErrors", false);
Found : user_pref("CT2370974.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2370974.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2370974.HPInstall", false);
Found : user_pref("CT2370974.HasUserGlobalKeys", true);
Found : user_pref("CT2370974.HomePageProtectorEnabled", false);
Found : user_pref("CT2370974.HomepageBeforeUnload", "hxxp://www.google.com/");
Found : user_pref("CT2370974.Initialize", true);
Found : user_pref("CT2370974.InitializeCommonPrefs", true);
Found : user_pref("CT2370974.InstallationAndCookieDataSentCount", 1);
Found : user_pref("CT2370974.InstallationType", "DirectDownload");
Found : user_pref("CT2370974.InstalledDate", "Mon Nov 28 2011 17:13:08 GMT-0900 (Alaskan Standard Time)");
Found : user_pref("CT2370974.IsGrouping", false);
Found : user_pref("CT2370974.IsInitSetupIni", true);
Found : user_pref("CT2370974.IsMulticommunity", false);
Found : user_pref("CT2370974.IsOpenThankYouPage", true);
Found : user_pref("CT2370974.IsOpenUninstallPage", true);
Found : user_pref("CT2370974.IsProtectorsInit", true);
Found : user_pref("CT2370974.LanguagePackLastCheckTime", "Mon Nov 28 2011 17:13:07 GMT-0900 (Alaskan Standar[...]
Found : user_pref("CT2370974.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2370974.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2370974.LastLogin_3.8.0.8", "Mon Nov 28 2011 17:22:47 GMT-0900 (Alaskan Standard Time)"[...]
Found : user_pref("CT2370974.LatestVersion", "3.8.1.0");
Found : user_pref("CT2370974.Locale", "en");
Found : user_pref("CT2370974.MCDetectTooltipHeight", "83");
Found : user_pref("CT2370974.MCDetectTooltipUrl", "hxxp://@[email protected]/rank/tooltip/?version=1");
Found : user_pref("CT2370974.MCDetectTooltipWidth", "295");
Found : user_pref("CT2370974.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2370974.OriginalFirstVersion", "3.8.0.8");
Found : user_pref("CT2370974.SearchCaption", "1TVPC Customized Web Search");
Found : user_pref("CT2370974.SearchEngineBeforeUnload", "Google");
Found : user_pref("CT2370974.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2370974.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT237[...]
Found : user_pref("CT2370974.SearchInNewTabEnabled", true);
Found : user_pref("CT2370974.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2370974.SearchInNewTabLastCheckTime", "Mon Nov 28 2011 17:22:47 GMT-0900 (Alaskan Stand[...]
Found : user_pref("CT2370974.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2370974.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Found : user_pref("CT2370974.SearchProtectorEnabled", false);
Found : user_pref("CT2370974.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2370974.SendProtectorDataViaLogin", true);
Found : user_pref("CT2370974.ServiceMapLastCheckTime", "Mon Nov 28 2011 17:12:58 GMT-0900 (Alaskan Standard [...]
Found : user_pref("CT2370974.SettingsLastCheckTime", "Mon Nov 28 2011 17:13:01 GMT-0900 (Alaskan Standard Ti[...]
Found : user_pref("CT2370974.SettingsLastUpdate", "1321423730");
Found : user_pref("CT2370974.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2370974&SearchSource=13");
Found : user_pref("CT2370974.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2370974.ThirdPartyComponentsLastCheck", "Mon Nov 28 2011 17:12:58 GMT-0900 (Alaskan Sta[...]
Found : user_pref("CT2370974.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT2370974.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2370974.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2370974");
Found : user_pref("CT2370974.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2370974.UserID", "UN50182760685988464");
Found : user_pref("CT2370974.ValidationData_Search", 1);
Found : user_pref("CT2370974.ValidationData_Toolbar", 1);
Found : user_pref("CT2370974.WeatherNetwork", "");
Found : user_pref("CT2370974.WeatherPollDate", "Mon Nov 28 2011 17:43:47 GMT-0900 (Alaskan Standard Time)");
Found : user_pref("CT2370974.WeatherUnit", "F");
Found : user_pref("CT2370974.alertChannelId", "765898");
Found : user_pref("CT2370974.components.1000515", false);
Found : user_pref("CT2370974.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2370974.globalFirstTimeInfoLastCheckTime", "Tue Nov 29 2011 09:13:00 GMT-0900 (Alaskan [...]
Found : user_pref("CT2370974.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2370974.initDone", true);
Found : user_pref("CT2370974.isAppTrackingManagerOn", true);
Found : user_pref("CT2370974.myStuffEnabled", true);
Found : user_pref("CT2370974.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2370974.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2370974.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2370974.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2370974.revertSettingsEnabled", false);
Found : user_pref("CT2370974.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2370974.searchProtectorEnableByLogin", true);
Found : user_pref("CT2370974.testingCtid", "");
Found : user_pref("CT2370974.toolbarAppMetaDataLastCheckTime", "Mon Nov 28 2011 17:13:05 GMT-0900 (Alaskan S[...]
Found : user_pref("CT2370974.toolbarContextMenuLastCheckTime", "Mon Nov 28 2011 17:13:07 GMT-0900 (Alaskan S[...]
Found : user_pref("CT2370974.usagesFlag", 2);
Found : user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM1NTg3ODMyMCwidXVpZCI6NzY3OTQwMzI5MDY0NDI4LCJ[...]
Found : user_pref("CT3220468.CBOpenMAMSettings.enc", "MA==");
Found : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT3220468.FirstTime", "true");
Found : user_pref("CT3220468.FirstTimeFF3", "true");
Found : user_pref("CT3220468.LoginRevertSettingsEnabled", true);
Found : user_pref("CT3220468.RevertSettingsEnabled", true);
Found : user_pref("CT3220468.UserID", "UN29722023548992105");
Found : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT3220468.autoDisableScopes", 14);
Found : user_pref("CT3220468.cb_experience_000.enc", "Mw==");
Found : user_pref("CT3220468.cb_firstuse0100.enc", "MQ==");
Found : user_pref("CT3220468.cbcountry_001.enc", "VVM=");
Found : user_pref("CT3220468.cbfirsttime.enc", "U3VuIERlYyAxNiAyMDEyIDE0OjM1OjA3IEdNVC0wOTAwIChBbGFza2FuIFN0[...]
Found : user_pref("CT3220468.defaultSearch", "false");
Found : user_pref("CT3220468.enableAlerts", "always");
Found : user_pref("CT3220468.enableFix404ByUser", "FALSE");
Found : user_pref("CT3220468.enableSearchFromAddressBar", "false");
Found : user_pref("CT3220468.firstTimeDialogOpened", "true");
Found : user_pref("CT3220468.fixPageNotFoundError", "true");
Found : user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");
Found : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT3220468.fixUrls", true);
Found : user_pref("CT3220468.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES.enc",[...]
Found : user_pref("CT3220468.installType", "xpe");
Found : user_pref("CT3220468.isCheckedStartAsHidden", true);
Found : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
Found : user_pref("CT3220468.isNewTabEnabled", false);
Found : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
Found : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Found : user_pref("CT3220468.lastVersion", "10.15.0.562");
Found : user_pref("CT3220468.migrateAppsAndComponents", true);
Found : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Found : user_pref("CT3220468.openThankYouPage", "true");
Found : user_pref("CT3220468.openUninstallPage", "false");
Found : user_pref("CT3220468.revertSettingsEnabled", "false");
Found : user_pref("CT3220468.search.searchAppId", "129813684258939747");
Found : user_pref("CT3220468.search.searchCount", "0");
Found : user_pref("CT3220468.searchInNewTabEnabled", "false");
Found : user_pref("CT3220468.searchInNewTabEnabledByUser", "false");
Found : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1355700896767");
Found : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1355700896819");
Found : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1355700900720");
Found : user_pref("CT3220468.serviceLayer_services_location_lastUpdate", "1367999577085");
Found : user_pref("CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate", "1360190775052");
Found : user_pref("CT3220468.serviceLayer_services_login_10.14.370.524_lastUpdate", "1363289409089");
Found : user_pref("CT3220468.serviceLayer_services_login_10.14.42.7_lastUpdate", "1361743950538");
Found : user_pref("CT3220468.serviceLayer_services_login_10.14.65.43_lastUpdate", "1362778047750");
Found : user_pref("CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate", "1368042755668");
Found : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1355700901042");
Found : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1355700892532");
Found : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1367999576554");
Found : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1355700900912");
Found : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1368006779227");
Found : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1367999577074");
Found : user_pref("CT3220468.settingsINI", true);
Found : user_pref("CT3220468.shouldFirstTimeDialog", "false");
Found : user_pref("CT3220468.showToolbarPermission", "false");
Found : user_pref("CT3220468.smartbar.CTID", "CT3220468");
Found : user_pref("CT3220468.smartbar.Uninstall", "0");
Found : user_pref("CT3220468.smartbar.isHidden", true);
Found : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
Found : user_pref("CT3220468.startPage", "userChanged");
Found : user_pref("CT3220468.toolbarBornServerTime", "17-12-2012");
Found : user_pref("CT3220468.toolbarCurrentServerTime", "8-5-2013");
Found : user_pref("CT3220468.toolbarLoginClientTime", "Thu Mar 14 2013 11:29:08 GMT-0800 (Alaskan Daylight T[...]
Found : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/765898/761727/US", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2370974", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2370974",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2370974&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"1d8[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Brandley\\AppData\\Roaming\\Mozilla[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://fileservehome.com/?prt=fileservet[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2370974");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2370974");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2370974");
Found : user_pref("CommunityToolbar.globalUserId", "821d71f5-becf-49ea-8cd3-a6f42b588beb");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Nov 28 2011 17:13:0[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Nov 28 2011 17:13:16 GMT-090[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Nov 28 2011 17:12:59 GMT-0900 (A[...]
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "793a9432-9df1-4c8b-b7b5-b842eb367416");
Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.com/");
Found : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Found : user_pref("browser.bdtoolbar.orig_keyword_url", "hxxp://search.speedbit.com/searchresults.asp?src=de[...]
Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("extensions.illimitux.ilx_pref_pt_veoh", true);
Found : user_pref("extensions.incredibar.actvtyRptTime", "1355877624504");
Found : user_pref("extensions.incredibar.admin", false);
Found : user_pref("extensions.incredibar.aflt", "orgnl");
Found : user_pref("extensions.incredibar.afterInstallRpt", "sent");
Found : user_pref("extensions.incredibar.cntry", "US");
Found : user_pref("extensions.incredibar.dfltLng", "EN");
Found : user_pref("extensions.incredibar.dfltSrch", false);
Found : user_pref("extensions.incredibar.dfltlng", "EN");
Found : user_pref("extensions.incredibar.dfltsrch", "false");
Found : user_pref("extensions.incredibar.did", "10658");
Found : user_pref("extensions.incredibar.envrmnt", "production");
Found : user_pref("extensions.incredibar.excTlbr", false);
Found : user_pref("extensions.incredibar.hdrMd5", "EB0B9D5CB823A6F769E4A4E31F5B2031");
Found : user_pref("extensions.incredibar.hmpg", false);
Found : user_pref("extensions.incredibar.hrdid", "6edb0b0a000000000000000000000000");
Found : user_pref("extensions.incredibar.id", "6edb0b0a000000000000000000000000");
Found : user_pref("extensions.incredibar.installerproductid", "26");
Found : user_pref("extensions.incredibar.instlDay", "15690");
Found : user_pref("extensions.incredibar.instlRef", "");
Found : user_pref("extensions.incredibar.instlday", "15690");
Found : user_pref("extensions.incredibar.instlref", "");
Found : user_pref("extensions.incredibar.isDcmntCmplt", true);
Found : user_pref("extensions.incredibar.isdcmntcmplt", "false");
Found : user_pref("extensions.incredibar.keywordurl", "");
Found : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1412:58:52");
Found : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Found : user_pref("extensions.incredibar.newTab", false);
Found : user_pref("extensions.incredibar.newtab", "false");
Found : user_pref("extensions.incredibar.newtaburl", "");
Found : user_pref("extensions.incredibar.noFFXTlbr", false);
Found : user_pref("extensions.incredibar.ppd", "");
Found : user_pref("extensions.incredibar.prdct", "incredibar");
Found : user_pref("extensions.incredibar.productid", "26");
Found : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar.prtnrid", "Incredibar");
Found : user_pref("extensions.incredibar.sg", "none");
Found : user_pref("extensions.incredibar.smplGrp", "none");
Found : user_pref("extensions.incredibar.smplgrp", "none");
Found : user_pref("extensions.incredibar.srch", "");
Found : user_pref("extensions.incredibar.srchprvdr", "");
Found : user_pref("extensions.incredibar.tlbrId", "base");
Found : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8OrYjx9x&loc=IB_T[...]
Found : user_pref("extensions.incredibar.tlbrid", "base");
Found : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6R8OrYjx9x&loc=IB_T[...]
Found : user_pref("extensions.incredibar.upn2", "6R8OrYjx9x");
Found : user_pref("extensions.incredibar.upn2n", "92825583429031963");
Found : user_pref("extensions.incredibar.vrsn", "");
Found : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1412:58:52");
Found : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Found : user_pref("extensions.incredibar.vrsnts", "1.5.11.1412:58:52");
Found : user_pref("extensions.incredibar_i.aflt", "orgnl");
Found : user_pref("extensions.incredibar_i.dfltLng", "");
Found : user_pref("extensions.incredibar_i.did", "10658");
Found : user_pref("extensions.incredibar_i.excTlbr", false);
Found : user_pref("extensions.incredibar_i.id", "6edb0b0a000000000000000000000000");
Found : user_pref("extensions.incredibar_i.installerproductid", "26");
Found : user_pref("extensions.incredibar_i.instlDay", "15690");
Found : user_pref("extensions.incredibar_i.instlRef", "");
Found : user_pref("extensions.incredibar_i.ms_url_id", "");
Found : user_pref("extensions.incredibar_i.newTab", false);
Found : user_pref("extensions.incredibar_i.ppd", "");
Found : user_pref("extensions.incredibar_i.prdct", "incredibar");
Found : user_pref("extensions.incredibar_i.productid", "26");
Found : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar_i.smplGrp", "none");
Found : user_pref("extensions.incredibar_i.tlbrId", "base");
Found : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8OrYjx9x&loc=IB[...]
Found : user_pref("extensions.incredibar_i.upn2", "6R8OrYjx9x");
Found : user_pref("extensions.incredibar_i.upn2n", "92825583429031963");
Found : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1412:58:52");
Found : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Found : user_pref("smartbar.machineId", "+IIUUEN5RYANNGAKLI+KHI4I95QSGM4SZOJXMSCWM7OBS7RYB7IZXORTTBJWVNUJKBT[...]
Found : user_pref("speedbit.dap_installed", true);
Found : user_pref("speedbitvdownloader.auto_search", false);
Found : user_pref("speedbitvdownloader.buttons.highlighter", false);
Found : user_pref("speedbitvdownloader.buttons.showlabels", false);
Found : user_pref("speedbitvdownloader.click_selects_all", true);
Found : user_pref("speedbitvdownloader.ctrl_search", false);
Found : user_pref("speedbitvdownloader.enable_auto_complete", false);
Found : user_pref("speedbitvdownloader.focus_key", false);
Found : user_pref("speedbitvdownloader.search_in_tab", false);
Found : user_pref("speedbitvdownloader.search_on_drag_drop", false);
Found : user_pref("speedbitvdownloader.shift_ctrl_search", false);
Found : user_pref("speedbitvdownloader.shift_search", false);
Found : user_pref("speedbitvdownloader.use_inline_complete", false);
Found : user_pref("speedbitvdownloader.warn_on_form_history", false);
Found : user_pref("speedbitvideodownloader.Var1", "0");
Found : user_pref("speedbitvideodownloader.Var10", "0");
Found : user_pref("speedbitvideodownloader.Var2", "0");
Found : user_pref("speedbitvideodownloader.Var3", "0");
Found : user_pref("speedbitvideodownloader.Var4", "0");
Found : user_pref("speedbitvideodownloader.Var5", "0");
Found : user_pref("speedbitvideodownloader.Var6", "0");
Found : user_pref("speedbitvideodownloader.Var7", "0");
Found : user_pref("speedbitvideodownloader.Var8", "0");
Found : user_pref("speedbitvideodownloader.Var9", "0");
Found : user_pref("speedbitvideodownloader.cache.tbs_include_xml_spd", "3/13/27/7/110");
Found : user_pref("speedbitvideodownloader.firstlaunch", "0");
Found : user_pref("speedbitvideodownloader.guid", "%7B293266AD-81AB-54CE-631A-58FC49CADD01%7D");
Found : user_pref("speedbitvideodownloader.popupblockedcnt", "4");
Found : user_pref("speedbitvideodownloader.userId", "%12");
Found : user_pref("speedbitvideodownloader_installed_version", "2.2.4");
Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.mode.debug", "false");
Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Found : user_pref("sweetim.toolbar.search.history.capacity", "10");
Found : user_pref("sweetim.toolbar.simapp_id", "{39E66964-A0CD-4EC1-9FC0-42D2EBDE335A}");
Found : user_pref("sweetim.toolbar.version", "1.0.0.10");

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.37] : icon_url = "hxxp://mystart.incredibar.com/mb128/favicon.ico",
Found [l.40] : keyword = "mystart.incredibar.com/mb128",
Found [l.43] : search_url = "hxxp://mystart.incredibar.com/mb128/?loc=IB_DS&search={searchTerms}&a=6R8OrYjx9x&i=26",
Found [l.2452] : urls_to_restore_on_startup = [ "hxxp://mystart.incredibar.com/mb128?a=6R8OrYjx9x&i=26" ]

*************************

AdwCleaner[R1].txt - [34563 octets] - [08/05/2013 12:15:58]

########## EOF - C:\AdwCleaner[R1].txt - [34624 octets] ##########
  • 0

#4
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Two additional bits of info for you.

On startup (both modes on DOS screen) I am getting Error 8602 Aux. device failure.
I hadn't noticed that error before.

On the next reboot into normal mode the touchpad and keyboard both worked until the Dell Touchpad quick lanch icon loaded, which is right after Advast loads. After that I lost both of them. I am sure that has not been the case all along, most times the touchpad quits immediately when Windows loads. Sometimes both keyboard and touchpad, sometimes only the one.
And I thank-you again for your time :)
  • 0

#5
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
The 8602 error code is a mouse error code according to Dell. So you likely got it when you had the external mouse plugged in.

A few of questions.

1. Do you have any external drives or any other hardware like printers etc; connected to the laptop.
2. Do you have the laptop connected to a USB hub?
3. Have you updated any drivers, especially Dell drivers lately?
4. How long have you been using Avast?
5. When did this problem with the touchpad and keyboard start?
6. What had you done just before the problem started?
  • 0

#6
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Yes, I had the wireless mouse connected when I got that error.

No external drives or printers, only the wireless mouse. Laptop is not connected to anything else.
Have not done any driver updates.
Have used Advast Free version for a year now, just renewed the registration but haven't done the 2013 upgrade. Version is 7.0.1474
I'm afraid I can't be real helpful as to when exactly the problem with the keyboard/touchpad began.
I went on vacation for a week and discovered when I returned the laptop would not turn on, the battery was completely dead and not charging.
Ordered a new Dell powercord and made sure I got the right one. After that is when I really noticed the problem but it was intermittent. So it has been within the last week all this really began. The laptop was used on the Guest account while I was away a couple of times but no problems with the touchpad or keyboard were evident. (The guest account has no admin privileges and no changes should have occurred during that time. The user said the computer worked fine and he didn't download or change anything, the only problem he said he had was the wireless wouldn't connect a couple of times.)
So I'm still left scratching my head... I haven't used the Guest account to see if they are still working there, guess I could check that out.

Before the power problem I was occasionally experiencing some blue screen crashes after loading FireFox, this problem also intermittent over the previous month or so - wasn't able to determine what the cause was for certain but I suspect it was Adobe. After I upgraded that problem seemed to disappear, haven't had a blue screen crash all this week... don't think I have had one since the upgrade.
Wish I could be more helpful, but this one really has me stumped.
  • 0

#7
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
I checked the guest account and the same problems occurred right after the Dell Touchpad Icon loaded in the quick launch toolbar.
So... I logged back into my regular user account and used CCleaner to change the Alps permission to load at start up.
Changed this line from Yes -
No HKLM:Run Apoint Alps Electric Co., Ltd. C:\Program Files\DellTPad\Apoint.exe

Rebooted and both keyboard and touchpad continued to work... am able to type this without being in safe mode.
Something corrupt in that .exe?
  • 0

#8
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Thanks for the update. Troubleshooting a hardware problem can be a real pain. It takes patients a some time a little creativity. I saw in the OTL log that you had a couple of CC .reg files meaning that you , or someone , has used CC to clean the registry and I wondered if that could have had anything to do with the issue. But those files were created on May 4th, so I'm guessing that you already had the problem. I also noticed in the OTL file that a bunch of Microsoft driver files are missing.
A word of advice. GTG does not recommend any Registry cleaner. They have never been shown to speed up the system and unless you know exactly what is being removed and what, if anything, that removal could affect in the Registry you can do a lot of harm to your computer.

That said there are a couple of things you can try:

1. Go into CC and enable the Appoint.exe file to load at startup. Then go into Avast and disable it Permanently. Then reboot the system and see if the touchpad and keyboard continue to work when AVAST is disabled. To disable AVAST:

  • Right- click on the avast! icon in system tray.
  • Select avast! shields control and there will be options to disable avast for 10 minutes, 1 hour, until the computer is restarted or permanently.
  • Click Permanently
  • Restart the computer and see if the touchpad and keyboard work with Avast disabled.
2. Now that you are able to boot into normal mode we can go ahead and get the system cleaned and then you can try to reinstall the Alps touchpad software from the the Dell drivers disk.

3. After we get the system cleaned you can update the touchpad driver from the Dell site.

4. If you have a system Restore Point made before the problem started you can revert to that system restore point. We will have to redo the cleaning we have done so far if the system restore point works.

Let me know what you want to do.
  • 0

#9
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Touchpad didn't work prior to login after those changes were made, keyboard was functional.

Thanks for the advice on the reg. cleaner I won't use it any more. In fact, I don't usually use it and can't really remember why I ran it... :wacko:

I have the Dell disks but I have another problem with the DVD Drive. That is an old problem I haven't bothered with since I haven't really had the need for it. Laziness on my part really, I think that is also either driver issue or one of the free burner software products I tried a while back messed with it. I can try the disk but I might have to dl the drivers & software instead... if they are available.

I have system restore points going back to April 8th, that should be before this problem started.
I have the next couple of days off so time to work on this. I'm thinking restore might be the way to go since we are tackling one problem at a time here, even if it does mean starting the clean over.
  • 0

#10
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
OK. Go back into CC and disable Appoint.exe from running at start up. Then boot into normal Windows and if the touchpad and keyboard are working like they did in post #7, make a fresh restore point.

Then open system restore up again and choose a restore point when you think the touchpad and keyboard were working and restore the system to that date. If that doesn't work then undo the restore and choose an earlier restore point.

If you don't know how to create the new restore point or how to restore the computer to an earlier date, let me know.
  • 0

Advertisements


#11
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Haven't been able to get the touchpad to work again since that last step. It is disabled prior to the login screen now.
I have tried all the steps a couple of times now and can only get the keyboard loaded.
I also have the DOS error message back without the wireless mouse plugged in.
Sigh.
Going to proceed with the restore process. I'll be back... hopefully.
:bashhead:
  • 0

#12
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Okay, so the restore process was a bust. But I do have the touchpad and keyboard both working at the moment. Going to create a new restore point now while they are still operable. I downloaded the Alps driver from the Dell site and saved it to the desktop, but I did not install it yet. Will wait to hear from you.
  • 0

#13
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Thanks for the update. Hopefully the system restore point restored functionality to the touchpad and keyboard. If not we will deal with it. But right now, since you restored the computer to an earlier time I need a new OTL.txt log to see what changes were made to the system.


Step-1.

Posted Image OTL Scan

Please re-open Posted Image on the desktop. To do that:
  • Vista /7 users: right click the icon and click Run as Administrator.
Make sure all other windows are closed .
  • You will see a console like the one below:

    Posted Image
  • At the top of the console, click the box beside Scan All Users.
  • Make sure the Output box at the top is set to Standard Output.
  • Click the box beside LOP Check and Purity Check
  • Click the Posted Image button. Do not change any settings unless otherwise told to do so.
  • Let the scan run uninterrupted.
  • When the scan completes, it will open OTL.Txt. This file is saved in the same location as OTL.
  • Please copy the contents of this file and paste it into your reply. To do that:
  • On the .txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
  • Right-click inside the forum post window then click Paste.This will paste the contents of the .txt file in the in the post window.

Step-2.

Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The new OTL.txt log
  • 0

#14
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
I undid the restore points I tried because it didn't fix the touchpad and I wound up not being able to connect to the internet for some reason. So the computer isn't really restored to an earlier time.
Ran the OTL for you, my version is the same as your screen shot but I don't have the tickbox for the 64bit scan.

OTL Log:

OTL logfile created on: 5/10/2013 10:36:15 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brandley\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.29 Gb Available Physical Memory | 64.63% Memory free
4.23 Gb Paging File | 3.23 Gb Available in Paging File | 76.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.08 Gb Total Space | 66.18 Gb Free Space | 29.67% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 5.10 Gb Free Space | 52.27% Space Free | Partition Type: NTFS

Computer Name: GAYLESLAP | User Name: Brandley | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/07 23:59:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brandley\Desktop\OTL.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/26 06:09:22 | 001,225,312 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2012/11/26 06:09:20 | 000,659,040 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2012/10/30 15:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/05/02 15:26:00 | 000,795,984 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DPAgent.exe
PRC - [2011/05/02 15:26:00 | 000,294,224 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe
PRC - [2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/16 19:59:22 | 000,483,428 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/03/16 19:59:20 | 000,254,042 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\stacsv.exe
PRC - [2009/03/16 19:59:18 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe
PRC - [2008/08/16 15:42:34 | 000,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2008/05/09 13:04:12 | 000,126,976 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2008/05/05 17:46:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2008/04/28 13:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2007/10/03 12:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/10/03 12:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/07/12 09:43:50 | 000,226,904 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe


========== Modules (No Company Name) ==========

MOD - [2013/02/13 05:10:19 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\86365ae159cb808d52a7e3ba2700ea6c\System.Web.ni.dll
MOD - [2013/02/13 05:07:06 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll
MOD - [2013/01/09 05:05:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll
MOD - [2013/01/09 05:04:14 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013/01/09 05:02:34 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/01/09 04:59:09 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/09 04:58:48 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2008/08/16 15:45:07 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3019.36912__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008/08/16 15:45:07 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3019.36870__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008/08/16 15:45:07 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3019.36924__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008/08/16 15:45:07 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3019.37100__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008/08/16 15:45:07 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3019.37065__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008/08/16 15:45:07 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3019.36904__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008/08/16 15:45:07 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3019.37022__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008/08/16 15:45:07 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3019.36890__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008/08/16 15:45:06 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3019.37131__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008/08/16 15:44:56 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3019.37072__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:56 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3019.37137__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:56 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3019.37079__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008/08/16 15:44:56 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3019.36884__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:56 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3019.37071__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3019.37030__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3019.36936__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,446,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3019.37015__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3019.36891__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3019.37092__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008/08/16 15:44:55 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3019.37058__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3019.36943__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2008/08/16 15:44:55 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3019.36930__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3019.37130__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3019.37044__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3019.37029__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3019.37022__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3019.37129__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3019.36942__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3019.37044__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3019.37058__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:54 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3019.37023__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008/08/16 15:44:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008/08/16 15:44:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3019.37029__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:54 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008/08/16 15:44:54 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008/08/16 15:44:54 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008/08/16 15:44:53 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2939.23763__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008/08/16 15:44:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008/08/16 15:44:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008/08/16 15:44:49 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3019.37122__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008/08/16 15:44:49 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3019.37147__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008/08/16 15:44:49 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008/08/16 15:44:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2008/08/16 15:44:49 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3019.36862__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008/08/16 15:44:48 | 001,511,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3019.36878__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008/08/16 15:44:48 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3019.36897__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008/08/16 15:44:48 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3019.36862__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008/08/16 15:44:48 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3019.37121__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008/08/16 15:44:48 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008/08/16 15:44:48 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008/08/16 15:44:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008/08/16 15:44:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008/08/16 15:44:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008/08/16 15:44:47 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3019.36863__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008/08/16 15:44:47 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3019.36861__90ba9c70f846762e\APM.Server.dll
MOD - [2008/08/16 15:44:47 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3019.36862__90ba9c70f846762e\AEM.Server.dll
MOD - [2008/08/16 15:44:47 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008/08/16 15:44:47 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3019.37122__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008/08/16 15:44:47 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008/08/16 15:44:47 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008/05/04 00:42:20 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter -- (sprtsvc_dellsupportcenter)
SRV - [2013/04/16 23:32:37 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/11 14:24:04 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/26 06:09:22 | 001,225,312 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012/11/26 06:09:20 | 000,659,040 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/05/02 15:26:00 | 000,294,224 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2010/03/04 13:00:56 | 000,025,704 | R--- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2009/03/16 19:59:20 | 000,254,042 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\stacsv.exe -- (STacSV)
SRV - [2009/03/16 19:59:18 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe -- (AESTFilters)
SRV - [2008/08/16 15:42:34 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2008/05/05 17:46:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008/04/28 13:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/01/20 18:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 12:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wdcsam.sys -- (WDC_SAM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pcdrndisuio.sys -- (PcdrNdisuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ivusb.sys -- (ivusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwmodem.sys -- (btwmodem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwhid.sys -- (btwhid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - [2012/11/20 12:00:58 | 000,027,496 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VirtualAudio.sys -- (WsAudio_Device)
DRV - [2012/10/30 15:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 15:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 15:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 15:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/10/30 15:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/30 15:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/08 19:53:56 | 000,026,080 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV - [2012/03/06 15:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)
DRV - [2010/09/08 12:20:01 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2010/09/01 00:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/03/08 10:02:58 | 000,062,496 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2009/03/16 19:59:22 | 000,398,336 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/03/08 17:06:00 | 000,280,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2009/03/06 07:30:08 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008/05/05 19:08:52 | 000,475,136 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2008/05/04 00:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008/05/04 00:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/03/11 06:24:46 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/03/10 22:42:24 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2008/03/10 22:24:46 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2008/03/10 22:24:44 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/03/10 22:24:42 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/03/10 22:22:44 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/01/20 18:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/06/18 16:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/04/03 10:43:28 | 001,131,136 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ph3xIB32.sys -- (Ph3xIB32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=2080817
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://my.msn.com/
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\SearchScopes\{8046BD4D-45D6-4CA9-AA1E-D83CFB044571}: "URL" = http://websearch.ask...79-BB6EAB3D2CE0
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-313869043-597203798-2405295701-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

========== FireFox ==========

FF - prefs.js..browser.search..defaultengine: "Yahoo"
FF - prefs.js..browser.search..defaultenginename: "Yahoo"
FF - prefs.js..browser.search..order.1: "Yahoo"
FF - prefs.js..browser.search..selectedEngine: "Yahoo"
FF - prefs.js..browser.search..selectedEngineURL: "http://fileservehome...={searchTerms}"
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngineURL: "http://fileservehome...={searchTerms}"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: pbupload%40photobucket.com:1.3.3
FF - prefs.js..extensions.enabledAddons: %7BF17C1572-C9EC-4e5c-A542-D05CBB5C5A08%7D:9.7.0.7
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7B288479BE-1B9E-11E2-80EA-F3246188709B%7D:1.1
FF - prefs.js..extensions.enabledAddons: tfdlookup%40nohup.in:2.7
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8
FF - prefs.js..extensions.enabledAddons: %7B7473b6bd-4691-4744-a82b-7854eb3d70b6%7D:10.15.0.562
FF - prefs.js..extensions.enabledAddons: %7BBAEBEF65-9289-47c5-8524-C345CC5D860D%7D:1.12
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:3.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.13
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.7.0.7
FF - prefs.js..extensions.enabledItems: [email protected]:6.0.1367
FF - prefs.js..extensions.enabledItems: {3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}:1.2.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: [email protected]:3.12.2.100009
FF - prefs.js..extensions.enabledItems: {BAEBEF65-9289-47c5-8524-C345CC5D860D}:1.9
FF - prefs.js..extensions.enabledItems: {b947750f-94cc-4d60-9f68-281d51279131}:3.8.0.8
FF - prefs.js..keyword.URL: "http://fileservehome...02ff&Keywords="
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: ""
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.type: 0

FF - user.js..keyword.URL: "http://fileservehome...02ff&Keywords="
FF - user.js..keyword.enabled: 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nbc.com/DirectPlayer: C:\Program Files\NBC Direct\npDirectPlayerMozilla.dll File not found
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brandley\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brandley\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SpeedBit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/13 20:47:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/11 20:09:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2012/05/29 17:22:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/12/12 15:24:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/11 14:24:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/11 14:23:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2011/10/28 19:52:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/13 20:47:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DigitalPersona\Bin\firefoxext [2012/05/29 17:22:28 | 000,000,000 | ---D | M]

[2010/01/05 23:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Extensions
[2013/05/10 14:18:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions
[2010/07/26 01:16:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/22 13:42:52 | 000,000,000 | ---D | M] (Xinha Here!) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{5B280457-4290-40c2-9441-EA647775F824}
[2013/03/26 23:44:39 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2013/02/24 01:16:34 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/04/16 02:32:24 | 000,322,488 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/09/14 07:22:53 | 000,025,950 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/12/18 17:36:18 | 000,053,364 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/12/18 17:36:17 | 000,002,716 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{288479BE-1B9E-11E2-80EA-F3246188709B}.xpi
[2013/04/08 00:24:05 | 000,154,271 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{BAEBEF65-9289-47c5-8524-C345CC5D860D}.xpi
[2013/05/09 01:38:13 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/03/01 02:10:58 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012/09/21 15:05:03 | 000,002,299 | ---- | M] () -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\searchplugins\askcom.xml
[2011/05/11 15:21:46 | 000,001,213 | ---- | M] () -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\searchplugins\fileserve.xml
[2013/05/10 13:24:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/12/12 15:24:44 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/10/28 19:52:48 | 000,000,000 | ---D | M] (Download Accelerator Plus (DAP) extension) -- C:\PROGRAM FILES\DAP\DAPFIREFOX
[2012/01/11 20:09:12 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013/04/11 14:24:06 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/11/19 22:17:14 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/11 15:21:45 | 000,001,213 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fileserve.xml
[2013/02/19 14:32:21 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: MyStart Search (Enabled)
CHR - default_search_provider: search_url = http://mystart.incre...6R8OrYjx9x&i=26
CHR - default_search_provider: suggest_url =
CHR - homepage: http://my.msn.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome DAP extension (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.8_0\lib/npdapchrome.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Brandley\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Angry Birds = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.14.253.3_0\
CHR - Extension: Download Accelerator Plus (DAP) = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.8_0\
CHR - Extension: Keep My Opt-Outs = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe\1.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: New tab for Chrome\u2122 = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Speed Test Analysis = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0\

O1 HOSTS File: ([2011/05/19 10:47:48 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Download Accelerator Plus Integration) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-313869043-597203798-2405295701-1000\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\S-1-5-21-313869043-597203798-2405295701-1000..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-313869043-597203798-2405295701-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.112.128.2 204.17.139.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C455C83-8DBA-41B3-A6B2-0A67DB9441EC}: DhcpNameServer = 209.112.128.2 204.17.139.2
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O24 - Desktop WallPaper: C:\Users\Brandley\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Brandley\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-313869043-597203798-2405295701-1000\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-21-313869043-597203798-2405295701-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/08 13:21:52 | 000,000,000 | ---D | C] -- C:\Users\Brandley\Desktop\50813 logs
[2013/05/08 11:37:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/05/07 23:59:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Brandley\Desktop\OTL.exe
[2013/05/04 12:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java(58)
[2013/05/04 12:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/05/04 12:54:37 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/05/04 12:54:37 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/05/04 12:54:37 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/04/15 18:56:04 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1(185)
[2013/04/15 18:56:04 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/04/11 14:23:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

========== Files - Modified Within 30 Days ==========

[2013/05/10 22:38:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/10 22:24:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-313869043-597203798-2405295701-1000UA.job
[2013/05/10 21:47:00 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2013/05/10 21:06:37 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/10 21:06:37 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/10 15:34:19 | 004,402,240 | ---- | M] () -- C:\Users\Brandley\Desktop\R191022.exe
[2013/05/10 15:06:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/10 15:06:30 | 2143,281,152 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/10 14:29:01 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/05/10 14:29:00 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/05/10 05:24:01 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-313869043-597203798-2405295701-1000Core.job
[2013/05/09 00:45:53 | 000,271,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/08 11:17:06 | 000,628,743 | ---- | M] () -- C:\Users\Brandley\Desktop\adwcleaner.exe
[2013/05/07 23:59:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brandley\Desktop\OTL.exe
[2013/05/07 23:40:29 | 000,036,864 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2013/05/04 02:18:58 | 000,039,936 | ---- | M] () -- C:\Windows\System32\umstartup000.etl
[2013/05/04 01:47:09 | 000,035,550 | ---- | M] () -- C:\Users\Brandley\Documents\cc_20130504_014702.reg
[2013/05/04 01:43:09 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/05/04 01:28:22 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/05/02 02:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/04/22 20:37:36 | 000,604,752 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/04/22 20:37:36 | 000,109,022 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/04/20 18:14:32 | 269,029,013 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/04/16 23:32:37 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/04/16 23:32:36 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/04/11 00:20:08 | 000,002,100 | ---- | M] () -- C:\Users\Brandley\Desktop\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2013/05/10 15:33:32 | 004,402,240 | ---- | C] () -- C:\Users\Brandley\Desktop\R191022.exe
[2013/05/10 14:29:01 | 000,001,831 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/05/09 00:40:14 | 2143,281,152 | -HS- | C] () -- C:\hiberfil.sys
[2013/05/08 11:17:01 | 000,628,743 | ---- | C] () -- C:\Users\Brandley\Desktop\adwcleaner.exe
[2013/05/04 01:47:05 | 000,035,550 | ---- | C] () -- C:\Users\Brandley\Documents\cc_20130504_014702.reg
[2012/06/06 13:49:33 | 000,049,091 | ---- | C] () -- C:\Users\Brandley\lorealparisargentinafb2.jpg
[2012/06/06 13:48:35 | 000,045,317 | ---- | C] () -- C:\Users\Brandley\lorealparisargentinafb.jpg
[2012/06/05 21:10:01 | 000,026,711 | ---- | C] () -- C:\Users\Brandley\P060212_2002.jpg
[2012/06/05 20:56:38 | 068,010,654 | ---- | C] () -- C:\Users\Brandley\LTT-Seattle.zip
[2012/05/11 23:18:06 | 000,000,680 | ---- | C] () -- C:\Users\Brandley\AppData\Local\d3d9caps.dat
[2012/04/22 12:59:40 | 000,068,071 | ---- | C] () -- C:\Users\Brandley\Your travel document PBORB5362355094.eml
[2011/11/17 18:24:01 | 001,174,083 | ---- | C] () -- C:\Windows\unins000.exe
[2011/11/17 18:24:01 | 000,017,783 | ---- | C] () -- C:\Windows\unins000.dat
[2011/11/11 21:42:20 | 000,000,218 | ---- | C] () -- C:\Users\Brandley\.recently-used.xbel
[2011/10/28 19:52:43 | 000,109,216 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll
[2011/10/28 19:52:43 | 000,084,480 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll
[2011/09/02 21:38:48 | 000,000,997 | ---- | C] () -- C:\Users\Brandley\index.html
[2011/09/01 22:27:49 | 000,000,118 | ---- | C] () -- C:\Users\Brandley\Cari Man up radio.m3u
[2010/05/24 12:04:56 | 000,000,145 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2009/09/01 15:47:41 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008/10/19 04:53:12 | 000,000,552 | ---- | C] () -- C:\Users\Brandley\AppData\Local\d3d8caps.dat
[2008/10/04 10:30:54 | 000,023,909 | ---- | C] () -- C:\Users\Brandley\AppData\Roaming\UserTile.png
[2008/09/04 16:30:00 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/09/02 18:21:28 | 000,049,664 | ---- | C] () -- C:\Users\Brandley\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/29 22:28:08 | 000,008,248 | ---- | C] () -- C:\Users\Brandley\AppData\Local\en.ini

========== ZeroAccess Check ==========

[2006/11/02 04:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 09:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 22:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 22:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008/09/16 02:58:24 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\aAvgApi
[2012/12/18 16:06:47 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Aimersoft Video Converter Ultimate
[2009/10/20 17:20:58 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Amazon
[2009/10/24 14:41:25 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Any Video Converter
[2013/03/15 12:50:28 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Apowersoft
[2010/12/07 02:52:42 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Ashampoo
[2010/03/22 12:39:29 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Audacity
[2011/04/28 09:10:11 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\AVG10
[2010/04/24 13:45:09 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\AVG9
[2012/12/17 01:33:30 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2010/08/16 16:18:25 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Clip Extractor
[2013/03/28 12:59:29 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\com.amazon.music.uploader
[2009/07/30 11:41:59 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\DataCast
[2012/05/29 14:43:43 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\DigitalPersona
[2012/10/20 17:27:16 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\foxyproxy
[2011/11/04 23:59:43 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\gtk-2.0
[2009/09/16 10:53:00 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\IDM
[2009/11/21 17:52:17 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\LimeWire
[2011/12/14 02:04:07 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Mobipocket
[2009/09/10 23:10:19 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\MPEG Streamclip
[2009/07/05 09:49:26 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\MusicNet
[2009/09/16 10:53:13 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\NBC Direct
[2011/11/04 22:45:51 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Participatory Culture Foundation
[2010/12/15 19:17:45 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\PCDr
[2012/10/22 17:50:48 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\PCF-VLC
[2008/10/04 10:30:53 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\PeerNetworking
[2011/01/17 21:02:20 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Philipp Winterberg
[2011/12/19 01:44:45 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Rovio
[2010/10/19 21:25:08 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\SendSpace Wizard
[2013/03/15 12:57:57 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\SpeedTestAnalysis
[2013/01/13 15:24:15 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Spotify
[2011/02/13 23:07:20 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Uniblue
[2013/05/10 14:26:44 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\uTorrent
[2011/12/23 14:47:02 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Visan
[2011/11/11 23:52:43 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Western Digital
[2010/05/24 12:05:00 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Western DigitalTemp
[2011/11/28 17:17:34 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Windows Live Writer
[2012/06/10 19:09:37 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\DigitalPersona
[2013/05/10 14:26:44 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\SendSpace Wizard

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 857 bytes -> C:\Users\Brandley\Your travel document PBORB5362355094.eml:OECustomProperty
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:CD060F93
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2B11E0DF
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:010ADD2C
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:553CA6CA
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D74B6CF5
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >
  • 0

#15
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hello,

Sorry the restore didn't resolve it. I see the touchpad driver file on the desktop. Please leave it there and we will get to it. I don't see anything else in the OTL log except some browser hijackers and toolbar rubbish. And the AdwCleaner log shows a lot more so we're gonna clean that out and run some additional scans.

You have the following Peer-to-Peer program(s) installed:

uTorrent
uTorrentControl_v2 Toolbar


GeeksToGo does not recommend using such programs, but you should read the description of Peer-to-Peer programs below before deciding for yourself.

Description of Peer-to-Peer (P2P) software.
P2P(Peer-to-Peer) may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. The program(s) may be safe, but there's no way to tell if the file being shared is infected. P2P programs, more often than not, install adware and/or spyware and worse still, some worms spread via P2P networks, infecting you as well.
Once upon a time, P2P file sharing was fairly safe. This is no longer true. P2P programs form a direct conduit inside your computer, their security measures are easily circumvented, and malware writers are increasingly exploiting them to spread their wares on to your computer. If your P2P program is not configured correctly, your computer may also be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

If you need convincing, please read these short reports on the dangers of peer-2-peer programs and file sharing. We advise removing any P2P programs you have now and avoiding this type of software application. Whether you remove them or not is your decision. But if you decide to keep and use Peer-to-Peer programs I can guarantee that you will be coming back to this forum or another malware forum. If you do choose to keep the program(s), please do not use it / them until the computer is clean and I give the all clear.

All programs, folders and files listed below in this color are optional removals, but if you uninstall the program(s) you must delete the folders and files in the corresponding colors. All programs in black are malware or viruses and must be deleted, along with the corresponding folders and files in black.

Step-1.

Optional Removals

1. Please click the Start Orb Posted Image, click Control Panel. Under the Programs heading click Uninstall a program
1. Please click Start > Control Panel > Add/Remove Programs
2. In the list of programs installed, locate the following program(s):

uTorrent
uTorrentControl_v2 Toolbar


3. (Vista/7 users: Right click each program and click Uninstall
4. After the programs have been uninstalled, close the Installed Programs window and the Control Panel.
5. Reboot the computer.

Delete the folders associated with the uninstalled programs.(Only do this if you uninstalled the program)

1. Using Windows Explorer (to get there right-click your Start button and click "Explore"), please delete the following folders(s) (if present):

C:\Program Files\utorrent
C:\Program Files\uTorrentControl_v2
C:\Users\Brandley\AppData\Roaming\uTorrent

2. Close Windows Explorer.


Step-2.

Re-run AdwCleaner

Close all open windows and browsers.

Re-open AdwCleaner
  • (Vista and 7 users) right click The adwcleaner.exe, click Run as administrator and accept the UAC prompt to run AdwCleaner.
  • Click the Delete button and wait for the scan.
    Posted Image
  • Everything that was found will be deleted.
  • When the scan ends, a report appears.
  • Once done it will ask to reboot, allow this

    Posted Image
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner[S1].txt

Step-3.

Run aswMBR
  • Download aswMBR.exe to your desktop.
  • (Windows /7 users: Right click the file and click Run as Administrator. If you get a UAC window, allow the file to run.
  • If it asks you if you want to download the latest virus definitions, click "No"
    Posted Image
  • Click the "Scan" button to start the scan
    Posted Image
  • On completion of the scan click save log. Save it to your desktop and post in your next reply.
    Posted Image
NOTE: When you run aswMBR, if it is shutdown automatically, then it is most likely the infection detecting that aswMBR is running and terminating it. In this situation you should rename the executable (aswMBR.exe) to iexplore.exe and try it again.

Step-4.

Run RogueKiller

  • Download RogueKiller.
  • Click the English Webpage link.
  • Click the 32bits (x86) download link and save the RogueKiller.exe file to the desktop.

    NOTE: If using IE8 or better Smartscreen Filter will need to be disabled
  • Quit all programs and close all browsers.
  • Right click the RogueKiller icon and click Run as Administrator to run the program.
  • Wait until Prescan has finished ...
  • Click on Scan

    Posted Image
  • Wait for the end of the scan.
  • DO NOT delete anything at this time.
  • The report has been created on the desktop.
Please post:
All RKreport.txt text files located on your desktop.
NOTE: If RogueKiller has been blocked, do not hesitate to try a few times more. If it really won't run, rename it to winlogon.exe (or winlogon.com) and try again.


Step-5.

Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. Let me know what you decided about uTorrent
2. The AdwCleaner[S1].rxr log
3. The aswMBR log
4. The RKreport.txt log
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP