Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Popups and Possible Hijacking [Solved]

Started by ihatelaptop , Feb 15 2014 04:20 PM

  • This topic is locked This topic is locked

#1
ihatelaptop
Posted 15 February 2014 - 04:20 PM

ihatelaptop

    New Member

  • Member
  • Pip
  • 5 posts
Hello!

I believe my computer has been hijacked. I have a lot of popups and I my browser reroutes me to ad sites at random times. Mozilla displays an unwanted sidebar with more ads. I will include some of the URL's. I haven't been to Geeks2Go in a long while. Last time I was here, Malwarebytes was recommended and I got used to it. I ran it and some popups seemed to have stopped but there are still plenty. The active detection tells me some malicious processes are still attempting to run. I'll post OTL logs and I have the Malwarebytes in case you would like to see those. I appreciate your time. Thank you!


A few popup URLs:
http://avcomand.com/...irusremoval.php
http://www.mypcbackup.com/app-signup
http://www.stayathom...nglish-speaking


MalwareBytes alerts to IP addresses:
162.210.192.22
162.210.192.26

Firefox_Screenshot_2014-02-15T21-53-19.569Z.png



OTL Log:


OTL logfile created on: 2/15/2014 1:19:09 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jamie\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 1.77 Gb Available Physical Memory | 45.32% Memory free
7.81 Gb Paging File | 5.46 Gb Available in Paging File | 69.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.50 Gb Total Space | 378.33 Gb Free Space | 83.98% Space Free | Partition Type: NTFS

Computer Name: JAMIE-PC | User Name: Jamie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/15 13:18:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jamie\Desktop\OTL.exe
PRC - [2014/02/06 10:45:57 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/02/06 05:54:13 | 001,863,048 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
PRC - [2014/01/13 07:27:10 | 000,220,992 | ---- | M] (Examsoft Worldwide Inc.) -- C:\Program Files (x86)\ExamSoft\SofTest 11.0\Examsoft.SoftShield.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/10/04 11:51:57 | 000,123,320 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCULaunchSvc.exe
PRC - [2011/02/03 11:50:10 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
PRC - [2010/12/25 15:05:54 | 001,716,144 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\widimon\widimon.exe
PRC - [2010/12/20 17:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 17:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2014/02/06 10:45:57 | 003,583,600 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/02/06 05:54:13 | 016,287,624 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/01/15 16:42:12 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/04/07 12:59:32 | 000,294,328 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2011/04/05 18:38:16 | 000,828,336 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2011/01/05 12:41:38 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/01/05 12:28:50 | 000,340,240 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/01/05 12:26:56 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010/12/24 19:14:38 | 000,526,848 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2010/12/09 16:45:26 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/12/08 14:42:54 | 000,137,632 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2010/10/20 13:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014/02/06 10:45:57 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/02/06 05:54:14 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/13 07:27:10 | 000,033,600 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\ExamSoft\SofTest 11.0\Examsoft.ShieldRunner.exe -- (SoftShieldService)
SRV - [2013/10/08 04:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe -- (N360)
SRV - [2013/10/08 04:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe -- (EraserSvc11312)
SRV - [2013/07/01 09:55:40 | 000,032,808 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/10/04 11:51:57 | 000,123,320 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2011/02/03 11:50:10 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2010/12/20 17:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/20 17:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/29 13:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/10/22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/09/26 19:18:30 | 001,147,480 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013/09/26 18:27:54 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/09/26 18:26:03 | 000,858,200 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/09/25 19:28:00 | 000,590,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/09/25 18:50:25 | 000,162,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/07/31 19:19:50 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symds64.sys -- (SymDS)
DRV:64bit: - [2013/07/30 20:13:30 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/07/30 19:44:44 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/04/25 11:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/04/04 19:10:14 | 012,262,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 09:11:34 | 000,350,328 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/02/10 13:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/02/10 13:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/01/24 12:56:00 | 000,100,352 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdxc64.sys -- (risdxc)
DRV:64bit: - [2011/01/12 16:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/01/04 10:29:00 | 008,507,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010/12/25 09:25:54 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/12/02 08:49:08 | 000,315,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2010/11/20 19:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 19:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 00:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/03/12 17:21:52 | 000,097,280 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2009/07/30 19:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 11:25:14 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 15:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/29 15:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/29 09:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009/06/24 14:36:48 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009/06/22 16:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 18:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2014/01/25 07:34:52 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20140214.016\ex64.sys -- (NAVEX15)
DRV - [2014/01/25 07:34:52 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/01/25 07:34:52 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20140214.016\eng64.sys -- (NAVENG)
DRV - [2014/01/24 17:55:04 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\IPSDefs\20140214.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/12/17 16:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\BASHDefs\20140121.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/12/05 02:07:38 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {664053CA-39A2-4317-8FEF-95080885FA06}
IE:64bit: - HKLM\..\SearchScopes\{664053CA-39A2-4317-8FEF-95080885FA06}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c} - C:\Program Files (x86)\Vafmusic6\prxtbVafm.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {C0867A40-0E39-4AC3-8528-94673840C198}
IE - HKLM\..\SearchScopes\{E13719D0-C185-4007-AEE1-CC6CDDDCA254}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/g/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sweetpack...?barid=&src=10
IE - HKCU\..\URLSearchHook: {5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c} - C:\Program Files (x86)\Vafmusic6\prxtbVafm.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...B71EFC909&SSPV=
IE - HKCU\..\SearchScopes\{5A3A22BA-9772-4B0F-B179-F7F0C4BB278B}: "URL" = http://search.condui...6762561524&UM=2
IE - HKCU\..\SearchScopes\{A318DCFD-BDBA-4B4C-B0AA-A3D2CFE0866D}: "URL" = http://www.google.co...1I7TSNF_enUS455
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se...t=kwd&qsrc=2869
IE - HKCU\..\SearchScopes\{C0867A40-0E39-4AC3-8528-94673840C198}: "URL" = http://search.condui...5481645885&UM=2
IE - HKCU\..\SearchScopes\{E13719D0-C185-4007-AEE1-CC6CDDDCA254}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://mysearch.swee...hTerms}&barid=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Vafmusic6 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledAddons: ext%40VideoPlayerV3beta9816.net:1.1
FF - prefs.js..extensions.enabledAddons: %7B2ecad685-1644-4a6c-a1ca-055e8d6442fb%7D:1.0.0
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:12.0.5.3%20-%201
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/08/12 14:05:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\coFFPlgn\ [2014/02/09 16:43:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\IPSFF [2013/10/11 06:24:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Better-Surf\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta9816\ff [2014/01/13 07:17:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/08/12 14:05:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/09/15 12:40:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jamie\AppData\Roaming\Mozilla\Extensions
[2014/02/03 22:03:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\extensions
[2014/02/03 22:03:49 | 000,010,272 | ---- | M] () (No name found) -- C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\extensions\{2ecad685-1644-4a6c-a1ca-055e8d6442fb}.xpi
[2013/09/17 16:32:56 | 000,002,115 | ---- | M] () -- C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\searchplugins\MyStart Search.xml
[2013/09/15 15:02:24 | 000,002,494 | ---- | M] () -- C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\searchplugins\safesearch.xml
[2014/02/10 10:45:58 | 000,001,585 | ---- | M] () -- C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\searchplugins\Sweetpacks Search.xml
[2013/09/15 14:53:19 | 000,001,094 | ---- | M] () -- C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\searchplugins\sweetpacks-customized-web-search.xml
[2014/02/06 10:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/02/06 10:45:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/01/13 07:17:21 | 000,000,000 | ---D | M] (Video Player) -- C:\PROGRAM FILES (X86)\VIDEOPLAYERV3\VIDEOPLAYERV3BETA9816\FF
[2013/10/11 06:24:54 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\IPSFF

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcflghienkmcnpmekjlacamcmlgkkffj\1.0.0_0\
CHR - Extension: No name found = C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddfnpkbmbneeohdilkfjloiegfbpoigh\1.1_0\
CHR - Extension: No name found = C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\
CHR - Extension: No name found = C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh\1_0\
CHR - Extension: No name found = C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.5.1.4_0\
CHR - Extension: No name found = C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.0.27_0\
CHR - Extension: No name found = C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\
CHR - Extension: No name found = C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\
CHR - Extension: No name found = C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: No name found = C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\
CHR - Extension: No name found = C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: No name found = C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0\

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (TrustedShopper) - {BBE09607-D9BF-4B2E-88C2-C8D5DF7A7D37} - C:\Program Files (x86)\SqueakyChocolate\TrustedShopper\adxloader64.dll ()
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Vafmusic6 Toolbar) - {5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c} - C:\Program Files (x86)\Vafmusic6\prxtbVafm.dll (Conduit Ltd.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (TrustedShopper) - {BBE09607-D9BF-4B2E-88C2-C8D5DF7A7D37} - C:\Program Files (x86)\SqueakyChocolate\TrustedShopper\adxloader.dll ()
O2 - BHO: (KeyBar 1.14 Toolbar) - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Vafmusic6 Toolbar) - {5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c} - C:\Program Files (x86)\Vafmusic6\prxtbVafm.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (KeyBar 1.14 Toolbar) - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vafmusic6 Toolbar) - {5A94BC06-D1EB-4C2B-BAD7-58F33CA4B85C} - C:\Program Files (x86)\Vafmusic6\prxtbVafm.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (KeyBar 1.14 Toolbar) - {DA51D4F6-3E7E-4EF8-B400-9198E0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe (Toshiba)
O4 - HKLM..\Run: [TOSDCR] C:\Program Files (x86)\Toshiba\PasswordUtility\TOSDCR.exe ()
O4 - HKLM..\Run: [ToshibaAppPlace] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe (Toshiba)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3901736A-3E39-42F0-9710-CA4CC3D349D2}: DhcpNameServer = 10.2.1.32 10.2.2.32
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6823085E-1747-415C-A4CC-A3F87E24A859}: DhcpNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/15 13:18:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jamie\Desktop\OTL.exe
[2014/02/15 12:31:40 | 000,000,000 | ---D | C] -- C:\Users\Jamie\AppData\Roaming\Malwarebytes
[2014/02/15 12:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/02/15 12:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/02/15 12:31:01 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014/02/15 12:31:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/02/13 16:26:29 | 000,000,000 | ---D | C] -- C:\Users\Jamie\Desktop\Certificate_files
[2014/02/12 21:08:35 | 000,000,000 | ---D | C] -- C:\Users\Jamie\Desktop\ICU 2
[2014/02/12 17:56:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2014/02/12 17:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2014/02/06 10:45:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/01/30 09:56:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaPlayerV1
[2014/01/25 19:13:16 | 000,000,000 | ---D | C] -- C:\Users\Jamie\AppData\Roaming\SearchProtect
[2014/01/25 19:12:43 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\SearchProtect
[2014/01/19 12:20:19 | 000,000,000 | ---D | C] -- C:\Users\Jamie\Desktop\Research
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/02/15 13:18:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jamie\Desktop\OTL.exe
[2014/02/15 13:03:45 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/15 12:57:39 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/15 12:57:39 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/15 12:54:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/02/15 12:49:26 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/15 12:49:14 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/02/15 12:49:04 | 3145,273,344 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/15 12:31:06 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/13 17:45:11 | 000,778,834 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/02/13 17:45:11 | 000,660,318 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/02/13 17:45:11 | 000,121,214 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/02/13 16:26:31 | 000,031,694 | ---- | M] () -- C:\Users\Jamie\Desktop\Certificate.htm
[2014/02/12 17:56:06 | 000,001,942 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/02/12 17:56:04 | 000,001,942 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2014/01/30 09:56:14 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/02/15 12:31:05 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/13 16:26:29 | 000,031,694 | ---- | C] () -- C:\Users\Jamie\Desktop\Certificate.htm
[2014/01/30 09:56:10 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/09/10 17:45:40 | 000,773,050 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/08/12 14:00:11 | 000,197,212 | ---- | C] () -- C:\windows\hpoins30.dat
[2012/08/12 14:00:11 | 000,000,587 | ---- | C] () -- C:\windows\hpomdl30.dat

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/10/26 14:02:00 | 000,000,000 | ---D | M] -- C:\Users\Jamie\AppData\Roaming\Book Place
[2013/05/20 14:38:39 | 000,000,000 | ---D | M] -- C:\Users\Jamie\AppData\Roaming\PCCUStubInstaller
[2014/01/25 19:13:16 | 000,000,000 | ---D | M] -- C:\Users\Jamie\AppData\Roaming\SearchProtect
[2011/12/21 16:27:56 | 000,000,000 | ---D | M] -- C:\Users\Jamie\AppData\Roaming\Tific
[2012/08/11 13:03:25 | 000,000,000 | ---D | M] -- C:\Users\Jamie\AppData\Roaming\Toshiba
[2013/10/04 21:37:28 | 000,000,000 | --http://-D | M] -- C:\Users\Jamie\AppData\Roaming\TrustedShopper
[2011/10/26 13:47:52 | 000,000,000 | ---D | M] -- C:\Users\Jamie\AppData\Roaming\WinBatch

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >


OTL Extras Log:

OTL Extras logfile created on: 2/15/2014 1:19:09 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jamie\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 1.77 Gb Available Physical Memory | 45.32% Memory free
7.81 Gb Paging File | 5.46 Gb Available in Paging File | 69.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.50 Gb Total Space | 378.33 Gb Free Space | 83.98% Space Free | Partition Type: NTFS

Computer Name: JAMIE-PC | User Name: Jamie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{18F22A4F-2700-4C65-BCE4-C142F2542626}" = rport=445 | protocol=6 | dir=out | app=system |
"{27BA80BC-55F0-4D30-A2AE-D2EBD089E16F}" = rport=137 | protocol=17 | dir=out | app=system |
"{381A48FA-C875-4A2C-99E1-1713C32D3BE7}" = lport=139 | protocol=6 | dir=in | app=system |
"{418A18C3-39E0-4D90-AE13-008BF8EAAAB5}" = lport=138 | protocol=17 | dir=in | app=system |
"{6842CC01-A863-412C-B77C-703559B5B277}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8471EAF6-D40E-44BD-970E-022E9E1A08C5}" = rport=139 | protocol=6 | dir=out | app=system |
"{9E77C483-0060-442E-A350-3E430989CDD1}" = rport=138 | protocol=17 | dir=out | app=system |
"{BCAF77EA-FCE0-4580-835D-0EEA0AA14CDF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C5A0341F-4649-4A39-BA9B-52A32C7D7AA8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CEAC9A1C-7299-4B52-B595-FB54F2EF0364}" = lport=137 | protocol=17 | dir=in | app=system |
"{CFED9A24-9A9F-495C-8835-CF03FF0FEE12}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{E1A2ED6E-8E0A-48E4-B6F2-1F2E42D8B4FA}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13EEE199-FC9F-4400-83CF-0A1FED7B8A16}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{1DA71852-F614-4CD0-9B77-F59E6C8AD531}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{41241DC6-FE00-4BC0-BBBE-4E48E41675B7}" = protocol=58 | dir=out | [email protected],-28546 |
"{48208F00-0836-4197-BE90-2A7208F13556}" = protocol=6 | dir=in | app=c:\users\jamie\appdata\local\temp\imsetup.exe |
"{4AE20028-FC9F-4F07-A2F9-E1A19A2F7993}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{572C1429-E89B-4B32-894E-47B5148E1F60}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{633DC20E-C192-4B96-822E-7749C18DEC9E}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{645EDB6E-2047-4F18-896B-BCF965806A0C}" = protocol=1 | dir=in | [email protected],-28543 |
"{78C04B1A-E479-4699-B659-1FAA85DFA1BF}" = protocol=17 | dir=in | app=c:\users\jamie\appdata\local\temp\imsetup.exe |
"{8159E48E-1A57-4177-AFD6-230DA7B16630}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{89064FFF-1725-41DA-9DEF-CCB37BC98178}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{97F74357-9D4F-4CAD-A374-AA315D864EF4}" = protocol=58 | dir=in | [email protected],-28545 |
"{A3067599-E930-4E27-95EA-4D572E332962}" = protocol=6 | dir=in | app=c:\users\jamie\appdata\local\temp\sweetimsetup_20130903.exe |
"{B15C4BB1-C113-4ACB-989E-890BB62D651C}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{C4DD4A10-C6FD-42E3-9119-B738BC7AC12A}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{CE1DFFD4-9A08-4143-A82C-CE817B67FF86}" = protocol=1 | dir=out | [email protected],-28544 |
"{E35F3460-9D88-45B0-B318-348657769996}" = protocol=17 | dir=in | app=c:\users\jamie\appdata\local\temp\sweetimsetup_20130903.exe |
"{E4DF443C-2FCE-48AE-82FB-16B54D0F8C3E}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{FE0E858B-B3F8-4DD3-B86A-C3D2806E98C8}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series" = Canon MX410 series MP Drivers
"{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}" = Intel® PROSet/Wireless WiFi Software
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel® Wireless Display
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6FF9A012-0254-41E9-81E2-F538C4B53611}" = TOSHIBA eco Utility
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{AA6F009F-0CCD-4DD6-A462-28419C101D54}" = HP Photosmart C4500 All-In-One Driver Software 13.0 Rel. 4
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}" = WinZip 17.5
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"LemurLeap" = LemurLeap 3.0.0
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MyPC Backup" = MyPC Backup
"ProInst" = Intel PROSet Wireless
"PROSet" = Intel® Network Connections Drivers
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25D37956-9582-4829-8AFF-984C17FF9A29}" = TrustedShopper
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}" = Amazon Links
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3BAD6116-45F1-4F5D-991F-64294D7053CC}" = e-Racer Locked Browser
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5BA99779-6E12-49EF-BE49-F35B1EDB4DF9}" = TOSHIBA Wireless LAN Indicator
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{617773AE-ADBA-4479-BB04-65FE7758B35C}" = TOSHIBA Wireless Display Monitor
"{626663EE-B9E6-4982-995F-02C31E84F8FC}" = Intel® Wireless Display
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{654F7484-88C5-46DC-AB32-C66BCB0E2102}" = TOSHIBA Sleep Utility
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}" = TOSHIBA Resolution+ Plug-in for Windows Media Player
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games)
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DC11D9A-6DCD-4064-8363-63914A0122AB}" = C4500
"{A0979256-E9CE-41B1-982F-2EFDDDD1BEC5}" = SofTest 11.0
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}" = Toshiba Book Place
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7A4F26F-F9B0-41B2-8659-99181108CDE3}" = TOSHIBA Media Controller
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF408B76-8698-4298-B549-5E6A94931B64}" = PS_AIO_04_C4500_Software_Min
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}" = VAFPlayer
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}" = Toshiba App Place
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH Media Driver v2.13.17.01
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Cisco Connect" = Cisco Connect
"DMUninstaller" = DMUninstaller
"Google Chrome" = Google Chrome
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Lightspark" = Lightspark 0.5.3-git
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MediaPlayerV1alpha813" = Media Player
"Medical-Surgical Nursing Made Incredibly Easy" = Medical-Surgical Nursing Made Incredibly Easy
"Mozilla Firefox 27.0 (x86 en-US)" = Mozilla Firefox 27.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton 360
"NIS" = Norton Internet Security
"NortonPCCheckup" = Toshiba Laptop Checkup
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Video Player" = Video Player
"WildTangent toshiba Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WsysControl" = Wsys Control 10.2.1.2634
"WTA-0f1289e8-3b57-4eda-a0be-0c5776bb6c08" = Polar Bowler
"WTA-67f5e1ae-32b2-475a-bb5c-fd5941f3e984" = FATE - The Traitor Soul
"WTA-690e0eab-f597-417a-9488-bff0ab4bbc85" = Zuma's Revenge
"WTA-70dede03-4562-420b-8f7b-b7b44b6b4637" = Bejeweled 3
"WTA-7da2f389-b1cd-4172-a8cd-b7a43ff72f00" = Chuzzle Deluxe
"WTA-9ab0babb-4c40-4f37-80a2-cd7814ac8864" = Penguins!
"WTA-b30d674b-2f77-46de-9a39-87594b657269" = Tom Clancy's Splinter Cell
"WTA-c4373b4a-cd00-4f11-be59-e8c3e6da48ec" = Plants vs. Zombies - Game of the Year
"WTA-d60b5f4e-5073-4b7c-b9cc-6f8d8ea69e78" = Jewel Quest: The Sleepless Star - Collector's Edition

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Define Ext" = Define Ext

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2/6/2014 10:38:30 AM | Computer Name = Jamie-PC | Source = Toshiba App Place | ID = 0
Description =

Error - 2/6/2014 3:41:17 PM | Computer Name = Jamie-PC | Source = Toshiba App Place | ID = 0
Description =

Error - 2/6/2014 3:41:35 PM | Computer Name = Jamie-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/8/2014 2:53:23 PM | Computer Name = Jamie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: cltmngui.exe, version: 2.9.65.0, time stamp:
0x52ef703f Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp:
0x4ce7b96f Exception code: 0xc0000005 Fault offset: 0x00039342 Faulting process id:
0x16bc Faulting application start time: 0x01cf237433d2d8fa Faulting application path:
C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe Faulting module path: C:\windows\syswow64\ole32.dll
Report
Id: 48d32d46-90f2-11e3-a984-e89d8742b229

Error - 2/10/2014 2:45:29 PM | Computer Name = Jamie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: deskSvc.exe, version: 1.14.20.8091, time
stamp: 0x52247f8a Faulting module name: ole32.dll, version: 6.1.7601.17514, time
stamp: 0x4ce7b96f Exception code: 0xc0000005 Fault offset: 0x00039342 Faulting process
id: 0x518 Faulting application start time: 0x01cf2373519ec694 Faulting application
path: C:\Program Files (x86)\Desk 365\deskSvc.exe Faulting module path: C:\windows\syswow64\ole32.dll
Report
Id: 831f70b9-9283-11e3-a984-e89d8742b229

Error - 2/10/2014 2:45:39 PM | Computer Name = Jamie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: dmwu.exe, version: 4.0.8.8, time stamp:
0x525d0463 Faulting module name: ole32.DLL, version: 6.1.7601.17514, time stamp:
0x4ce7c92c Exception code: 0xc0000096 Fault offset: 0x0000000000182948 Faulting process
id: 0xf30 Faulting application start time: 0x01cf237361cfcd43 Faulting application
path: C:\windows\system32\dmwu.exe Faulting module path: C:\windows\system32\ole32.DLL
Report
Id: 88b1c2cb-9283-11e3-a984-e89d8742b229

Error - 2/10/2014 2:45:39 PM | Computer Name = Jamie-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program dmwu.exe because of this error. Program: dmwu.exe File: The error
value is listed in the Additional Data section. User Action 1. Open the file again.
This
situation might be a temporary problem that corrects itself when the program runs
again. 2. If the file still cannot be accessed and - It is on the network, your network
administrator should verify that there is not a problem with the network and that
the server can be contacted. - It is on a removable disk, for example, a floppy
disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check
and repair the file system by running CHKDSK. To run CHKDSK, click Start, click
Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then
press ENTER. 4. If the problem persists, restore the file from a backup copy. 5.
Determine whether other files on the same disk can be opened. If not, the disk might
be damaged. If it is a hard disk, contact your administrator or computer hardware
vendor for further assistance. Additional Data Error value: 00000000 Disk type: 0

Error - 2/13/2014 7:20:24 PM | Computer Name = Jamie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: cltmngui.exe, version: 2.10.20.64, time
stamp: 0x52f38d32 Faulting module name: ole32.dll, version: 6.1.7601.17514, time
stamp: 0x4ce7b96f Exception code: 0xc0000005 Fault offset: 0x00039342 Faulting process
id: 0x221c Faulting application start time: 0x01cf28e7e1da2a5b Faulting application
path: C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe Faulting module path: C:\windows\syswow64\ole32.dll
Report
Id: 69bbb79e-9505-11e3-a984-e89d8742b229

Error - 2/15/2014 4:50:10 PM | Computer Name = Jamie-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/15/2014 4:50:38 PM | Computer Name = Jamie-PC | Source = Toshiba App Place | ID = 0
Description =

[ Media Center Events ]
Error - 8/10/2012 1:15:18 AM | Computer Name = Jamie-PC | Source = MCUpdate | ID = 0
Description = 10:15:15 PM - Error connecting to the internet. 10:15:15 PM - Unable
to contact server..

Error - 8/10/2012 10:48:13 PM | Computer Name = Jamie-PC | Source = MCUpdate | ID = 0
Description = 7:48:13 PM - Error connecting to the internet. 7:48:13 PM - Unable
to contact server..

Error - 8/11/2012 4:57:05 PM | Computer Name = Jamie-PC | Source = MCUpdate | ID = 0
Description = 1:57:05 PM - Error connecting to the internet. 1:57:05 PM - Unable
to contact server..

Error - 8/11/2012 7:05:03 PM | Computer Name = Jamie-PC | Source = MCUpdate | ID = 0
Description = 4:05:03 PM - Error connecting to the internet. 4:05:03 PM - Unable
to contact server..

Error - 4/11/2013 5:43:36 PM | Computer Name = Jamie-PC | Source = MCUpdate | ID = 0
Description = 2:37:25 PM - Failed to retrieve Directory (Error: The request was
aborted: The request was canceled.)

Error - 7/11/2013 2:49:12 PM | Computer Name = Jamie-PC | Source = MCUpdate | ID = 0
Description = 11:48:56 AM - Error connecting to the internet. 11:48:56 AM - Unable
to contact server..

[ System Events ]
Error - 4/20/2013 11:05:17 AM | Computer Name = Jamie-PC | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network. The IP address
of the computer that sent the message is in the data. Use nbtstat -n in a command
window to see which name is in the Conflict state.

Error - 4/20/2013 11:13:55 AM | Computer Name = Jamie-PC | Source = bowser | ID = 8003
Description =

Error - 4/20/2013 11:21:52 AM | Computer Name = Jamie-PC | Source = bowser | ID = 8003
Description =

Error - 4/20/2013 11:49:39 AM | Computer Name = Jamie-PC | Source = bowser | ID = 8003
Description =

Error - 4/21/2013 9:29:12 PM | Computer Name = Jamie-PC | Source = Service Control Manager | ID = 7000
Description = The Norton Internet Security service failed to start due to the following
error: %%2

Error - 4/24/2013 8:59:10 AM | Computer Name = Jamie-PC | Source = Service Control Manager | ID = 7023
Description = The Google Update Service (gupdate) service terminated with the following
error: %%-2147467243

Error - 4/24/2013 8:59:10 AM | Computer Name = Jamie-PC | Source = Service Control Manager | ID = 7031
Description = The Google Software Updater service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 900000 milliseconds:
Restart the service.

Error - 4/24/2013 8:59:39 AM | Computer Name = Jamie-PC | Source = DCOM | ID = 10010
Description =

Error - 4/24/2013 8:59:40 AM | Computer Name = Jamie-PC | Source = DCOM | ID = 10010
Description =

Error - 4/26/2013 4:18:23 PM | Computer Name = Jamie-PC | Source = DCOM | ID = 10010
Description =


< End of report >

Edited by ihatelaptop, 15 February 2014 - 04:29 PM.

  • 0

Advertisements

#2
Essexboy
Posted 15 February 2014 - 04:39 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there we have shedloads to remove

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:Commands
[CREATERESTOREPOINT]


:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c} - C:\Program Files (x86)\Vafmusic6\prxtbVafm.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {C0867A40-0E39-4AC3-8528-94673840C198}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sweetpack...?barid=&src=10
IE - HKCU\..\URLSearchHook: {5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c} - C:\Program Files (x86)\Vafmusic6\prxtbVafm.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...B71EFC909&SSPV=
IE - HKCU\..\SearchScopes\{5A3A22BA-9772-4B0F-B179-F7F0C4BB278B}: "URL" = http://search.condui...6762561524&UM=2
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://mysearch.swee...hTerms}&barid=
FF - prefs.js..browser.search.defaultthis.engineName: "Vafmusic6 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3302999&CUI=UN34204856104472129&UM=2&SearchSource=3&q={searchTerms}"
FF - prefs.js..extensions.enabledAddons: ext%40VideoPlayerV3beta9816.net:1.1
FF - prefs.js..extensions.enabledAddons: %7B2ecad685-1644-4a6c-a1ca-055e8d6442fb%7D:1.0.0
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Better-Surf\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta9816\ff [2014/01/13 07:17:21 | 000,000,000 | ---D | M]
[2014/02/03 22:03:49 | 000,010,272 | ---- | M] () (No name found) -- C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\extensions\{2ecad685-1644-4a6c-a1ca-055e8d6442fb}.xpi
[2013/09/17 16:32:56 | 000,002,115 | ---- | M] () -- C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\searchplugins\MyStart Search.xml
[2013/09/15 15:02:24 | 000,002,494 | ---- | M] () -- C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\searchplugins\safesearch.xml
[2014/02/10 10:45:58 | 000,001,585 | ---- | M] () -- C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\searchplugins\Sweetpacks Search.xml
[2013/09/15 14:53:19 | 000,001,094 | ---- | M] () -- C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\searchplugins\sweetpacks-customized-web-search.xml
[2014/01/13 07:17:21 | 000,000,000 | ---D | M] (Video Player) -- C:\PROGRAM FILES (X86)\VIDEOPLAYERV3\VIDEOPLAYERV3BETA9816\FF
O2:64bit: - BHO: (TrustedShopper) - {BBE09607-D9BF-4B2E-88C2-C8D5DF7A7D37} - C:\Program Files (x86)\SqueakyChocolate\TrustedShopper\adxloader64.dll ()
O2 - BHO: (Vafmusic6 Toolbar) - {5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c} - C:\Program Files (x86)\Vafmusic6\prxtbVafm.dll (Conduit Ltd.)
O2 - BHO: (TrustedShopper) - {BBE09607-D9BF-4B2E-88C2-C8D5DF7A7D37} - C:\Program Files (x86)\SqueakyChocolate\TrustedShopper\adxloader.dll ()
O2 - BHO: (KeyBar 1.14 Toolbar) - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Vafmusic6 Toolbar) - {5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c} - C:\Program Files (x86)\Vafmusic6\prxtbVafm.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (KeyBar 1.14 Toolbar) - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Vafmusic6 Toolbar) - {5A94BC06-D1EB-4C2B-BAD7-58F33CA4B85C} - C:\Program Files (x86)\Vafmusic6\prxtbVafm.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (KeyBar 1.14 Toolbar) - {DA51D4F6-3E7E-4EF8-B400-9198E0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKeyB.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [] File not found
O4 - Startup: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - File not found
[2014/01/30 09:56:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaPlayerV1
[2014/01/25 19:13:16 | 000,000,000 | ---D | C] -- C:\Users\Jamie\AppData\Roaming\SearchProtect
[2014/01/25 19:12:43 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\SearchProtect
[2014/01/25 19:13:16 | 000,000,000 | ---D | M] -- C:\Users\Jamie\AppData\Roaming\SearchProtect
[2013/10/04 21:37:28 | 000,000,000 | --http://-D | M] -- C:\Users\Jamie\AppData\Roaming\TrustedShopper

:Files
 C:\Users\Jamie\AppData\Local\Google
 C:\Program Files (x86)\SqueakyChocolate
C:\Program Files (x86)\KeyBar_1.14

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#3
ihatelaptop
Posted 19 February 2014 - 03:48 AM

ihatelaptop

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Hey there. OK I did everything you said to do in your previous message. Everything was working fine until the adwcleaner finished what it was doing. Now my computer will not connect to my wireless internet like it would before hand. My friend was with me before but had to go back home which is far away so he is not here to help me anymore. I dont know what to do. before he left he "restored" my computer back to before I did the OTL run like you said to do, to see if that would work and it did not. It keeps telling me "the remote device or resource wont accept the connection," and "firefox is configured to use a proxy server that is refusing connections," and the last message said "the device or resource (www.microsoft.com) is not set up to accept connections on port 'the world wide web service (HTTP)." I have also tried hooking up to the ethernet cable and it still will not connect. My router is on and running fine. I am not sure what happened. Do you have any way to help me fix this? thank you so much for your time and help.

I am not sure if this will help but my norton was trying to run a scan and this is what it said:
Norton 360
21.1.0.18
Error: 3039, 65559
Windows 7 Home Premium
7601.18247.amd64fre.win7sp1_gdr.130828-1532
Norton Autofix Results: 4 item(s)
Internet Connectivity :: Failed
Installation :: Failed
LiveUpdate :: Failed - Server Not Found
AntiVirus Definitions :: Failed - Server Not Found

Edited by ihatelaptop, 19 February 2014 - 03:51 AM.

  • 0

#4
Essexboy
Posted 19 February 2014 - 07:42 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK first we will check the net connections then could you post the AdwCleaner log so that I can see what it did

Please download MiniToolBox, save it to your desktop and run it.
[img width=337 height=425]https://dl.dropbox.com/u/73555776/minitoolbox.JPG[/img]
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  • 0

#5
ihatelaptop
Posted 20 February 2014 - 02:14 PM

ihatelaptop

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Ok my internet started working like 24 hours later. Idk what was wrong but it started working again so i redid everything from the OTL and adwcleaner that you wanted me to do. here is the log from OTL:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c}\ deleted successfully.
C:\Program Files (x86)\Vafmusic6\prxtbVafm.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{da51d4f6-3e7e-4ef8-b400-9198e0874606} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{da51d4f6-3e7e-4ef8-b400-9198e0874606}\ deleted successfully.
C:\Program Files (x86)\KeyBar_1.14\prxtbKeyB.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c}\ not found.
File C:\Program Files (x86)\Vafmusic6\prxtbVafm.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{da51d4f6-3e7e-4ef8-b400-9198e0874606} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{da51d4f6-3e7e-4ef8-b400-9198e0874606}\ not found.
File C:\Program Files (x86)\KeyBar_1.14\prxtbKeyB.dll not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5A3A22BA-9772-4B0F-B179-F7F0C4BB278B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5A3A22BA-9772-4B0F-B179-F7F0C4BB278B}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Prefs.js: "Vafmusic6 Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.condui...={searchTerms}" removed from browser.search.defaulturl
Prefs.js: ext%40VideoPlayerV3beta9816.net:1.1 removed from extensions.enabledAddons
Prefs.js: %7B2ecad685-1644-4a6c-a1ca-055e8d6442fb%7D:1.0.0 removed from extensions.enabledAddons
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected] deleted successfully.
File C:\Program Files (x86)\Better-Surf\ff not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected] deleted successfully.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta9816\ff\chrome\content folder moved successfully.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta9816\ff\chrome folder moved successfully.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta9816\ff folder moved successfully.
File C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\extensions\{2ecad685-1644-4a6c-a1ca-055e8d6442fb}.xpi not found.
File C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\searchplugins\MyStart Search.xml not found.
C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\searchplugins\safesearch.xml moved successfully.
File C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\searchplugins\Sweetpacks Search.xml not found.
File C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\searchplugins\sweetpacks-customized-web-search.xml not found.
Folder C:\PROGRAM FILES (X86)\VIDEOPLAYERV3\VIDEOPLAYERV3BETA9816\FF\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBE09607-D9BF-4B2E-88C2-C8D5DF7A7D37}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BBE09607-D9BF-4B2E-88C2-C8D5DF7A7D37}\ deleted successfully.
C:\Program Files (x86)\SqueakyChocolate\TrustedShopper\adxloader64.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c}\ not found.
File C:\Program Files (x86)\Vafmusic6\prxtbVafm.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBE09607-D9BF-4B2E-88C2-C8D5DF7A7D37}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BBE09607-D9BF-4B2E-88C2-C8D5DF7A7D37}\ deleted successfully.
C:\Program Files (x86)\SqueakyChocolate\TrustedShopper\adxloader.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da51d4f6-3e7e-4ef8-b400-9198e0874606}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{da51d4f6-3e7e-4ef8-b400-9198e0874606}\ not found.
File C:\Program Files (x86)\KeyBar_1.14\prxtbKeyB.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a94bc06-d1eb-4c2b-bad7-58f33ca4b85c}\ not found.
File C:\Program Files (x86)\Vafmusic6\prxtbVafm.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{da51d4f6-3e7e-4ef8-b400-9198e0874606} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{da51d4f6-3e7e-4ef8-b400-9198e0874606}\ not found.
File C:\Program Files (x86)\KeyBar_1.14\prxtbKeyB.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5A94BC06-D1EB-4C2B-BAD7-58F33CA4B85C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5A94BC06-D1EB-4C2B-BAD7-58F33CA4B85C}\ not found.
File C:\Program Files (x86)\Vafmusic6\prxtbVafm.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DA51D4F6-3E7E-4EF8-B400-9198E0874606} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DA51D4F6-3E7E-4EF8-B400-9198E0874606}\ not found.
File C:\Program Files (x86)\KeyBar_1.14\prxtbKeyB.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk moved successfully.
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll deleted successfully.
Folder C:\Program Files (x86)\MediaPlayerV1\ not found.
Folder C:\Users\Jamie\AppData\Roaming\SearchProtect\ not found.
Folder C:\windows\SysWow64\SearchProtect\ not found.
Folder C:\Users\Jamie\AppData\Roaming\SearchProtect\ not found.
C:\Users\Jamie\AppData\Roaming\TrustedShopper folder moved successfully.
========== FILES ==========
C:\Users\Jamie\AppData\Local\Google\Toolbar DNS data folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Toolbar Cache\7.5.4805.320\en folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Toolbar Cache\7.5.4805.320 folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Toolbar Cache folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Toolbar folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Custom Buttons\Enterprise folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Custom Buttons folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\CrashReports folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\npffmjkglbnioaoncpfmdbmehnbcldfh folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Session Storage folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nfnglnjhhbjjkfggljifgnmdgpecgjmp folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jlnfdbbladgcmhhamgkioifhbobjaoof folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dnmlhhbehhdmajijfenoldcajelckpmn folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0 folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0 folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\i18n folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\sl folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\lib\jquery.jscrollpane folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\lib\jquery.alerts folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\lib folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\core folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\wa folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\ui\menu\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\ui\menu folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\ui\gf\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\ui\gf folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\ui\dlg folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\ui folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\sp\spsd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\sp\spbd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\sp\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\sp folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\options\js\resources folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\options\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\options folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\msd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\api folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\ac\res folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\ac folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\aboutBox\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al\aboutBox folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb\al folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\tb folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\Search\plugins folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\Search\NewTabPages\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\Search\NewTabPages\img folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\Search\NewTabPages\API folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\Search\NewTabPages folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\Search\html folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\Search folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\plugins folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\js\toolbarAPI folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\js\lib folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.20.1.508_0 folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\sl folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\lib\jquery.jscrollpane folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\lib\jquery.alerts folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\lib folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\core folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\wa folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\ui\menu\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\ui\menu folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\ui\gf\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\ui\gf folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\ui\dlg folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\ui folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\sp\spsd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\sp\spbd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\sp\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\sp folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\options\js\resources folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\options\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\options folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\msd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\api folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\ac\res folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\ac folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\aboutBox\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al\aboutBox folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb\al folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\tb folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\Search\plugins folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\Search\NewTabPages\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\Search\NewTabPages\img folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\Search\NewTabPages\API folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\Search\NewTabPages folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\Search\html folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\Search folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\plugins folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\js\toolbarAPI folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\js\lib folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp\10.19.2.5_0 folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnglnjhhbjjkfggljifgnmdgpecgjmp folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.0.27_0\RedirectPages folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.0.27_0 folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.5.1.4_0\RedirectPages folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.5.1.4_0 folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh\1_0 folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\sl folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\lib\jquery.jscrollpane folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\lib\jquery.alerts folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\lib folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\core folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\wa folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\ui\menu\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\ui\menu folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\ui\gf\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\ui\gf folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\ui\dlg folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\ui folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\sp\spsd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\sp\spbd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\sp\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\sp folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\options\js\resources folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\options\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\options folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\msd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\api folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\ac\res folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\ac folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\aboutBox\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al\aboutBox folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb\al folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\tb folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\Search\plugins folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\Search\NewTabPages\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\Search\NewTabPages\img folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\Search\NewTabPages\API folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\Search\NewTabPages folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\Search\html folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\Search folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\plugins folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\js\toolbarAPI folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\js\lib folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.20.1.508_0 folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\sl folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\lib\jquery.jscrollpane folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\lib\jquery.alerts folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\lib folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\core folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\wa folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\ui\menu\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\ui\menu folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\ui\gf\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\ui\gf folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\ui\dlg folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\ui folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\sp\spsd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\sp\spbd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\sp\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\sp folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\options\js\resources folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\options\js folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\options folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\msd folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\api folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\ac\res folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al\ac folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb\al folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0\tb folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn\10.19.2.5_0 folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmlhhbehhdmajijfenoldcajelckpmn folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddfnpkbmbneeohdilkfjloiegfbpoigh\1.1_0 folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddfnpkbmbneeohdilkfjloiegfbpoigh folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcflghienkmcnpmekjlacamcmlgkkffj\1.0.0_0 folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcflghienkmcnpmekjlacamcmlgkkffj folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extension State folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extension Rules folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome\User Data folder moved successfully.
C:\Users\Jamie\AppData\Local\Google\Chrome folder moved successfully.
C:\Users\Jamie\AppData\Local\Google folder moved successfully.
C:\Program Files (x86)\SqueakyChocolate\TrustedShopper folder moved successfully.
C:\Program Files (x86)\SqueakyChocolate folder moved successfully.
C:\Program Files (x86)\KeyBar_1.14 folder moved successfully.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 53632 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jamie
->Temp folder emptied: 2560893 bytes
->Temporary Internet Files folder emptied: 3041434 bytes
->FireFox cache emptied: 18624636 bytes
->Flash cache emptied: 54210 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1846644 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 4174 bytes

Total Files Cleaned = 25.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02202014_114538

Files\Folders moved on Reboot...
File move failed. C:\Users\Jamie\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
File\Folder C:\Users\Jamie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\D969FA08.jpeg not found!
File move failed. C:\Users\Jamie\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



And here is the log from the Adwcleaner:

# AdwCleaner v3.019 - Report created 18/02/2014 at 18:02:59
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jamie - JAMIE-PC
# Running from : C:\Users\Jamie\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

# AdwCleaner v3.019 - Report created 20/02/2014 at 12:06:34
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jamie - JAMIE-PC
# Running from : C:\Users\Jamie\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : BackupStack

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\VideoPlayerV3
Folder Deleted : C:\Program Files (x86)\Vafmusic6
Folder Deleted : C:\windows\SysWOW64\ARFC
Folder Deleted : C:\windows\SysWOW64\jmdp
Folder Deleted : C:\windows\System32\ljkb
Folder Deleted : C:\Users\Jamie\AppData\Local\DefineExt
Folder Deleted : C:\Users\Jamie\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Jamie\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jamie\AppData\LocalLow\KeyBar_1.14
Folder Deleted : C:\Users\Jamie\AppData\LocalLow\Vafmusic6
Folder Deleted : C:\Users\Jamie\AppData\Roaming\pccustubinstaller
Folder Deleted : C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
File Deleted : C:\windows\System32\dmwu.exe
File Deleted : C:\windows\System32\ImhxxpComm.dll
File Deleted : C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\invalidprefs.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
File Deleted : C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\user.js
File Deleted : C:\windows\System32\Tasks\Desk 365 RunAsStdUser

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3291327
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3302999
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7A4CC00F-474B-4E6C-9B78-EF07E28BF8C2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63FBA139-A84F-43A8-94BA-AE36682FB1B6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA51D4F6-3E7E-4EF8-B400-9198E0874606}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7A4CC00F-474B-4E6C-9B78-EF07E28BF8C2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5A94BC06-D1EB-4C2B-BAD7-58F33CA4B85C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{63FBA139-A84F-43A8-94BA-AE36682FB1B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DA51D4F6-3E7E-4EF8-B400-9198E0874606}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5A94BC06-D1EB-4C2B-BAD7-58F33CA4B85C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7A4CC00F-474B-4E6C-9B78-EF07E28BF8C2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63FBA139-A84F-43A8-94BA-AE36682FB1B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7FD5476-FE6A-4785-BC91-095BC6B44881}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34D1F26E-6594-477D-AD0B-D690111B4A51}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A498F39C-3D85-4513-ACFF-CB3D86B8EA27}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{381A7E6C-0E7C-4A83-8F0D-AB8127EA9D11}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Popajar
Key Deleted : HKCU\Software\tuguu sl
Key Deleted : HKCU\Software\KeyBar_1.14
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\KeyBar_1.14
Key Deleted : HKCU\Software\AppDataLow\Software\Vafmusic6
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Desksvc
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\KeyBar_1.14
Key Deleted : HKLM\Software\Vafmusic6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WsysControl
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\wnlt
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Deleted : HKLM\Software\Classes\Installer\Features\0C776EBEBCBCFBE408892EE7B12517FC
Key Deleted : HKLM\Software\Classes\Installer\Products\0C776EBEBCBCFBE408892EE7B12517FC

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\9bgj6nv9.default\prefs.js ]

Line Deleted : user_pref("CT3291327_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1379285586950,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3302999_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1379286122005,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3310511_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1379285587042,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3310511&octid=CT3310511&SearchSource=61&CUI=UN26788563773152630&UM=2&UP=SP55C60AAA-3509-42EB-84BC-BA2B71EFC909");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3291327&SearchSource=2&CUI=UN26223303574762216&UM=2&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3310511");
Line Deleted : user_pref("smartbar.machineId", "OPSQTHOQNEXUPVWPWH6KWZGQJ4S2CVP92SWP/NM3WAU9EVLQEPMSD6AFCQ/SZWE1KFNILLR4WLOU3WEO/J3Y0G");

*************************

AdwCleaner[R0].txt - [19155 octets] - [18/02/2014 18:02:18]
AdwCleaner[R1].txt - [10387 octets] - [18/02/2014 18:31:20]
AdwCleaner[S0].txt - [8706 octets] - [18/02/2014 18:02:59]
AdwCleaner[S1].txt - [10295 octets] - [18/02/2014 18:32:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8827 octets] ##########


So far it looks like my computer is running great again. Thank you so much for your time and your help. I reallllly appreciate it!!!! :)
  • 0

#6
Essexboy
Posted 20 February 2014 - 02:18 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK now a scan for orphans I feel. Let me know of any problems on completion

Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Attach the entire report in your next reply.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
  • 0

#7
ihatelaptop
Posted 20 February 2014 - 09:48 PM

ihatelaptop

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
I ran that scan and it never said anything about restarting my computer, and that there was nothing to be removed. here is the log entry:

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.21.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Jamie :: JAMIE-PC [administrator]

Protection: Enabled

2/20/2014 7:39:39 PM
mbam-log-2014-02-20 (19-39-39).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 212413
Time elapsed: 5 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#8
Essexboy
Posted 21 February 2014 - 06:56 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Is all working well now ? Any problems
  • 0

#9
ihatelaptop
Posted 21 February 2014 - 12:43 PM

ihatelaptop

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Yep seems to be working like normal. I have not noticed any problems. Again thank you so much :)
  • 0

#10
Essexboy
Posted 21 February 2014 - 12:51 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
In that case methinks I will send you on your merry way :)

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Download and run Delfix

Posted Image


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

Posted Image

Malwarebytes.

Update and run weekly to keep your system clean


It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0

#11
Essexboy
Posted 22 February 2014 - 01:41 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP