Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Computer Running Slowly

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Computer Running Slowly

Unread postby knowlze » September 15th, 2012, 6:10 am

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Domsfriend at 22:08:10 on 2012-09-15
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.64.1033.18.4094.2112 [GMT 12:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Folding@HomeCPU\1\Fah.exe
C:\Folding@HomeCPU\2\Fah.exe
C:\Folding@HomeCPU\3\Fah.exe
C:\Folding@HomeCPU\4\Fah.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Folding@HomeCPU\1\FahCore_a4.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Folding@HomeCPU\2\FahCore_a4.exe
C:\Folding@HomeCPU\3\FahCore_a4.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Windows\System32\tgbstarter.exe
C:\Program Files (x86)\Tunngle\TnglCtrl.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
C:\Folding@HomeCPU\4\FahCore_a4.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Users\Domsfriend\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Domsfriend\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Akamai NetSession Interface] "C:\Users\Domsfriend\AppData\Local\Akamai\netsession_win.exe"
uRun: [Dxtory Update Checker 2.0] C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe
uRun: [Facebook Update] "C:\Users\Domsfriend\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} - hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab
DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} - hxxps://battlefield.play4free.com/stati ... 0.66.2.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{87FE5EC8-E1BB-4BBE-AE1A-A6661AE14C0F} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B49F06C4-4DA9-40B2-BD37-361797E674FF} : DhcpNameServer = 178.32.51.4 76.73.18.50
TCP: Interfaces\{E0A255E7-D6BA-4087-BABB-906270D77759} : NameServer = 208.67.222.222
TCP: Interfaces\{E0A255E7-D6BA-4087-BABB-906270D77759} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{E0A255E7-D6BA-4087-BABB-906270D77759}\2545141303235375D2839313336373 : NameServer = 208.67.222.222
TCP: Interfaces\{E0A255E7-D6BA-4087-BABB-906270D77759}\2545141303235375D2839313336373 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{E9A12D39-CC55-4AE8-8E37-5D3E00A2D5F8} : DhcpNameServer = 178.32.51.4 76.73.18.50
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\SysWow64\DreamScene.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
mRun-x64: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun-x64: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
IE-X64: {A0EF4604-467A-424C-B942-E17D28BD78D9} - C:\Microgaming\Casino\YukonGold\casinogame.exe
STS-X64: Windows DreamScene: {E31004D1-A431-41B8-826F-E902F9D95C81} - %SystemRoot%\SysWow64\DreamScene.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/406
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&app ... 06&sr=0&q=
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 ndistgb;TheGreenBow NDIS filter driver;C:\Windows\system32\DRIVERS\ndistgb.sys --> C:\Windows\system32\DRIVERS\ndistgb.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-14 20992]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 Folding@home-CPU-[1];Folding@home-CPU-[1];C:\Folding@HomeCPU\1\Fah.exe -svcstart -d "C:\Folding@HomeCPU\1" --> C:\Folding@HomeCPU\1\Fah.exe -svcstart -d C:\Folding@HomeCPU\1 [?]
R2 Folding@home-CPU-[2];Folding@home-CPU-[2];C:\Folding@HomeCPU\2\Fah.exe -svcstart -d "C:\Folding@HomeCPU\2" --> C:\Folding@HomeCPU\2\Fah.exe -svcstart -d C:\Folding@HomeCPU\2 [?]
R2 Folding@home-CPU-[3];Folding@home-CPU-[3];C:\Folding@HomeCPU\3\Fah.exe -svcstart -d "C:\Folding@HomeCPU\3" --> C:\Folding@HomeCPU\3\Fah.exe -svcstart -d C:\Folding@HomeCPU\3 [?]
R2 Folding@home-CPU-[4];Folding@home-CPU-[4];C:\Folding@HomeCPU\4\Fah.exe -svcstart -d "C:\Folding@HomeCPU\4" --> C:\Folding@HomeCPU\4\Fah.exe -svcstart -d C:\Folding@HomeCPU\4 [?]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-8-29 2369960]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-5-25 1262400]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-8-13 3064000]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-8-31 2358656]
R2 TgbIke Starter;TgbIke Starter;C:\Windows\System32\tgbstarter.exe --> C:\Windows\System32\tgbstarter.exe [?]
R2 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2011-10-5 745832]
R3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\system32\DRIVERS\tap0901t.sys --> C:\Windows\system32\DRIVERS\tap0901t.sys [?]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-8 250056]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
S3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr7364.sys --> C:\Windows\system32\DRIVERS\netr7364.sys [?]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?]
S3 WatAdminSvc;WatAdminSvc;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-09-15 06:26:25 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A06287A4-5031-406F-9117-4A60E630B432}\offreg.dll
2012-09-11 03:31:19 -------- d-----w- C:\_OTL
2012-09-10 09:19:16 -------- d-sh--w- C:\$RECYCLE.BIN
2012-09-10 08:56:34 98816 ----a-w- C:\Windows\sed.exe
2012-09-10 08:56:34 518144 ----a-w- C:\Windows\SWREG.exe
2012-09-10 08:56:34 256000 ----a-w- C:\Windows\PEV.exe
2012-09-10 08:56:34 208896 ----a-w- C:\Windows\MBR.exe
2012-09-08 08:13:04 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-09-08 04:25:33 -------- d-----r- C:\Program Files (x86)\Skype
2012-09-08 03:22:11 -------- d-----w- C:\FRST
2012-09-07 10:23:16 -------- d-----w- C:\Users\Domsfriend\AppData\Local\Facebook
2012-09-01 06:34:44 2388992 ----a-w- C:\Windows\explorer_edit_w7sbc.exe
2012-09-01 06:34:44 2388992 ----a-w- C:\Windows\explorer_backup_w7sbc.exe
2012-09-01 06:34:44 -------- d-----w- C:\Windows\W7SBC
2012-09-01 06:28:27 2755072 ----a-w- C:\Windows\SysWow64\themeui.dll.backup
2012-09-01 06:28:26 245760 ----a-w- C:\Windows\SysWow64\uxtheme.dll.backup
2012-09-01 06:28:26 1842688 ----a-w- C:\Windows\System32\ExplorerFrame_backup_wti.dll
2012-09-01 06:28:26 15181312 ----a-w- C:\Windows\System32\shell32_backup_wti.dll
2012-09-01 06:28:25 898560 ----a-w- C:\Windows\System32\OobeFldr_backup_wti.dll
2012-09-01 06:28:25 3208192 ----a-w- C:\Windows\explorer_backup_wti.exe
2012-09-01 06:28:23 151608 ----a-w- C:\Windows\UTP.exe
2012-09-01 06:16:53 -------- d-----w- C:\Program Files\Theme Resource Changer
2012-08-31 10:06:09 -------- d-----w- C:\Program Files (x86)\HUD RED
2012-08-31 09:47:53 -------- d-----w- C:\Users\Domsfriend\AppData\Local\Korbin_Bickel
2012-08-31 09:47:08 -------- d-----w- C:\Program Files (x86)\Theme Manager
2012-08-31 09:40:23 44544 ----a-w- C:\Windows\System32\themeservice.dll.backup
2012-08-31 09:40:21 2851328 ----a-w- C:\Windows\System32\themeui.dll.backup
2012-08-31 09:40:18 332288 ----a-w- C:\Windows\System32\uxtheme.dll.backup
2012-08-31 00:32:21 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2012-08-27 06:55:20 -------- d-----w- C:\Users\Domsfriend\AppData\Local\NBGI
2012-08-25 22:56:53 -------- d-----w- C:\Program Files (x86)\PrivitizeVPN
2012-08-22 10:22:09 -------- d-----w- C:\Ubisoft
2012-08-22 10:20:10 -------- d-----w- C:\Users\Domsfriend\AppData\Local\Apps
2012-08-22 10:20:09 -------- d-----w- C:\Users\Domsfriend\AppData\Local\Deployment
.
==================== Find3M ====================
.
2012-09-07 23:55:37 282696 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-09-07 23:55:37 282696 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-09-01 06:28:27 2755072 ----a-w- C:\Windows\SysWow64\themeui.dll
2012-09-01 06:28:26 245760 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2012-08-31 09:40:23 44544 ----a-w- C:\Windows\System32\themeservice.dll
2012-08-31 09:40:21 2851328 ----a-w- C:\Windows\System32\themeui.dll
2012-08-31 09:40:19 332288 ----a-w- C:\Windows\System32\uxtheme.dll
2012-08-28 09:37:11 281120 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-08-21 09:13:13 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-08-21 09:13:12 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-08-21 09:13:12 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-08-21 09:12:33 41224 ----a-w- C:\Windows\avastSS.scr
2012-08-15 11:02:59 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 11:02:59 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-18 04:38:03 2048 ----a-w- C:\Windows\SysWow64\winver.exe
2012-07-18 04:38:02 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2012-07-18 04:37:59 410624 ----a-w- C:\Windows\SysWow64\systemcpl.dll
2012-07-18 04:37:56 1536 ----a-w- C:\Windows\SysWow64\sppcomapi.dll
2012-07-18 04:37:54 113543 ----a-w- C:\Windows\SysWow64\slmgr.vbs
2012-07-18 04:37:54 113543 ----a-w- C:\Windows\System32\slmgr.vbs
2012-06-28 08:23:50 476976 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-06-28 08:23:46 472880 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-05-29 08:31:50 3993600 ----a-w- C:\Program Files (x86)\GUT7D7E.tmp
2012-04-04 08:24:43 11986 ----a-w- C:\Program Files (x86)\layout.bin
2012-04-04 08:21:44 587200 ----a-w- C:\Program Files (x86)\ISSetup.dll
2012-04-03 05:58:08 3146312 ----a-w- C:\Program Files (x86)\pbsvc_blr.exe
2012-02-22 11:12:54 8525240 ----a-w- C:\Program Files (x86)\Blacklight Retribution.exe
2012-02-20 06:59:36 125892 ----a-w- C:\Program Files (x86)\config.bin
2011-09-21 03:42:24 4216840 ----a-w- C:\Program Files (x86)\vcredist_x86.exe
2011-03-29 23:40:34 517976 ----a-w- C:\Program Files (x86)\DXSETUP.exe
2011-03-29 23:40:32 95576 ----a-w- C:\Program Files (x86)\DSETUP.dll
2011-03-29 23:40:32 1566040 ----a-w- C:\Program Files (x86)\dsetup32.dll
.
============= FINISH: 22:08:50.10 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 12/02/2011 7:02:42 p.m.
System Uptime: 15/09/2012 6:25:53 p.m. (4 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M4A78LT-M-LE
Processor: AMD Phenom(tm) II X4 955 Processor | AM3 | 3200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 351.351 GiB free.
D: is CDROM (CDFS)
E: is CDROM ()
F: is CDROM ()
G: is CDROM ()
H: is CDROM ()
I: is CDROM ()
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Device ID: PCI\VEN_1969&DEV_1063&SUBSYS_83FE1043&REV_C0\4&1441FE03&0&0030
Manufacturer: Atheros
Name: Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
PNP Device ID: PCI\VEN_1969&DEV_1063&SUBSYS_83FE1043&REV_C0\4&1441FE03&0&0030
Service: L1C
.
==== System Restore Points ===================
.
RP328: 11/09/2012 3:31:37 p.m. - OTL Restore Point - 11/09/2012 3:31:30 p.m.
RP329: 11/09/2012 3:42:22 p.m. - OTL Restore Point - 11/09/2012 3:42:16 p.m.
RP330: 11/09/2012 9:15:24 p.m. - Removed J2SE Runtime Environment 5.0 Update 5
RP331: 11/09/2012 9:16:46 p.m. - Removed Java(TM) 6 Update 33
RP332: 11/09/2012 9:18:54 p.m. - Removed IObit Toolbar v6.2.
RP333: 11/09/2012 10:51:30 p.m. - OTL Restore Point - 11/09/2012 10:51:26 p.m.
.
==== Installed Programs ======================
.
.
Update for Microsoft Office 2007 (KB2508958)
ɱ³öÖØΧ3ÈËÀà¸ïÃü
Acrobat.com
Adobe AIR
Adobe Community Help
Adobe Content Viewer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS
Adobe Reader 9.5.2
Adobe Story
Adobe Widget Browser
Akamai NetSession Interface
Akamai NetSession Interface Service
Aliens vs. Predator
Amazon Kindle
Any to Icon
APB Reloaded
Apple Application Support
Apple Software Update
ArcaniA - Gothic 4 Patch
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Audiosurf
avast! Free Antivirus
AVIConverter 2.1
AVS Update Manager 1.0
AVS Video Converter 7
AVS4YOU Software Navigator 1.4
Babylon toolbar on IE
BabylonObjectInstaller
Battlefield 3™
Battlefield Play4Free
Battlelog Web Plugins
Blacklight Retribution
Chief Architect Premier X3
Combat Arms
DAEMON Tools Lite
DAEMON Tools Toolbar
Dark Souls
Dawn of War - Soulstorm
DeskScapes
Desktop Icon Position Saver (64-bit)
DivX Setup
DOOM II: Hell on Earth
Dxtory version 2.0.118
Endless Space
EPU-4 Engine
ESN Sonar
Facebook Video Calling 1.2.0.159
Fallout Mod Manager 0.13.21
FFOLKES 2142 Unlocks mod v1.01
FLV Downloader
Game Booster 3
Ghost Recon Future Soldier
Google Chrome
Heavy Weapon Deluxe
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
JDownloader
Jewel Quest
LogMeIn Hamachi
Lost Planet 2
Magic ISO Maker v5.5 (build 0281)
Majesty 2: The Fantasy Kingdom Sim
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Expression Blend 3 SDK
Microsoft Expression Blend 4
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Expression Design 4
Microsoft Expression Encoder 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Expression Studio 4
Microsoft Expression Web 4
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Minecraft Beta Cracked
MinecraftCrack
Mount&Blade
Mount&Blade Warband
Mozilla Firefox 7.0.1 (x86 en-US)
NBA 2K12
Nexon Game Manager
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Oblivion
OpenAL
Opera 12.02
OPERATION7
Orcs Must Die
Orcs Must Die!
Origin
PassGen
Platform
PowerISO
PrivitizeVPN
PunkBuster Services
PxMergeModule
QuickTime
RAR Password Recovery v1.1 RC16 (remove only)
Rockstar Games Social Club
Savage 2 - A Tortured Soul
SearchCore for Browsers
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SHIFT 2 UNLEASHED™
Skype Click to Call
Skype™ 5.10
Sleeping Dogs version 1.4
Star Wars: The Old Republic
Steam
Super Monday Night Combat
System Requirements Lab
TeamViewer 6
TES Construction Set
The Witcher 2
TheGreenBow IPSec VPN Client
Theme Manager
Torus
Tune Sweeper
Tunngle beta
Ubisoft Game Launcher
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office OneNote 2007 (KB980729)
VC80CRTRedist - 8.0.50727.6195
VIA Platform Device Manager
ViewSonic Monitor Drivers
Vikingr 0.84
VLC media player 1.1.11
WinRAR 4.00 (32-bit)
WolfTeam
WPF Toolkit February 2010 (Version 3.5.50211.1)
Xfire (remove only)
YourFileDownloader
YouTube Downloader 3.5
YTD Toolbar v6.2
Yukon Gold
.
==== Event Viewer Messages From Past Week ========
.
9/09/2012 8:37:37 p.m., Error: Ntfs [137] - The default transaction resource manager on volume E: encountered a non-retryable error and could not start. The data contains the error code.
9/09/2012 8:37:37 p.m., Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3.
9/09/2012 8:37:11 p.m., Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.0.3 with the system having network hardware address 00-A1-B0-EB-D0-8F. Network operations on this system may be disrupted as a result.
9/09/2012 4:25:09 p.m., Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
8/09/2012 6:18:53 a.m., Error: Service Control Manager [7023] - The SPP Notification Service service terminated with the following error: Access is denied.
8/09/2012 3:27:21 p.m., Error: Service Control Manager [7038] - The WerSvc service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
8/09/2012 12:56:53 a.m., Error: Ntfs [137] - The default transaction resource manager on volume J: encountered a non-retryable error and could not start. The data contains the error code.
15/09/2012 9:32:26 p.m., Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {88F5E7B2-09B9-471E-895A-25247585905C} and APPID Unavailable to the user LINCOLN-PC\UpdatusUser SID (S-1-5-21-3630749389-2258371352-599158283-1004) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
15/09/2012 6:26:21 p.m., Error: Service Control Manager [7023] - The IP Helper service terminated with the following error: The specified module could not be found.
11/09/2012 10:50:20 p.m., Error: Service Control Manager [7034] - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s).
11/09/2012 10:15:17 p.m., Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
11/09/2012 10:14:42 p.m., Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TunngleService service to connect.
11/09/2012 10:14:42 p.m., Error: Service Control Manager [7000] - The TunngleService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/09/2012 9:25:43 p.m., Error: Service Control Manager [7022] - The Windows Update service hung on starting.
10/09/2012 9:22:56 p.m., Error: Service Control Manager [7022] - The NVIDIA Update Service Daemon service hung on starting.
10/09/2012 9:18:46 p.m., Error: Service Control Manager [7034] - The Folding@home-CPU-[4] service terminated unexpectedly. It has done this 1 time(s).
10/09/2012 9:18:46 p.m., Error: Service Control Manager [7034] - The Folding@home-CPU-[3] service terminated unexpectedly. It has done this 1 time(s).
10/09/2012 9:18:46 p.m., Error: Service Control Manager [7034] - The Folding@home-CPU-[2] service terminated unexpectedly. It has done this 1 time(s).
10/09/2012 9:18:46 p.m., Error: Service Control Manager [7034] - The Folding@home-CPU-[1] service terminated unexpectedly. It has done this 1 time(s).
10/09/2012 9:18:31 p.m., Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.
10/09/2012 9:16:29 p.m., Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/09/2012 9:16:28 p.m., Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
10/09/2012 9:10:28 p.m., Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
10/09/2012 8:55:38 p.m., Error: Service Control Manager [7031] - The Akamai NetSession Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
10/09/2012 8:55:37 p.m., Error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).
10/09/2012 8:52:59 p.m., Error: Service Control Manager [7000] - The UrlFilter service failed to start due to the following error: There are no more endpoints available from the endpoint mapper.
10/09/2012 8:52:23 p.m., Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
10/09/2012 8:52:23 p.m., Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
10/09/2012 8:50:48 p.m., Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
10/09/2012 8:50:43 p.m., Error: Service Control Manager [7001] - The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error: Access is denied.
10/09/2012 8:50:39 p.m., Error: Service Control Manager [7000] - The Base Filtering Engine service failed to start due to the following error: Access is denied.
10/09/2012 4:41:31 p.m., Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
.
==== End Of File ===========================
knowlze
Member+
 
Posts: 37
Joined: September 8th, 2012, 9:08 pm
Advertisement
Register to Remove

Re: Computer Running Slowly

Unread postby Cypher » September 18th, 2012, 12:10 pm

Hi and welcome back to Malware Removal Forum.
My name is Cypher, and I will be helping you with your malware problems.
This may or may not, solve other issues you have with your machine.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Remember, absence of symptoms does not mean the infection is all gone.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start



Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2


  • Right-click SystemLook.exe and select " Run as administrator " to run it.
  • Copy and paste the content of the following codebox into the main textfield:
    Code: Select all
    :filefind
    *Searchqu*
    *Babylon*
    
    :folderfind
    *Searchqu*
    *Babylon*
    
    :Regfind
    Searchqu
    Babylon
    
    
  • Click the Look button to start the scan.
    Because of the Registry searches, the scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Computer Running Slowly

Unread postby knowlze » September 18th, 2012, 6:34 pm

SystemLook 30.07.11 by jpshortstuff
Log created at 10:30 on 19/09/2012 by Domsfriend
Administrator - Elevation successful

========== filefind ==========

Searching for "*Searchqu*"
C:\Users\Domsfriend\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.searchquotes.com%2Ffavicon.png --a---- 589 bytes [13:55 18/08/2012] [13:55 18/08/2012] 5F32D061C08C568AB6EBDFD4414AF7CB
C:\Users\Domsfriend\AppData\Local\Opera\Opera\icons\www.searchquotes.com.idx --a---- 94 bytes [13:55 18/08/2012] [13:55 18/08/2012] 599217F5335E0E903C90C0B14947B3D7
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchquband.dll --a---- 449424 bytes [09:14 19/09/2011] [09:14 19/09/2011] 39ECB144372B2ED7B1B91A1E63D3F275
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll --a---- 88976 bytes [09:14 19/09/2011] [09:14 19/09/2011] AD14E447F7CED4CA987B91B379EAF952

Searching for "*Babylon*"
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\BabylonTB.xpi --a---- 48639 bytes [01:24 06/05/2012] [10:36 06/12/2011] 9C755237A70E9AE8047EA9D2A08D5B9B
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll --a---- 330240 bytes [15:05 02/08/2011] [15:05 02/08/2011] 0D3C94D4405B18DD0F5FA45C2F1E6E47
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll --a---- 539648 bytes [15:04 02/08/2011] [15:04 02/08/2011] 9E333A83F65F010BAE4B958E71775C15
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe --a---- 347648 bytes [15:06 02/08/2011] [15:06 02/08/2011] 1EABCD6054C6E728E8DA3F2321FC29D3
C:\Program Files (x86)\BestGameEver\Audiosurf\engine\AudiosurfHC\101949923 - Congorock - Babylon.mp3.ash --a---- 33588 bytes [07:50 21/03/2012] [07:50 21/03/2012] F1807F46B6A1832F9FC60CE2E865E565
C:\Users\Domsfriend\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fimg.babylon.com%2Fsite%2Fimages%2Fbabylon-8%2Fcommon%2Fimages%2Ffavicon.png --a---- 1028 bytes [23:27 20/04/2012] [23:27 20/04/2012] 0BD43713A08B2DCCEA64E9A40FCAB258
C:\Users\Domsfriend\AppData\Local\Opera\Opera\icons\www.babylon.com.idx --a---- 529 bytes [23:27 20/04/2012] [23:33 20/04/2012] 2A9EBC1E8FB374CDCA759AB1227185AA
C:\Users\Domsfriend\Desktop\Music\Music\23 - Congorock - Babylon.mp3 --a---- 6243849 bytes [22:12 11/12/2011] [22:39 11/12/2011] 4A5BA04BE6C9E82ED756D146D7BDE97F
C:\Users\Domsfriend\Desktop\Music\Music\All Songs\David Gray - Babylon.mp3 --a---- 4253709 bytes [10:37 05/07/2011] [04:52 17/06/2007] F8A8FF90317D5A1156A13C0214E59FE2
C:\Users\Domsfriend\Desktop\Music\Music\Top Songs\APB\23 - Congorock - Babylon.mp3 --a---- 6243849 bytes [06:04 12/12/2011] [22:39 11/12/2011] 4A5BA04BE6C9E82ED756D146D7BDE97F
C:\_OTL\MovedFiles\09112012_153119\C_Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\babylon_logo.png --a---- 3577 bytes [09:14 19/09/2011] [09:14 19/09/2011] 30FF3A31EDC0442F934F703C26B9F572
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll --a---- 237680 bytes [12:23 14/08/2011] [12:23 14/08/2011] 034C197E79D7233BD04BFAC1710CB988
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll --a---- 270960 bytes [12:24 14/08/2011] [12:24 14/08/2011] C471B1EEF9DF1C55B5261006CE04E11F
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\content\babylon.css --a---- 2981 bytes [09:26 27/09/2011] [09:26 27/09/2011] DAD261AA3C9200A10529A26CC9A63285
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\content\babylon.xul --a---- 10941 bytes [12:34 20/11/2011] [12:34 20/11/2011] 97BF7CBF63DFFEEC117A1A7F788D71DA
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults\preferences\babylon.js --a---- 814 bytes [01:23 06/05/2012] [06:45 27/05/2012] 3F245C585EBABA47E17D90AD05B9AF6A
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml --a---- 2355 bytes [01:23 06/05/2012] [06:45 27/05/2012] 77FA08B277C34F85E742D68AF97BFA6D
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\babylon_logo.png --a---- 3577 bytes [09:14 19/09/2011] [09:14 19/09/2011] 30FF3A31EDC0442F934F703C26B9F572
C:\_OTL\MovedFiles\09112012_225020\C_Users\Domsfriend\AppData\Local\Babylon\Setup\Babylon.dat --a---- 12848 bytes [22:56 25/08/2012] [14:03 01/04/2012] ADBB6A655AE518830BA1AFEFDB84668F
C:\_OTL\MovedFiles\09112012_225020\C_Users\Domsfriend\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx --a---- 86029 bytes [05:57 21/05/2012] [05:57 21/05/2012] 0638018613E94AAFC6FA6FFF996BB8AC

========== folderfind ==========

Searching for "*Searchqu*"
C:\_OTL\MovedFiles\09112012_153119\C_Users\Domsfriend\AppData\LocalLow\searchquband d------ [09:57 28/10/2011]
C:\_OTL\MovedFiles\09112012_153119\C_Users\Domsfriend\AppData\LocalLow\searchqutoolbar d------ [06:06 08/10/2011]
C:\_OTL\MovedFiles\09112012_153119\C_Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\searchqutoolbar d------ [06:06 08/10/2011]

Searching for "*Babylon*"
C:\Program Files (x86)\Babylon d------ [23:30 20/04/2012]
C:\Program Files (x86)\BabylonToolbar d------ [01:24 06/05/2012]
C:\Program Files (x86)\Babylon\Babylon-Pro d------ [23:30 20/04/2012]
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar d------ [01:24 06/05/2012]
C:\ProgramData\Babylon d------ [01:23 06/05/2012]
C:\Users\All Users\Babylon d------ [01:23 06/05/2012]
C:\Users\Domsfriend\AppData\LocalLow\BabylonToolbar d------ [07:59 07/05/2012]
C:\Users\Domsfriend\AppData\LocalLow\BabylonToolbar\BabylonToolbar d------ [07:59 07/05/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\BabylonToolbar d------ [10:50 11/09/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\BabylonToolbar\BabylonToolbar d------ [10:50 11/09/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com d------ [01:23 06/05/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Users\Domsfriend\AppData\Local\Babylon d------ [22:56 25/08/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Users\Domsfriend\AppData\Roaming\Babylon d------ [01:23 06/05/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Users\Domsfriend\AppData\Roaming\BabylonToolbar d------ [06:45 27/05/2012]

========== Regfind ==========

Searching for "Searchqu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"

Searching for "Babylon"
[HKEY_CURRENT_USER\Software\BabylonToolbar]
[HKEY_CURRENT_USER\Software\BabylonToolbar\BabylonToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Babylon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\BabylonHelper.EXE]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}]
@="BabylonHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd\CurVer]
@="Babylon.dskBnd.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.BabylonESrvc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.BabylonESrvc\CurVer]
@="esrv.BabylonESrvc.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.BabylonESrvc.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193]
"ProductName"="BabylonObjectInstaller"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}]
@="IBabylonIEBho"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}]
@="IBabylonFF"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\0\win32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\HELPDIR]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\0\win32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\HELPDIR]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\0\win32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll\2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\HELPDIR]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\0\win32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\HELPDIR]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\LocalServer32]
@=""C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\ProgID]
@="esrv.BabylonESrvc.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\VersionIndependentProgID]
@="esrv.BabylonESrvc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}]
@="babylonToolbar.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}\InprocServer32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}\InprocServer32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}\InprocServer32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}\InprocServer32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\BabylonHelper.EXE]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}]
@="BabylonHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\0\win32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\HELPDIR]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\0\win32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\HELPDIR]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\0\win32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll\2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\HELPDIR]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\0\win32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\HELPDIR]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Users\Domsfriend\AppData\Roaming\BabylonToolbar\Shared\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Users\Domsfriend\AppData\Roaming\BabylonToolbar\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Users\Domsfriend\AppData\Roaming\BabylonToolbar\CR\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Users\Domsfriend\AppData\Roaming\BabylonToolbar\FF\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Users\Domsfriend\AppData\Roaming\BabylonToolbar\IE\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DA5BD2D3CA2D6943A1A233CD3F88CE7]
"3192AA38321C641458DBDAF83979D193"="01:\Software\Microsoft\Babylon\BabylonChromeToolbar1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC9EFC5C3366B4DB850DAB49330C52]
"3192AA38321C641458DBDAF83979D193"="01:\Software\Microsoft\Babylon\BabylonIEToolbar1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7]
"3192AA38321C641458DBDAF83979D193"="01:\Software\Microsoft\Babylon\BabylonChromeToolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E98451C7CA808F47AFE467BDABD02FA]
"3192AA38321C641458DBDAF83979D193"="01:\Software\Microsoft\Babylon\BabylonFFToolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD11FD45FC7B9E46A8F4B69F3A66E35]
"3192AA38321C641458DBDAF83979D193"="01:\Software\Microsoft\Babylon\BabylonIEToolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5979AD63CA2D6943A1A233CD3F88CE7]
"3192AA38321C641458DBDAF83979D193"="01:\Software\Microsoft\Babylon\BabylonToolbar1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF9BD2952384A9C49B4A5D3D95329890]
"3192AA38321C641458DBDAF83979D193"="01:\Software\Microsoft\Babylon\BabylonFFToolbar1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FABA2A33488410A4AA40489BD2224282]
"3192AA38321C641458DBDAF83979D193"="01:\Software\Microsoft\Babylon\BabylonToolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193\InstallProperties]
"Publisher"="Babylon Ltd"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193\InstallProperties]
"DisplayName"="BabylonObjectInstaller"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Babylon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Babylon\Babylon Client]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
"NT_URL"="http://search.babylon.com/?affID=112555&tt=3412_3&babsrc=NT_def"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
"TB_URL"="http://search.babylon.com/?q={searchTerms}&affID=112555&tt=3412_3&babsrc=TB_def&mntrId=809c75b4000000000000687f74f75f77"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
"HP_URL"="http://search.babylon.com/home?affID=112555&tt=3412_3"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
"SP_NAME"="Search the web (Babylon)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
"SP_URL"="http://search.babylon.com/?q={searchTerms}&affID=112555&tt=3412_3&babsrc=SP_def&mntrId=809c75b4000000000000687f74f75f77"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar\Instl]
"InstallDir"="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb]
"path"="C:\Users\Domsfriend\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://search.babylon.com/?affID=112555&tt=220512_53all&babsrc=NT_ss&mntrId=809c75b4000000000000687f74f75f77"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}]
"AppName"="BabylonToolbarsrv.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}]
"AppPath"="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonTC_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonTC_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar]
"DisplayName"="Babylon toolbar on IE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar]
"UninstallString"=""C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\uninstall.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}]
"Publisher"="Babylon Ltd"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}]
"DisplayName"="BabylonObjectInstaller"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\LocalServer32]
@=""C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\ProgID]
@="esrv.BabylonESrvc.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\VersionIndependentProgID]
@="esrv.BabylonESrvc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}]
@="babylonToolbar.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}\InprocServer32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}\InprocServer32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}\InprocServer32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}\InprocServer32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\BabylonHelper.EXE]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}]
@="BabylonHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\0\win32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\HELPDIR]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\0\win32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\HELPDIR]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\0\win32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll\2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\HELPDIR]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\0\win32]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\HELPDIR]
@="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17"
[HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\BabylonToolbar]
[HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\BabylonToolbar\BabylonToolbar]
[HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Babylon]

-= EOF =-
knowlze
Member+
 
Posts: 37
Joined: September 8th, 2012, 9:08 pm

Re: Computer Running Slowly

Unread postby Cypher » September 19th, 2012, 5:30 am

Hi knowlze,

Uninstall programs
  • Click on Start.
  • All programs.
  • Accessories.
  • Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the following if present.
Babylon toolbar on IE
BabylonObjectInstaller

Next.

Please download OTL by Old Timer and save it to your Desktop.

  • Right-click OTL.exe and select " Run as administrator " to run it.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code
    Code: Select all
    :commands
    [createrestorepoint]
    
    :processes
    killallprocesses
    
    :reg
    [-HKEY_CURRENT_USER\Software\BabylonToolbar]
    [-HKEY_CURRENT_USER\Software\BabylonToolbar\BabylonToolbar]
    [-HKEY_CURRENT_USER\Software\Microsoft\Babylon]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\BabylonHelper.EXE]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd\CurVer]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd.1]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.BabylonESrvc]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.BabylonESrvc\CurVer]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.BabylonESrvc.1]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\0\win32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\HELPDIR]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\0\win32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\HELPDIR]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\0\win32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\HELPDIR]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\0\win32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\HELPDIR]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\LocalServer32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\ProgID]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\VersionIndependentProgID]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}\InprocServer32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}\InprocServer32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}\InprocServer32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}\InprocServer32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\BabylonHelper.EXE]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\0\win32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\HELPDIR]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\0\win32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\HELPDIR]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\0\win32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\HELPDIR]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\0\win32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\HELPDIR]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\Users\Domsfriend\AppData\Roaming\BabylonToolbar\Shared\"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\Users\Domsfriend\AppData\Roaming\BabylonToolbar\"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\Users\Domsfriend\AppData\Roaming\BabylonToolbar\CR\"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\Users\Domsfriend\AppData\Roaming\BabylonToolbar\\FF\"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\Users\Domsfriend\AppData\Roaming\BabylonToolbar\IE\"=-
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DA5BD2D3CA2D6943A1A233CD3F88CE7]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC9EFC5C3366B4DB850DAB49330C52]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E98451C7CA808F47AFE467BDABD02FA]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD11FD45FC7B9E46A8F4B69F3A66E35]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5979AD63CA2D6943A1A233CD3F88CE7]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF9BD2952384A9C49B4A5D3D95329890]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FABA2A33488410A4AA40489BD2224282]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193\InstallProperties]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193\InstallProperties]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Babylon]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Babylon\Babylon Client]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar\Instl]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
    "Tabs"=-
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonTC_RASAPI32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonTC_RASMANCS]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\LocalServer32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\ProgID]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\VersionIndependentProgID]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}\InprocServer32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}\InprocServer32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}\InprocServer32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}\InprocServer32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\BabylonHelper.EXE]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\0\win32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\HELPDIR]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\0\win32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\HELPDIR]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\0\win32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\HELPDIR]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\0\win32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\HELPDIR]
    [-HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\BabylonToolbar]
    [-HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\BabylonToolbar\BabylonToolbar]
    [-HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Babylon]
    
    :files
    C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\BabylonTB.xpi
    C:\Program Files (x86)\BabylonToolbar
    C:\Users\Domsfriend\AppData\Local\Opera\Opera\icons\www.babylon.com.idx 
    C:\Program Files (x86)\Babylon
    C:\ProgramData\Babylon
    C:\Users\All Users\Babylon 
    C:\Users\Domsfriend\AppData\LocalLow\BabylonToolbar 
    C:\Users\Domsfriend\AppData\LocalLow\BabylonToolbar\BabylonToolbar
    ipconfig /flushdns /c
    
    :commands
    [emptytemp]
    
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Next.

  • Right-click SystemLook.exe and select " Run as administrator " to run it.
  • Copy and paste the content of the following codebox into the main textfield:
    Code: Select all
    :filefind
    *Searchqu*
    *Babylon*
    
    :folderfind
    *Searchqu*
    *Babylon*
    
    :Regfind
    Searchqu
    Babylon
    
    
  • Click the Look button to start the scan.
    Because of the Registry searches, the scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

Logs/Information to Post in your Next Reply

  • OTL fix log.
  • SystemLook.txt.
  • Please give me an update on your computers performance.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Computer Running Slowly

Unread postby knowlze » September 19th, 2012, 6:07 am

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== PROCESSES ==========
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\BabylonToolbar\ not found.
Registry key HKEY_CURRENT_USER\Software\BabylonToolbar\BabylonToolbar\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Babylon\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\BabylonHelper.EXE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6536801B-F50C-449B-9476-093DFD3789E3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd\CurVer\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.BabylonESrvc\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.BabylonESrvc\CurVer\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.BabylonESrvc.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5F339F0B-716F-408F-A627-DEEB5DEB4020}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\0\win32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\HELPDIR\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\0\win32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\HELPDIR\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\0\win32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\HELPDIR\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\0\win32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\HELPDIR\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\LocalServer32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\ProgID\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\VersionIndependentProgID\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}\InprocServer32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}\InprocServer32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}\InprocServer32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}\InprocServer32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\BabylonHelper.EXE\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6536801B-F50C-449B-9476-093DFD3789E3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\0\win32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\HELPDIR\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\0\win32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\HELPDIR\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\0\win32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\HELPDIR\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\0\win32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\HELPDIR\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DA5BD2D3CA2D6943A1A233CD3F88CE7\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC9EFC5C3366B4DB850DAB49330C52\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E98451C7CA808F47AFE467BDABD02FA\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD11FD45FC7B9E46A8F4B69F3A66E35\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5979AD63CA2D6943A1A233CD3F88CE7\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF9BD2952384A9C49B4A5D3D95329890\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FABA2A33488410A4AA40489BD2224282\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193\InstallProperties\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193\InstallProperties\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Babylon\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Babylon\Babylon Client\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar\BabylonToolbar\Instl\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs\\Tabs deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonTC_RASAPI32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonTC_RASMANCS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83AA2913-C123-4146-85BD-AD8F93971D39}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83AA2913-C123-4146-85BD-AD8F93971D39}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\LocalServer32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\ProgID\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\VersionIndependentProgID\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}\InprocServer32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}\InprocServer32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}\InprocServer32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}\InprocServer32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\BabylonHelper.EXE\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6536801B-F50C-449B-9476-093DFD3789E3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\0\win32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}\1.0\HELPDIR\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\0\win32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\HELPDIR\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\0\win32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}\1.0\HELPDIR\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\0\win32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\HELPDIR\ not found.
Registry key HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\BabylonToolbar\ not found.
Registry key HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\BabylonToolbar\BabylonToolbar\ not found.
Registry key HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Babylon\ not found.
========== FILES ==========
File\Folder C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\BabylonTB.xpi not found.
File\Folder C:\Program Files (x86)\BabylonToolbar not found.
C:\Users\Domsfriend\AppData\Local\Opera\Opera\icons\www.babylon.com.idx moved successfully.
C:\Program Files (x86)\Babylon\Babylon-Pro\Utils folder moved successfully.
C:\Program Files (x86)\Babylon\Babylon-Pro folder moved successfully.
C:\Program Files (x86)\Babylon folder moved successfully.
C:\ProgramData\Babylon folder moved successfully.
File\Folder C:\Users\All Users\Babylon not found.
C:\Users\Domsfriend\AppData\LocalLow\BabylonToolbar\BabylonToolbar folder moved successfully.
C:\Users\Domsfriend\AppData\LocalLow\BabylonToolbar folder moved successfully.
File\Folder C:\Users\Domsfriend\AppData\LocalLow\BabylonToolbar\BabylonToolbar not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Could not flush the DNS Resolver Cache: Function failed during execution.
C:\Users\Domsfriend\Desktop\cmd.bat deleted successfully.
C:\Users\Domsfriend\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Domsfriend
->Temp folder emptied: 96444171 bytes
->Temporary Internet Files folder emptied: 13840667 bytes
->Java cache emptied: 285118 bytes
->FireFox cache emptied: 54152072 bytes
->Google Chrome cache emptied: 11080984 bytes
->Opera cache emptied: 61736917 bytes
->Flash cache emptied: 7503 bytes

User: hedev
->Temp folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 93072 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1637 bytes

Total Files Cleaned = 227.00 mb


OTL by OldTimer - Version 3.2.64.0 log created on 09192012_215959

Files\Folders moved on Reboot...
C:\Users\Domsfriend\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
knowlze
Member+
 
Posts: 37
Joined: September 8th, 2012, 9:08 pm

Re: Computer Running Slowly

Unread postby knowlze » September 19th, 2012, 6:12 am

SystemLook 30.07.11 by jpshortstuff
Log created at 22:08 on 19/09/2012 by Domsfriend
Administrator - Elevation successful

========== filefind ==========

Searching for "*Searchqu*"
C:\Users\Domsfriend\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.searchquotes.com%2Ffavicon.png --a---- 589 bytes [13:55 18/08/2012] [13:55 18/08/2012] 5F32D061C08C568AB6EBDFD4414AF7CB
C:\Users\Domsfriend\AppData\Local\Opera\Opera\icons\www.searchquotes.com.idx --a---- 94 bytes [13:55 18/08/2012] [13:55 18/08/2012] 599217F5335E0E903C90C0B14947B3D7
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchquband.dll --a---- 449424 bytes [09:14 19/09/2011] [09:14 19/09/2011] 39ECB144372B2ED7B1B91A1E63D3F275
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll --a---- 88976 bytes [09:14 19/09/2011] [09:14 19/09/2011] AD14E447F7CED4CA987B91B379EAF952

Searching for "*Babylon*"
C:\Program Files (x86)\BestGameEver\Audiosurf\engine\AudiosurfHC\101949923 - Congorock - Babylon.mp3.ash --a---- 33588 bytes [07:50 21/03/2012] [07:50 21/03/2012] F1807F46B6A1832F9FC60CE2E865E565
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults\preferences\babylon.js --a---- 834 bytes [22:44 18/09/2012] [22:44 18/09/2012] 4C7FA62E805A28E45B81AF3C5FB033E7
C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml --a---- 2360 bytes [22:44 18/09/2012] [22:44 18/09/2012] D49C515CC942D23FD791B43DB88FB71D
C:\Users\Domsfriend\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fimg.babylon.com%2Fsite%2Fimages%2Fbabylon-8%2Fcommon%2Fimages%2Ffavicon.png --a---- 1028 bytes [23:27 20/04/2012] [23:27 20/04/2012] 0BD43713A08B2DCCEA64E9A40FCAB258
C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com\content\babylon.css --a---- 2267 bytes [04:10 09/08/2012] [04:10 09/08/2012] C958E619394865F741A245D368BFD28C
C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com\content\babylon.xul --a---- 1100 bytes [09:13 23/08/2012] [09:13 23/08/2012] F2F198AFC7E1F88CBD57B2F88F9E0F92
C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\searchplugins\BabylonMngr.xml --a---- 2223 bytes [22:45 18/09/2012] [22:45 18/09/2012] 8E35A209E4DBF5DBE7B1A8C98326F42F
C:\Users\Domsfriend\Desktop\Music\Music\23 - Congorock - Babylon.mp3 --a---- 6243849 bytes [22:12 11/12/2011] [22:39 11/12/2011] 4A5BA04BE6C9E82ED756D146D7BDE97F
C:\Users\Domsfriend\Desktop\Music\Music\All Songs\David Gray - Babylon.mp3 --a---- 4253709 bytes [10:37 05/07/2011] [04:52 17/06/2007] F8A8FF90317D5A1156A13C0214E59FE2
C:\Users\Domsfriend\Desktop\Music\Music\Top Songs\APB\23 - Congorock - Babylon.mp3 --a---- 6243849 bytes [06:04 12/12/2011] [22:39 11/12/2011] 4A5BA04BE6C9E82ED756D146D7BDE97F
C:\Windows\Prefetch\BABYLONTOOLBAR4FFX.EXE-3E3859F6.pf --a---- 70208 bytes [22:44 18/09/2012] [22:44 18/09/2012] 0533F33490A4C1BBCC879C48423A8A85
C:\Windows\Prefetch\BABYLONTOOLBAR4IE.EXE-51E12220.pf --a---- 49444 bytes [22:44 18/09/2012] [22:44 18/09/2012] E0085BEE2BC95D37FB07331519E9BFAF
C:\Windows\Prefetch\BABYLONTOOLBARSRV.EXE-E086CE3F.pf --a---- 24014 bytes [22:44 18/09/2012] [09:57 19/09/2012] 512EA88305CA04B614B46C5A26FBC6BC
C:\Windows\Prefetch\MYBABYLONTB.EXE-CD21B80F.pf --a---- 51886 bytes [22:44 18/09/2012] [22:44 18/09/2012] 61BE59190623436498FE285A2235B4EA
C:\_OTL\MovedFiles\09112012_153119\C_Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\babylon_logo.png --a---- 3577 bytes [09:14 19/09/2011] [09:14 19/09/2011] 30FF3A31EDC0442F934F703C26B9F572
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll --a---- 237680 bytes [12:23 14/08/2011] [12:23 14/08/2011] 034C197E79D7233BD04BFAC1710CB988
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll --a---- 270960 bytes [12:24 14/08/2011] [12:24 14/08/2011] C471B1EEF9DF1C55B5261006CE04E11F
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\content\babylon.css --a---- 2981 bytes [09:26 27/09/2011] [09:26 27/09/2011] DAD261AA3C9200A10529A26CC9A63285
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\content\babylon.xul --a---- 10941 bytes [12:34 20/11/2011] [12:34 20/11/2011] 97BF7CBF63DFFEEC117A1A7F788D71DA
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults\preferences\babylon.js --a---- 814 bytes [01:23 06/05/2012] [06:45 27/05/2012] 3F245C585EBABA47E17D90AD05B9AF6A
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml --a---- 2355 bytes [01:23 06/05/2012] [06:45 27/05/2012] 77FA08B277C34F85E742D68AF97BFA6D
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\babylon_logo.png --a---- 3577 bytes [09:14 19/09/2011] [09:14 19/09/2011] 30FF3A31EDC0442F934F703C26B9F572
C:\_OTL\MovedFiles\09112012_225020\C_Users\Domsfriend\AppData\Local\Babylon\Setup\Babylon.dat --a---- 12848 bytes [22:56 25/08/2012] [14:03 01/04/2012] ADBB6A655AE518830BA1AFEFDB84668F
C:\_OTL\MovedFiles\09112012_225020\C_Users\Domsfriend\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx --a---- 86029 bytes [05:57 21/05/2012] [05:57 21/05/2012] 0638018613E94AAFC6FA6FFF996BB8AC
C:\_OTL\MovedFiles\09192012_215959\C_Users\Domsfriend\AppData\Local\Opera\Opera\icons\www.babylon.com.idx --a---- 529 bytes [23:27 20/04/2012] [23:33 20/04/2012] 2A9EBC1E8FB374CDCA759AB1227185AA

========== folderfind ==========

Searching for "*Searchqu*"
C:\_OTL\MovedFiles\09112012_153119\C_Users\Domsfriend\AppData\LocalLow\searchquband d------ [09:57 28/10/2011]
C:\_OTL\MovedFiles\09112012_153119\C_Users\Domsfriend\AppData\LocalLow\searchqutoolbar d------ [06:06 08/10/2011]
C:\_OTL\MovedFiles\09112012_153119\C_Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\searchqutoolbar d------ [06:06 08/10/2011]

Searching for "*Babylon*"
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com d------ [22:44 18/09/2012]
C:\Users\Domsfriend\AppData\Roaming\Babylon d------ [22:44 18/09/2012]
C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com d------ [22:44 18/09/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\BabylonToolbar d------ [10:50 11/09/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\BabylonToolbar\BabylonToolbar d------ [10:50 11/09/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com d------ [01:23 06/05/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Users\Domsfriend\AppData\Local\Babylon d------ [22:56 25/08/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Users\Domsfriend\AppData\Roaming\Babylon d------ [01:23 06/05/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Users\Domsfriend\AppData\Roaming\BabylonToolbar d------ [06:45 27/05/2012]
C:\_OTL\MovedFiles\09192012_215959\C_Program Files (x86)\Babylon d------ [23:30 20/04/2012]
C:\_OTL\MovedFiles\09192012_215959\C_Program Files (x86)\Babylon\Babylon-Pro d------ [23:30 20/04/2012]
C:\_OTL\MovedFiles\09192012_215959\C_ProgramData\Babylon d------ [01:23 06/05/2012]
C:\_OTL\MovedFiles\09192012_215959\C_Users\Domsfriend\AppData\LocalLow\BabylonToolbar d------ [07:59 07/05/2012]
C:\_OTL\MovedFiles\09192012_215959\C_Users\Domsfriend\AppData\LocalLow\BabylonToolbar\BabylonToolbar d------ [07:59 07/05/2012]

========== Regfind ==========

Searching for "Searchqu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"

Searching for "Babylon"
[HKEY_CURRENT_USER\Software\BrowserMngr]
"SEREGEXP"="^http://.*(babylon\.com)/\?(affID=|).*"
[HKEY_CURRENT_USER\Software\BrowserMngr\2.2.643.41]
"chrome_startup_urls"="http://search.babylon.com/?affID=114733&tt=120912_ccp_3812_2&babsrc=HP_ss&mntrId=809c75b4000000000000687f74f75f77"
[HKEY_CURRENT_USER\Software\BrowserMngr\2.2.643.41]
"firefox keywords"="http://search.babylon.com/?affID=114733&tt=120912_ccp_3812_2&babsrc=KW_ss&mntrId=809c75b4000000000000687f74f75f77&q="
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.babylon.com/?affID=114733&tt=120912_ccp_3812_2&babsrc=HP_ss&mntrId=809c75b4000000000000687f74f75f77"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"BrowserMngr Start Page"="http://search.babylon.com/?affID=114733&tt=120912_ccp_3812_2&babsrc=HP_ss&mntrId=809c75b4000000000000687f74f75f77"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"DisplayName"="Search the web (Babylon)"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"URL"="http://search.babylon.com/?q={searchTerms}&affID=114733&tt=120912_ccp_3812_2&babsrc=SP_ss&mntrId=809c75b4000000000000687f74f75f77"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}]
@="IBabylonIEBho"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}]
@="IBabylonFF"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BrowserMngr]
"SEREGEXP"="^http://.*(babylon\.com)/\?(affID=|).*"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{98889811-442D-49dd-99D7-DC866BE87DBC}"="Babylon Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
@="Babylon toolbar helper"
[HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\BrowserMngr]
"SEREGEXP"="^http://.*(babylon\.com)/\?(affID=|).*"
[HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\BrowserMngr\2.2.643.41]
"chrome_startup_urls"="http://search.babylon.com/?affID=114733&tt=120912_ccp_3812_2&babsrc=HP_ss&mntrId=809c75b4000000000000687f74f75f77"
[HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\BrowserMngr\2.2.643.41]
"firefox keywords"="http://search.babylon.com/?affID=114733&tt=120912_ccp_3812_2&babsrc=KW_ss&mntrId=809c75b4000000000000687f74f75f77&q="
[HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.babylon.com/?affID=114733&tt=120912_ccp_3812_2&babsrc=HP_ss&mntrId=809c75b4000000000000687f74f75f77"
[HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Internet Explorer\Main]
"BrowserMngr Start Page"="http://search.babylon.com/?affID=114733&tt=120912_ccp_3812_2&babsrc=HP_ss&mntrId=809c75b4000000000000687f74f75f77"
[HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"DisplayName"="Search the web (Babylon)"
[HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"URL"="http://search.babylon.com/?q={searchTerms}&affID=114733&tt=120912_ccp_3812_2&babsrc=SP_ss&mntrId=809c75b4000000000000687f74f75f77"

-= EOF =-
knowlze
Member+
 
Posts: 37
Joined: September 8th, 2012, 9:08 pm

Re: Computer Running Slowly

Unread postby knowlze » September 19th, 2012, 6:15 am

My computer does seem to be running better. I have been able to play a lot of my games that I previously couldn't even start. Although my CPU usage is still at 100% without spikes. I'm unsure what this means but people have told me that this is a large problem. Thank you for your help so far.
knowlze
Member+
 
Posts: 37
Joined: September 8th, 2012, 9:08 pm

Re: Computer Running Slowly

Unread postby Cypher » September 19th, 2012, 6:43 am

Hi knowlze,
It's going to take a few runs to clean all this junk out.

  • Right-click OTL.exe and select " Run as administrator " to run it.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code
    Code: Select all
    :commands
    [createrestorepoint]
    
    :processes
    killallprocesses
    
    :reg
    [HKEY_CURRENT_USER\Software\BrowserMngr]
    "SEREGEXP"=-
    [HKEY_CURRENT_USER\Software\BrowserMngr\2.2.643.41]
    "chrome_startup_urls"=-
    [HKEY_CURRENT_USER\Software\BrowserMngr\2.2.643.41]
    "firefox keywords"=-
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"=-
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "BrowserMngr Start Page"=-
    [-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
    [-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BrowserMngr]
    "SEREGEXP"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{98889811-442D-49dd-99D7-DC866BE87DBC}"=-
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
    [HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\BrowserMngr]
    "SEREGEXP"=-
    [HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\BrowserMngr\2.2.643.41]
    "chrome_startup_urls"=-
    [HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\BrowserMngr\2.2.643.41]
    "firefox keywords"=-
    [HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Internet Explorer\Main]
    "Start Page"=-
    [HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Internet Explorer\Main]
    "BrowserMngr Start Page"=-
    [-HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
    [-HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
    
    :files
    C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults\preferences\babylon.js 
    C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
    C:\Users\Domsfriend\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fimg.babylon.com%2Fsite%2Fimages%2Fbabylon-8%2Fcommon%2Fimages%2Ffavicon.png
    C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com\content\babylon.css 
    C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com\content\babylon.xul
    C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\searchplugins\BabylonMngr.xml 
    C:\Windows\Prefetch\BABYLONTOOLBAR4FFX.EXE-3E3859F6.pf
    C:\Windows\Prefetch\BABYLONTOOLBAR4IE.EXE-51E12220.pf 
    C:\Windows\Prefetch\BABYLONTOOLBARSRV.EXE-E086CE3F.pf 
    C:\Windows\Prefetch\MYBABYLONTB.EXE-CD21B80F.pf 
    C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com 
    C:\Users\Domsfriend\AppData\Roaming\Babylon 
    C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com 
    ipconfig /flushdns /c
    
    :commands
    [emptytemp]
    
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Next.

  • Right-click SystemLook.exe and select " Run as administrator " to run it.
  • Copy and paste the content of the following codebox into the main textfield:
    Code: Select all
    :filefind
    *Searchqu*
    *Babylon*
    
    :folderfind
    *Searchqu*
    *Babylon*
    
    :Regfind
    Searchqu
    Babylon
    
    
  • Click the Look button to start the scan.
    Because of the Registry searches, the scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

Logs/Information to Post in your Next Reply

  • OTL fix log.
  • SystemLook.txt.
  • Please give me an update on your computers performance.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Computer Running Slowly

Unread postby knowlze » September 19th, 2012, 6:58 am

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== PROCESSES ==========
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\BrowserMngr\\SEREGEXP deleted successfully.
Registry value HKEY_CURRENT_USER\Software\BrowserMngr\2.2.643.41\\chrome_startup_urls deleted successfully.
Registry value HKEY_CURRENT_USER\Software\BrowserMngr\2.2.643.41\\firefox keywords deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\BrowserMngr Start Page deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5F339F0B-716F-408F-A627-DEEB5DEB4020}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BrowserMngr\\SEREGEXP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry value HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\BrowserMngr\\SEREGEXP not found.
Registry value HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\BrowserMngr\2.2.643.41\\chrome_startup_urls not found.
Registry value HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\BrowserMngr\2.2.643.41\\firefox keywords not found.
Registry value HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Internet Explorer\Main\\Start Page deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Internet Explorer\Main\\BrowserMngr Start Page not found.
Registry key HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
========== FILES ==========
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults\preferences\babylon.js moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
C:\Users\Domsfriend\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fimg.babylon.com%2Fsite%2Fimages%2Fbabylon-8%2Fcommon%2Fimages%2Ffavicon.png moved successfully.
C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com\content\babylon.css moved successfully.
C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com\content\babylon.xul moved successfully.
C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\searchplugins\BabylonMngr.xml moved successfully.
C:\Windows\Prefetch\BABYLONTOOLBAR4FFX.EXE-3E3859F6.pf moved successfully.
C:\Windows\Prefetch\BABYLONTOOLBAR4IE.EXE-51E12220.pf moved successfully.
C:\Windows\Prefetch\BABYLONTOOLBARSRV.EXE-E086CE3F.pf moved successfully.
C:\Windows\Prefetch\MYBABYLONTB.EXE-CD21B80F.pf moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com folder moved successfully.
C:\Users\Domsfriend\AppData\Roaming\Babylon folder moved successfully.
C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com\content\imgs\mnRadio folder moved successfully.
C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs folder moved successfully.
C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully.
C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com\content folder moved successfully.
C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com\components folder moved successfully.
C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com folder moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Could not flush the DNS Resolver Cache: Function failed during execution.
C:\Users\Domsfriend\Desktop\cmd.bat deleted successfully.
C:\Users\Domsfriend\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Domsfriend
->Temp folder emptied: 399841 bytes
->Temporary Internet Files folder emptied: 64901 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 65736330 bytes
->Flash cache emptied: 0 bytes

User: hedev
->Temp folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 112 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 63.00 mb


OTL by OldTimer - Version 3.2.64.0 log created on 09192012_224548

Files\Folders moved on Reboot...
C:\Users\Domsfriend\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
knowlze
Member+
 
Posts: 37
Joined: September 8th, 2012, 9:08 pm

Re: Computer Running Slowly

Unread postby knowlze » September 19th, 2012, 7:02 am

SystemLook 30.07.11 by jpshortstuff
Log created at 22:58 on 19/09/2012 by Domsfriend
Administrator - Elevation successful

========== filefind ==========

Searching for "*Searchqu*"
C:\Users\Domsfriend\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.searchquotes.com%2Ffavicon.png --a---- 589 bytes [13:55 18/08/2012] [13:55 18/08/2012] 5F32D061C08C568AB6EBDFD4414AF7CB
C:\Users\Domsfriend\AppData\Local\Opera\Opera\icons\www.searchquotes.com.idx --a---- 94 bytes [13:55 18/08/2012] [13:55 18/08/2012] 599217F5335E0E903C90C0B14947B3D7
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchquband.dll --a---- 449424 bytes [09:14 19/09/2011] [09:14 19/09/2011] 39ECB144372B2ED7B1B91A1E63D3F275
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll --a---- 88976 bytes [09:14 19/09/2011] [09:14 19/09/2011] AD14E447F7CED4CA987B91B379EAF952

Searching for "*Babylon*"
C:\Program Files (x86)\BestGameEver\Audiosurf\engine\AudiosurfHC\101949923 - Congorock - Babylon.mp3.ash --a---- 33588 bytes [07:50 21/03/2012] [07:50 21/03/2012] F1807F46B6A1832F9FC60CE2E865E565
C:\Users\Domsfriend\Desktop\Music\Music\23 - Congorock - Babylon.mp3 --a---- 6243849 bytes [22:12 11/12/2011] [22:39 11/12/2011] 4A5BA04BE6C9E82ED756D146D7BDE97F
C:\Users\Domsfriend\Desktop\Music\Music\All Songs\David Gray - Babylon.mp3 --a---- 4253709 bytes [10:37 05/07/2011] [04:52 17/06/2007] F8A8FF90317D5A1156A13C0214E59FE2
C:\Users\Domsfriend\Desktop\Music\Music\Top Songs\APB\23 - Congorock - Babylon.mp3 --a---- 6243849 bytes [06:04 12/12/2011] [22:39 11/12/2011] 4A5BA04BE6C9E82ED756D146D7BDE97F
C:\_OTL\MovedFiles\09112012_153119\C_Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\babylon_logo.png --a---- 3577 bytes [09:14 19/09/2011] [09:14 19/09/2011] 30FF3A31EDC0442F934F703C26B9F572
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll --a---- 237680 bytes [12:23 14/08/2011] [12:23 14/08/2011] 034C197E79D7233BD04BFAC1710CB988
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll --a---- 270960 bytes [12:24 14/08/2011] [12:24 14/08/2011] C471B1EEF9DF1C55B5261006CE04E11F
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\content\babylon.css --a---- 2981 bytes [09:26 27/09/2011] [09:26 27/09/2011] DAD261AA3C9200A10529A26CC9A63285
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\content\babylon.xul --a---- 10941 bytes [12:34 20/11/2011] [12:34 20/11/2011] 97BF7CBF63DFFEEC117A1A7F788D71DA
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults\preferences\babylon.js --a---- 814 bytes [01:23 06/05/2012] [06:45 27/05/2012] 3F245C585EBABA47E17D90AD05B9AF6A
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml --a---- 2355 bytes [01:23 06/05/2012] [06:45 27/05/2012] 77FA08B277C34F85E742D68AF97BFA6D
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\babylon_logo.png --a---- 3577 bytes [09:14 19/09/2011] [09:14 19/09/2011] 30FF3A31EDC0442F934F703C26B9F572
C:\_OTL\MovedFiles\09112012_225020\C_Users\Domsfriend\AppData\Local\Babylon\Setup\Babylon.dat --a---- 12848 bytes [22:56 25/08/2012] [14:03 01/04/2012] ADBB6A655AE518830BA1AFEFDB84668F
C:\_OTL\MovedFiles\09112012_225020\C_Users\Domsfriend\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx --a---- 86029 bytes [05:57 21/05/2012] [05:57 21/05/2012] 0638018613E94AAFC6FA6FFF996BB8AC
C:\_OTL\MovedFiles\09192012_215959\C_Users\Domsfriend\AppData\Local\Opera\Opera\icons\www.babylon.com.idx --a---- 529 bytes [23:27 20/04/2012] [23:33 20/04/2012] 2A9EBC1E8FB374CDCA759AB1227185AA
C:\_OTL\MovedFiles\09192012_224548\C_Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults\preferences\babylon.js --a---- 834 bytes [22:44 18/09/2012] [22:44 18/09/2012] 4C7FA62E805A28E45B81AF3C5FB033E7
C:\_OTL\MovedFiles\09192012_224548\C_Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml --a---- 2360 bytes [22:44 18/09/2012] [22:44 18/09/2012] D49C515CC942D23FD791B43DB88FB71D
C:\_OTL\MovedFiles\09192012_224548\C_Users\Domsfriend\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fimg.babylon.com%2Fsite%2Fimages%2Fbabylon-8%2Fcommon%2Fimages%2Ffavicon.png --a---- 1028 bytes [23:27 20/04/2012] [23:27 20/04/2012] 0BD43713A08B2DCCEA64E9A40FCAB258
C:\_OTL\MovedFiles\09192012_224548\C_Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com\content\babylon.css --a---- 2267 bytes [04:10 09/08/2012] [04:10 09/08/2012] C958E619394865F741A245D368BFD28C
C:\_OTL\MovedFiles\09192012_224548\C_Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com\content\babylon.xul --a---- 1100 bytes [09:13 23/08/2012] [09:13 23/08/2012] F2F198AFC7E1F88CBD57B2F88F9E0F92
C:\_OTL\MovedFiles\09192012_224548\C_Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\searchplugins\BabylonMngr.xml --a---- 2223 bytes [22:45 18/09/2012] [22:45 18/09/2012] 8E35A209E4DBF5DBE7B1A8C98326F42F
C:\_OTL\MovedFiles\09192012_224548\C_Windows\Prefetch\BABYLONTOOLBAR4FFX.EXE-3E3859F6.pf --a---- 70208 bytes [22:44 18/09/2012] [22:44 18/09/2012] 0533F33490A4C1BBCC879C48423A8A85
C:\_OTL\MovedFiles\09192012_224548\C_Windows\Prefetch\BABYLONTOOLBAR4IE.EXE-51E12220.pf --a---- 49444 bytes [22:44 18/09/2012] [22:44 18/09/2012] E0085BEE2BC95D37FB07331519E9BFAF
C:\_OTL\MovedFiles\09192012_224548\C_Windows\Prefetch\BABYLONTOOLBARSRV.EXE-E086CE3F.pf --a---- 24014 bytes [22:44 18/09/2012] [09:57 19/09/2012] 512EA88305CA04B614B46C5A26FBC6BC
C:\_OTL\MovedFiles\09192012_224548\C_Windows\Prefetch\MYBABYLONTB.EXE-CD21B80F.pf --a---- 51886 bytes [22:44 18/09/2012] [22:44 18/09/2012] 61BE59190623436498FE285A2235B4EA

========== folderfind ==========

Searching for "*Searchqu*"
C:\_OTL\MovedFiles\09112012_153119\C_Users\Domsfriend\AppData\LocalLow\searchquband d------ [09:57 28/10/2011]
C:\_OTL\MovedFiles\09112012_153119\C_Users\Domsfriend\AppData\LocalLow\searchqutoolbar d------ [06:06 08/10/2011]
C:\_OTL\MovedFiles\09112012_153119\C_Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\searchqutoolbar d------ [06:06 08/10/2011]

Searching for "*Babylon*"
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\BabylonToolbar d------ [10:50 11/09/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\BabylonToolbar\BabylonToolbar d------ [10:50 11/09/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com d------ [01:23 06/05/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Users\Domsfriend\AppData\Local\Babylon d------ [22:56 25/08/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Users\Domsfriend\AppData\Roaming\Babylon d------ [01:23 06/05/2012]
C:\_OTL\MovedFiles\09112012_225020\C_Users\Domsfriend\AppData\Roaming\BabylonToolbar d------ [06:45 27/05/2012]
C:\_OTL\MovedFiles\09192012_215959\C_Program Files (x86)\Babylon d------ [23:30 20/04/2012]
C:\_OTL\MovedFiles\09192012_215959\C_Program Files (x86)\Babylon\Babylon-Pro d------ [23:30 20/04/2012]
C:\_OTL\MovedFiles\09192012_215959\C_ProgramData\Babylon d------ [01:23 06/05/2012]
C:\_OTL\MovedFiles\09192012_215959\C_Users\Domsfriend\AppData\LocalLow\BabylonToolbar d------ [07:59 07/05/2012]
C:\_OTL\MovedFiles\09192012_215959\C_Users\Domsfriend\AppData\LocalLow\BabylonToolbar\BabylonToolbar d------ [07:59 07/05/2012]
C:\_OTL\MovedFiles\09192012_224548\C_Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com d------ [22:44 18/09/2012]
C:\_OTL\MovedFiles\09192012_224548\C_Users\Domsfriend\AppData\Roaming\Babylon d------ [22:44 18/09/2012]
C:\_OTL\MovedFiles\09192012_224548\C_Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ffxtlbr@babylon.com d------ [22:44 18/09/2012]

========== Regfind ==========

Searching for "Searchqu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"

Searching for "Babylon"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.babylon.com/?affID=114733&tt=120912_ccp_3812_2&babsrc=HP_ss&mntrId=809c75b4000000000000687f74f75f77"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"DisplayName"="Search the web (Babylon)"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"URL"="http://search.babylon.com/?q={searchTerms}&affID=114733&tt=120912_ccp_3812_2&babsrc=SP_ss&mntrId=809c75b4000000000000687f74f75f77"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}]
@="IBabylonIEBho"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}]
@="IBabylonFF"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{98889811-442D-49dd-99D7-DC866BE87DBC}"="Babylon Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
@="Babylon toolbar helper"
[HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.babylon.com/?affID=114733&tt=120912_ccp_3812_2&babsrc=HP_ss&mntrId=809c75b4000000000000687f74f75f77"
[HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"DisplayName"="Search the web (Babylon)"
[HKEY_USERS\S-1-5-21-3630749389-2258371352-599158283-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"URL"="http://search.babylon.com/?q={searchTerms}&affID=114733&tt=120912_ccp_3812_2&babsrc=SP_ss&mntrId=809c75b4000000000000687f74f75f77"

-= EOF =-
knowlze
Member+
 
Posts: 37
Joined: September 8th, 2012, 9:08 pm

Re: Computer Running Slowly

Unread postby knowlze » September 19th, 2012, 8:29 am

I can't tell if anything changed. In performance.
knowlze
Member+
 
Posts: 37
Joined: September 8th, 2012, 9:08 pm

Re: Computer Running Slowly

Unread postby Cypher » September 19th, 2012, 10:42 am

Hi knowlze,
Run an OTL scan for me and post the resulting logs.

  • Right click on OTL.exe And select Run as administrator to run it.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Computer Running Slowly

Unread postby knowlze » September 19th, 2012, 6:09 pm

There wasn't a Extras.txt created when i finished the quick scan.
Last edited by knowlze on September 19th, 2012, 6:17 pm, edited 1 time in total.
knowlze
Member+
 
Posts: 37
Joined: September 8th, 2012, 9:08 pm

Re: Computer Running Slowly

Unread postby knowlze » September 19th, 2012, 6:10 pm

OTL logfile created on: 20/09/2012 9:59:33 a.m. - Run 2
OTL by OldTimer - Version 3.2.64.0 Folder = C:\Users\Domsfriend\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 50.01% Memory free
7.99 Gb Paging File | 5.84 Gb Available in Paging File | 73.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 346.94 Gb Free Space | 37.25% Space Free | Partition Type: NTFS
Drive D: | 697.18 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 7.45 Gb Total Space | 7.45 Gb Free Space | 99.98% Space Free | Partition Type: FAT32
Drive K: | 7.45 Gb Total Space | 7.45 Gb Free Space | 100.00% Space Free | Partition Type: FAT32

Computer Name: LINCOLN-PC | User Name: Domsfriend | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/19 21:56:30 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Domsfriend\Desktop\OTL.exe
PRC - [2012/09/19 10:45:05 | 001,701,400 | ---- | M] () -- C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
PRC - [2012/09/16 10:40:04 | 000,896,912 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012/09/02 12:06:56 | 000,874,896 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012/08/21 21:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/08/10 18:59:52 | 004,440,896 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Domsfriend\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/08/04 22:14:09 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/05/16 08:56:03 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/05/15 22:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/02/19 22:46:08 | 000,187,696 | ---- | M] (Blabbers Communications LTD) -- C:\Program Files (x86)\BrowserCompanion\BCHelper.exe
PRC - [2011/11/07 22:15:09 | 010,057,216 | ---- | M] () -- C:\Folding@HomeCPU\1\FahCore_a4.exe
PRC - [2011/11/05 19:25:18 | 010,057,216 | ---- | M] () -- C:\Folding@HomeCPU\2\FahCore_a4.exe
PRC - [2011/11/05 19:23:07 | 010,057,216 | ---- | M] () -- C:\Folding@HomeCPU\3\FahCore_a4.exe
PRC - [2011/11/05 18:57:28 | 010,057,216 | ---- | M] () -- C:\Folding@HomeCPU\4\FahCore_a4.exe
PRC - [2011/11/05 18:28:40 | 000,422,400 | ---- | M] () -- C:\Folding@HomeCPU\4\Fah.exe
PRC - [2011/11/05 18:28:40 | 000,422,400 | ---- | M] () -- C:\Folding@HomeCPU\3\Fah.exe
PRC - [2011/11/05 18:28:40 | 000,422,400 | ---- | M] () -- C:\Folding@HomeCPU\2\Fah.exe
PRC - [2011/11/05 18:28:40 | 000,422,400 | ---- | M] () -- C:\Folding@HomeCPU\1\Fah.exe
PRC - [2011/10/14 13:49:38 | 000,745,832 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe
PRC - [2011/08/31 04:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/07/29 11:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/04/12 20:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2010/02/03 15:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/19 10:45:05 | 001,701,400 | ---- | M] () -- C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
MOD - [2012/09/19 10:45:04 | 002,098,200 | ---- | M] () -- C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2012/09/08 15:30:26 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/09/08 15:30:24 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/09/08 15:30:24 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/09/08 15:30:24 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/09/08 15:30:24 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/09/02 12:07:11 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012/09/02 12:07:11 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012/09/02 12:07:10 | 000,276,480 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012/09/02 12:07:09 | 000,316,928 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012/09/02 12:07:09 | 000,168,448 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012/09/02 12:07:09 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012/09/02 12:07:09 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2012/09/02 12:07:08 | 000,783,360 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2012/09/02 12:07:08 | 000,099,840 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012/09/02 12:07:08 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012/09/02 12:07:08 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012/09/02 12:07:08 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012/09/02 12:07:08 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012/08/15 23:02:59 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/02/19 22:46:08 | 000,362,029 | ---- | M] () -- C:\Program Files (x86)\BrowserCompanion\sqlite3.dll
MOD - [2011/07/29 11:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 11:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/09/30 15:33:08 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009/03/25 15:53:14 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
MOD - [2009/03/19 21:35:52 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
MOD - [2009/03/19 21:35:50 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
MOD - [2009/01/15 13:55:10 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll


========== Services (SafeList) ==========

SRV:64bit: - [2009/11/20 23:15:54 | 000,162,872 | ---- | M] (TheGreenBow) [Auto | Running] -- C:\Windows\SysNative\TgbStarter.exe -- (TgbIke Starter)
SRV:64bit: - [2009/07/14 13:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 13:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/09/19 10:45:05 | 001,701,400 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2012/09/11 15:22:01 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)
SRV - [2012/08/29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/08/15 23:03:01 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/16 08:56:03 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/05/15 22:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/11/05 18:28:40 | 000,422,400 | ---- | M] () [4]) Folding@home-CPU-[4] [Auto | Running] -- C:\Folding@HomeCPU\4\Fah.exe -- (Folding@home-CPU-[4])
SRV - [2011/11/05 18:28:40 | 000,422,400 | ---- | M] () [3]) Folding@home-CPU-[3] [Auto | Running] -- C:\Folding@HomeCPU\3\Fah.exe -- (Folding@home-CPU-[3])
SRV - [2011/11/05 18:28:40 | 000,422,400 | ---- | M] () [2]) Folding@home-CPU-[2] [Auto | Running] -- C:\Folding@HomeCPU\2\Fah.exe -- (Folding@home-CPU-[2])
SRV - [2011/11/05 18:28:40 | 000,422,400 | ---- | M] () [1]) Folding@home-CPU-[1] [Auto | Running] -- C:\Folding@HomeCPU\1\Fah.exe -- (Folding@home-CPU-[1])
SRV - [2011/10/14 13:49:38 | 000,745,832 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2011/09/19 04:33:00 | 003,897,432 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011/09/08 23:00:00 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/08/31 04:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 09:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/21 21:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/08/21 21:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/08/21 21:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/08/21 21:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/08/21 21:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/21 21:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/04/19 05:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/11/29 14:28:28 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/07/22 22:22:44 | 000,028,728 | ---- | M] (TheGreenBow) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndistgb.sys -- (ndistgb)
DRV:64bit: - [2011/05/25 11:40:10 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011/04/10 17:33:57 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010/04/12 20:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2010/01/11 22:05:20 | 001,290,752 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/11/20 23:15:46 | 000,132,664 | ---- | M] (TheGreenBow) [Kernel | System | Unknown] -- C:\Windows\SysNative\drivers\DfilterVPN.sys -- (TgbIpSec)
DRV:64bit: - [2009/09/16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009/09/04 17:39:10 | 000,062,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/07/17 15:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/14 13:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 13:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 13:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 13:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 13:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 13:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 13:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 12:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/07/14 09:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/11 08:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/11 08:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/06/11 08:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 08:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 08:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 08:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/08 08:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007/02/27 13:15:20 | 000,092,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV - [2012/09/18 00:06:02 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009/07/14 13:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/01/02 15:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=114733 ... 7f74f75f77
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-nz
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B2 69 7E 35 84 CA CB 01 [binary data]
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {DB1378C1-910A-41B8-98DF-BB8A24DA202F}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=114733&tt=120912_ccp_3812_2&babsrc=SP_ss&mntrId=809c75b4000000000000687f74f75f77
IE - HKCU\..\SearchScopes\{DB1378C1-910A-41B8-98DF-BB8A24DA202F}: "URL" = http://nz.search.yahoo.com/search?ei=ut ... &ilc=12&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://nz.search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=382950&ilc=12&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950&ilc=12"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Domsfriend\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Domsfriend\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Domsfriend\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/07/27 18:33:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/11 16:36:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/27 21:25:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012/09/19 10:45:05 | 000,000,000 | ---D | M]

[2011/10/08 18:06:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Domsfriend\AppData\Roaming\mozilla\Extensions
[2011/03/02 20:57:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Domsfriend\AppData\Roaming\mozilla\Firefox\Profiles\ojhsg95w.default\extensions
[2012/09/19 22:46:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Domsfriend\AppData\Roaming\mozilla\Firefox\Profiles\ubkywt8p.default\extensions
[2011/05/18 21:37:37 | 000,000,000 | ---D | M] (Veehd Plugin) -- C:\Users\Domsfriend\AppData\Roaming\mozilla\Firefox\Profiles\ubkywt8p.default\extensions\{3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}
[2011/04/22 11:49:28 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Domsfriend\AppData\Roaming\mozilla\Firefox\Profiles\ubkywt8p.default\extensions\battlefieldplay4free@ea.com
[2012/09/19 10:44:30 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\Domsfriend\AppData\Roaming\mozilla\Firefox\Profiles\ubkywt8p.default\extensions\bbrs_002@blabbers.com
[2012/05/13 17:15:33 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Users\Domsfriend\AppData\Roaming\mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ietab@ip.cn
[2012/09/17 00:59:28 | 001,335,949 | ---- | M] () (No name found) -- C:\Users\Domsfriend\AppData\Roaming\mozilla\firefox\profiles\ubkywt8p.default\extensions\firebug@software.joehewitt.com.xpi
[2011/07/05 22:46:50 | 000,009,339 | ---- | M] () (No name found) -- C:\Users\Domsfriend\AppData\Roaming\mozilla\firefox\profiles\ubkywt8p.default\extensions\plugin@apture.com.xpi
[2012/09/19 22:46:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/08 16:29:44 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/09/29 18:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/09/29 12:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://search.babylon.com/?affID=114733 ... 7f74f75f77
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Domsfriend\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Domsfriend\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Domsfriend\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Domsfriend\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Domsfriend\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - Extension: Turn Off the Lights = C:\Users\Domsfriend\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.3_0\
CHR - Extension: YouTube = C:\Users\Domsfriend\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Domsfriend\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Users\Domsfriend\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.40_0\
CHR - Extension: Skype Click to Call = C:\Users\Domsfriend\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\Domsfriend\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.5.0_0\
CHR - Extension: Facebook Notifications = C:\Users\Domsfriend\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Domsfriend\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2012/09/11 22:51:12 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll File not found
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [TgbVpn] C:\Program Files (x86)\TheGreenBow\TheGreenBow VPN\vpnconf.exe (TheGreenBow)
O4:64bit: - HKLM..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Domsfriend\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Dxtory Update Checker 2.0] C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe (Dxtory Software)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Domsfriend\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} http://www.netgame.com/mplugin/mglaunch_USAv1005.cab (MGLaunch_v1004 Class)
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/stati ... 0.66.2.cab (Battlefield Play4Free Updater)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{87FE5EC8-E1BB-4BBE-AE1A-A6661AE14C0F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B49F06C4-4DA9-40B2-BD37-361797E674FF}: DhcpNameServer = 178.32.51.4 76.73.18.50
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0A255E7-D6BA-4087-BABB-906270D77759}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0A255E7-D6BA-4087-BABB-906270D77759}: NameServer = 208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9A12D39-CC55-4AE8-8E37-5D3E00A2D5F8}: DhcpNameServer = 178.32.51.4 76.73.18.50
O18:64bit: - Protocol\Handler\base64 - No CLSID value found
O18:64bit: - Protocol\Handler\chrome - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\prox - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL File not found
O20 - AppInit_DLLs: (c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - C:\Program Files (x86)\Stardock\Object Desktop\DeskScapes3\deskscapes.dll (Stardock Corporation)
O22:64bit: - SharedTaskScheduler: {F791A188-699D-4FD4-955A-EB59E89B1907} - Theme Resource Changer - \Program Files\Theme Resource Changer\ThemeResourceChanger.dll File not found
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysWOW64\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/19 21:56:30 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Domsfriend\Desktop\OTL.exe
[2012/09/19 10:45:12 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
[2012/09/19 10:45:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012/09/19 10:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowserCompanion
[2012/09/18 15:27:15 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\Documents\FLiNGTrainer
[2012/09/18 00:06:02 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2012/09/18 00:06:02 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\AppData\Local\eSupport.com
[2012/09/17 23:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/09/17 18:47:00 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\AppData\Roaming\Fatshark
[2012/09/17 13:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dark Souls
[2012/09/17 11:43:28 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mount&Blade With Fire and Sword
[2012/09/17 11:43:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade With Fire and Sword
[2012/09/17 11:38:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mount&Blade With Fire and Sword
[2012/09/17 00:34:21 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\AppData\Local\Macromedia
[2012/09/16 10:40:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012/09/16 10:39:28 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\AppData\Roaming\uTorrent
[2012/09/11 15:31:19 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/09/10 21:41:31 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/09/10 21:19:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/09/10 20:56:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/09/10 20:56:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/09/10 20:56:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/09/10 20:55:52 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/09/10 20:45:37 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/09/08 20:13:04 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/09/08 16:25:49 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\AppData\Roaming\Skype
[2012/09/08 16:25:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/09/08 16:25:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/09/08 16:25:33 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/09/08 16:25:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/09/08 15:22:11 | 000,000,000 | ---D | C] -- C:\FRST
[2012/09/07 22:23:16 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\AppData\Local\Facebook
[2012/09/01 18:34:44 | 000,000,000 | ---D | C] -- C:\Windows\W7SBC
[2012/09/01 18:17:24 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Theme Resource Changer X64 v1.0
[2012/09/01 18:16:53 | 000,000,000 | ---D | C] -- C:\Program Files\Theme Resource Changer
[2012/08/31 22:06:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HUD RED
[2012/08/31 21:47:53 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\AppData\Local\Korbin_Bickel
[2012/08/31 21:47:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Manager
[2012/08/31 21:47:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Theme Manager
[2012/08/31 12:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012/08/31 12:32:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012/08/27 18:55:48 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\Documents\NBGI
[2012/08/27 18:55:20 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\AppData\Local\NBGI
[2012/08/26 10:56:53 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivitizeVPN
[2012/08/26 10:56:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PrivitizeVPN
[2012/08/25 13:51:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sleeping Dogs
[2012/08/22 22:22:09 | 000,000,000 | ---D | C] -- C:\Ubisoft
[2012/08/22 22:21:39 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012/08/22 22:20:10 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\AppData\Local\Apps
[2012/08/22 22:20:09 | 000,000,000 | ---D | C] -- C:\Users\Domsfriend\AppData\Local\Deployment
[2012/05/16 07:12:24 | 000,095,576 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\DSETUP.dll
[2012/05/16 07:12:22 | 000,517,976 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\DXSETUP.exe
[2012/05/16 07:12:20 | 000,587,200 | ---- | C] (Flexera Software, Inc.) -- C:\Program Files (x86)\ISSetup.dll
[2012/05/16 07:12:17 | 001,566,040 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\dsetup32.dll
[2012/05/16 07:12:16 | 004,216,840 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\vcredist_x86.exe
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/20 10:01:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/20 09:52:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630749389-2258371352-599158283-1000UA.job
[2012/09/20 07:36:04 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3630749389-2258371352-599158283-1000UA.job
[2012/09/19 23:21:39 | 000,000,882 | ---- | M] () -- C:\Users\Domsfriend\Application Data\Microsoft\Internet Explorer\Quick Launch\Nexus Mod Manager.lnk
[2012/09/19 22:54:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/19 22:54:50 | 3219,787,776 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/19 22:36:00 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3630749389-2258371352-599158283-1000Core.job
[2012/09/19 22:02:28 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2012/09/19 21:56:30 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Domsfriend\Desktop\OTL.exe
[2012/09/19 20:52:01 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630749389-2258371352-599158283-1000Core.job
[2012/09/19 10:44:40 | 000,000,805 | ---- | M] () -- C:\user.js
[2012/09/19 10:30:16 | 000,165,376 | ---- | M] () -- C:\Users\Domsfriend\Desktop\SystemLook_x64.exe
[2012/09/18 00:12:14 | 000,014,416 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/18 00:12:14 | 000,014,416 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/18 00:06:02 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2012/09/11 22:51:12 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/09/08 11:55:37 | 000,282,696 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/09/08 11:55:37 | 000,282,696 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/09/07 20:23:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/09/05 16:18:32 | 000,151,608 | ---- | M] () -- C:\Windows\UTP.exe
[2012/09/01 18:37:24 | 005,062,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/28 21:37:11 | 000,281,120 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/08/26 17:53:14 | 000,262,664 | ---- | M] () -- C:\Users\Domsfriend\AppData\Roaming\fk1xxx.e2ts
[2012/08/21 21:13:13 | 000,969,200 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/08/21 21:13:13 | 000,359,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/08/21 21:13:13 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/08/21 21:13:12 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/08/21 21:13:12 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/08/21 21:13:11 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/08/21 21:12:33 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/08/21 21:12:23 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/08/21 21:12:02 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/19 23:21:39 | 000,000,882 | ---- | C] () -- C:\Users\Domsfriend\Application Data\Microsoft\Internet Explorer\Quick Launch\Nexus Mod Manager.lnk
[2012/09/19 10:30:16 | 000,165,376 | ---- | C] () -- C:\Users\Domsfriend\Desktop\SystemLook_x64.exe
[2012/09/10 20:56:34 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/09/10 20:56:34 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/09/10 20:56:34 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/09/10 20:56:34 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/09/10 20:56:34 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/09/07 22:23:27 | 000,000,948 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3630749389-2258371352-599158283-1000UA.job
[2012/09/07 22:23:22 | 000,000,926 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3630749389-2258371352-599158283-1000Core.job
[2012/09/01 18:28:23 | 000,151,608 | ---- | C] () -- C:\Windows\UTP.exe
[2012/08/31 22:15:34 | 000,009,112 | ---- | C] () -- C:\Program Files (x86)\HUD RED Topshell Basic.theme
[2012/08/31 22:15:34 | 000,009,106 | ---- | C] () -- C:\Program Files (x86)\HUD RED Topshell.theme
[2012/08/31 22:15:34 | 000,009,094 | ---- | C] () -- C:\Program Files (x86)\HUD RED Basic.theme
[2012/08/31 22:15:31 | 000,009,088 | ---- | C] () -- C:\Program Files (x86)\HUD RED.theme
[2012/08/26 17:53:14 | 000,262,664 | ---- | C] () -- C:\Users\Domsfriend\AppData\Roaming\fk1xxx.e2ts
[2012/07/18 16:37:54 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\winver.exe
[2012/06/05 16:33:57 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2012/05/16 07:22:25 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/05/16 07:12:32 | 362,468,194 | ---- | C] () -- C:\Program Files (x86)\BLR_Client.hogg
[2012/05/16 07:12:24 | 000,121,054 | ---- | C] () -- C:\Program Files (x86)\JUN2008_XACT_x64.cab
[2012/05/16 07:12:24 | 000,109,445 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx11_43_x86.cab
[2012/05/16 07:12:24 | 000,105,044 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx11_42_x86.cab
[2012/05/16 07:12:24 | 000,097,152 | ---- | C] () -- C:\Program Files (x86)\dxupdate.cab
[2012/05/16 07:12:24 | 000,096,817 | ---- | C] () -- C:\Program Files (x86)\APR2007_xinput_x64.cab
[2012/05/16 07:12:24 | 000,093,734 | ---- | C] () -- C:\Program Files (x86)\Mar2008_XACT_x86.cab
[2012/05/16 07:12:24 | 000,093,686 | ---- | C] () -- C:\Program Files (x86)\Jun2010_XACT_x86.cab
[2012/05/16 07:12:24 | 000,093,180 | ---- | C] () -- C:\Program Files (x86)\Feb2010_XACT_x86.cab
[2012/05/16 07:12:24 | 000,093,128 | ---- | C] () -- C:\Program Files (x86)\JUN2008_XACT_x86.cab
[2012/05/16 07:12:24 | 000,093,106 | ---- | C] () -- C:\Program Files (x86)\Aug2009_XACT_x86.cab
[2012/05/16 07:12:24 | 000,092,996 | ---- | C] () -- C:\Program Files (x86)\Aug2008_XACT_x86.cab
[2012/05/16 07:12:24 | 000,092,740 | ---- | C] () -- C:\Program Files (x86)\Mar2009_XACT_x86.cab
[2012/05/16 07:12:24 | 000,092,684 | ---- | C] () -- C:\Program Files (x86)\Nov2008_XACT_x86.cab
[2012/05/16 07:12:24 | 000,087,142 | ---- | C] () -- C:\Program Files (x86)\AUG2006_xinput_x64.cab
[2012/05/16 07:12:24 | 000,087,101 | ---- | C] () -- C:\Program Files (x86)\Apr2006_xinput_x64.cab
[2012/05/16 07:12:24 | 000,086,037 | ---- | C] () -- C:\Program Files (x86)\Oct2005_xinput_x64.cab
[2012/05/16 07:12:24 | 000,055,154 | ---- | C] () -- C:\Program Files (x86)\JUN2008_X3DAudio_x64.cab
[2012/05/16 07:12:24 | 000,055,058 | ---- | C] () -- C:\Program Files (x86)\Mar2008_X3DAudio_x64.cab
[2012/05/16 07:12:24 | 000,054,678 | ---- | C] () -- C:\Program Files (x86)\Feb2010_X3DAudio_x64.cab
[2012/05/16 07:12:24 | 000,054,600 | ---- | C] () -- C:\Program Files (x86)\Mar2009_X3DAudio_x64.cab
[2012/05/16 07:12:24 | 000,054,522 | ---- | C] () -- C:\Program Files (x86)\Nov2008_X3DAudio_x64.cab
[2012/05/16 07:12:24 | 000,053,302 | ---- | C] () -- C:\Program Files (x86)\APR2007_xinput_x86.cab
[2012/05/16 07:12:24 | 000,050,643 | ---- | C] () -- C:\Program Files (x86)\FoxCompat.ini
[2012/05/16 07:12:24 | 000,046,144 | ---- | C] () -- C:\Program Files (x86)\NOV2007_X3DAudio_x64.cab
[2012/05/16 07:12:24 | 000,046,058 | ---- | C] () -- C:\Program Files (x86)\AUG2006_xinput_x86.cab
[2012/05/16 07:12:24 | 000,046,010 | ---- | C] () -- C:\Program Files (x86)\Apr2006_xinput_x86.cab
[2012/05/16 07:12:24 | 000,045,359 | ---- | C] () -- C:\Program Files (x86)\Oct2005_xinput_x86.cab
[2012/05/16 07:12:24 | 000,044,624 | ---- | C] () -- C:\Program Files (x86)\dxdllreg_x86.cab
[2012/05/16 07:12:24 | 000,040,415 | ---- | C] () -- C:\Program Files (x86)\data1.hdr
[2012/05/16 07:12:24 | 000,038,710 | ---- | C] () -- C:\Program Files (x86)\PCConsole-FoxEngine.ini
[2012/05/16 07:12:24 | 000,032,045 | ---- | C] () -- C:\Program Files (x86)\PCConsole-FoxInput.ini
[2012/05/16 07:12:24 | 000,026,270 | ---- | C] () -- C:\Program Files (x86)\0x040c.ini
[2012/05/16 07:12:24 | 000,025,860 | ---- | C] () -- C:\Program Files (x86)\0x0407.ini
[2012/05/16 07:12:24 | 000,022,492 | ---- | C] () -- C:\Program Files (x86)\0x0409.ini
[2012/05/16 07:12:24 | 000,021,905 | ---- | C] () -- C:\Program Files (x86)\JUN2008_X3DAudio_x86.cab
[2012/05/16 07:12:24 | 000,021,867 | ---- | C] () -- C:\Program Files (x86)\Mar2008_X3DAudio_x86.cab
[2012/05/16 07:12:24 | 000,021,851 | ---- | C] () -- C:\Program Files (x86)\Nov2008_X3DAudio_x86.cab
[2012/05/16 07:12:24 | 000,021,298 | ---- | C] () -- C:\Program Files (x86)\Mar2009_X3DAudio_x86.cab
[2012/05/16 07:12:24 | 000,020,713 | ---- | C] () -- C:\Program Files (x86)\Feb2010_X3DAudio_x86.cab
[2012/05/16 07:12:24 | 000,018,496 | ---- | C] () -- C:\Program Files (x86)\NOV2007_X3DAudio_x86.cab
[2012/05/16 07:12:24 | 000,011,986 | ---- | C] () -- C:\Program Files (x86)\layout.bin
[2012/05/16 07:12:24 | 000,005,265 | ---- | C] () -- C:\Program Files (x86)\FoxHud.ini
[2012/05/16 07:12:24 | 000,002,884 | ---- | C] () -- C:\Program Files (x86)\setup.ini
[2012/05/16 07:12:24 | 000,000,512 | ---- | C] () -- C:\Program Files (x86)\data2.cab
[2012/05/16 07:12:24 | 000,000,154 | ---- | C] () -- C:\Program Files (x86)\local_version_cc.xml
[2012/05/16 07:12:23 | 000,227,165 | ---- | C] () -- C:\Program Files (x86)\setup.inx
[2012/05/16 07:12:23 | 000,226,250 | ---- | C] () -- C:\Program Files (x86)\Mar2008_XAudio_x86.cab
[2012/05/16 07:12:23 | 000,212,807 | ---- | C] () -- C:\Program Files (x86)\DEC2006_d3dx10_00_x64.cab
[2012/05/16 07:12:23 | 000,198,096 | ---- | C] () -- C:\Program Files (x86)\AUG2007_XACT_x64.cab
[2012/05/16 07:12:23 | 000,197,283 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx10_43_x86.cab
[2012/05/16 07:12:23 | 000,197,122 | ---- | C] () -- C:\Program Files (x86)\JUN2007_XACT_x64.cab
[2012/05/16 07:12:23 | 000,196,762 | ---- | C] () -- C:\Program Files (x86)\NOV2007_XACT_x64.cab
[2012/05/16 07:12:23 | 000,195,766 | ---- | C] () -- C:\Program Files (x86)\APR2007_XACT_x64.cab
[2012/05/16 07:12:23 | 000,194,675 | ---- | C] () -- C:\Program Files (x86)\FEB2007_XACT_x64.cab
[2012/05/16 07:12:23 | 000,192,475 | ---- | C] () -- C:\Program Files (x86)\DEC2006_XACT_x64.cab
[2012/05/16 07:12:23 | 000,192,131 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx10_42_x86.cab
[2012/05/16 07:12:23 | 000,191,720 | ---- | C] () -- C:\Program Files (x86)\DEC2006_d3dx10_00_x86.cab
[2012/05/16 07:12:23 | 000,182,903 | ---- | C] () -- C:\Program Files (x86)\AUG2006_XACT_x64.cab
[2012/05/16 07:12:23 | 000,182,361 | ---- | C] () -- C:\Program Files (x86)\OCT2006_XACT_x64.cab
[2012/05/16 07:12:23 | 000,180,785 | ---- | C] () -- C:\Program Files (x86)\JUN2006_XACT_x64.cab
[2012/05/16 07:12:23 | 000,179,133 | ---- | C] () -- C:\Program Files (x86)\Apr2006_XACT_x64.cab
[2012/05/16 07:12:23 | 000,178,359 | ---- | C] () -- C:\Program Files (x86)\Feb2006_XACT_x64.cab
[2012/05/16 07:12:23 | 000,153,012 | ---- | C] () -- C:\Program Files (x86)\AUG2007_XACT_x86.cab
[2012/05/16 07:12:23 | 000,152,909 | ---- | C] () -- C:\Program Files (x86)\JUN2007_XACT_x86.cab
[2012/05/16 07:12:23 | 000,151,225 | ---- | C] () -- C:\Program Files (x86)\APR2007_XACT_x86.cab
[2012/05/16 07:12:23 | 000,148,264 | ---- | C] () -- C:\Program Files (x86)\NOV2007_XACT_x86.cab
[2012/05/16 07:12:23 | 000,147,983 | ---- | C] () -- C:\Program Files (x86)\FEB2007_XACT_x86.cab
[2012/05/16 07:12:23 | 000,145,599 | ---- | C] () -- C:\Program Files (x86)\DEC2006_XACT_x86.cab
[2012/05/16 07:12:23 | 000,138,205 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx11_43_x64.cab
[2012/05/16 07:12:23 | 000,138,017 | ---- | C] () -- C:\Program Files (x86)\OCT2006_XACT_x86.cab
[2012/05/16 07:12:23 | 000,137,235 | ---- | C] () -- C:\Program Files (x86)\AUG2006_XACT_x86.cab
[2012/05/16 07:12:23 | 000,136,301 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx11_42_x64.cab
[2012/05/16 07:12:23 | 000,133,671 | ---- | C] () -- C:\Program Files (x86)\JUN2006_XACT_x86.cab
[2012/05/16 07:12:23 | 000,133,103 | ---- | C] () -- C:\Program Files (x86)\Apr2006_XACT_x86.cab
[2012/05/16 07:12:23 | 000,132,409 | ---- | C] () -- C:\Program Files (x86)\Feb2006_XACT_x86.cab
[2012/05/16 07:12:23 | 000,125,892 | ---- | C] () -- C:\Program Files (x86)\config.bin
[2012/05/16 07:12:23 | 000,124,596 | ---- | C] () -- C:\Program Files (x86)\Jun2010_XACT_x64.cab
[2012/05/16 07:12:23 | 000,122,446 | ---- | C] () -- C:\Program Files (x86)\Feb2010_XACT_x64.cab
[2012/05/16 07:12:23 | 000,122,408 | ---- | C] () -- C:\Program Files (x86)\Aug2009_XACT_x64.cab
[2012/05/16 07:12:23 | 000,122,336 | ---- | C] () -- C:\Program Files (x86)\Mar2008_XACT_x64.cab
[2012/05/16 07:12:23 | 000,121,794 | ---- | C] () -- C:\Program Files (x86)\Nov2008_XACT_x64.cab
[2012/05/16 07:12:23 | 000,121,772 | ---- | C] () -- C:\Program Files (x86)\Aug2008_XACT_x64.cab
[2012/05/16 07:12:23 | 000,121,506 | ---- | C] () -- C:\Program Files (x86)\Mar2009_XACT_x64.cab
[2012/05/16 07:12:22 | 000,278,060 | ---- | C] () -- C:\Program Files (x86)\Jun2010_XAudio_x86.cab
[2012/05/16 07:12:22 | 000,277,338 | ---- | C] () -- C:\Program Files (x86)\Jun2010_XAudio_x64.cab
[2012/05/16 07:12:22 | 000,277,191 | ---- | C] () -- C:\Program Files (x86)\Feb2010_XAudio_x86.cab
[2012/05/16 07:12:22 | 000,276,960 | ---- | C] () -- C:\Program Files (x86)\Feb2010_XAudio_x64.cab
[2012/05/16 07:12:22 | 000,275,044 | ---- | C] () -- C:\Program Files (x86)\Mar2009_XAudio_x64.cab
[2012/05/16 07:12:22 | 000,273,960 | ---- | C] () -- C:\Program Files (x86)\Nov2008_XAudio_x64.cab
[2012/05/16 07:12:22 | 000,273,264 | ---- | C] () -- C:\Program Files (x86)\Aug2009_XAudio_x64.cab
[2012/05/16 07:12:22 | 000,273,018 | ---- | C] () -- C:\Program Files (x86)\Mar2009_XAudio_x86.cab
[2012/05/16 07:12:22 | 000,272,642 | ---- | C] () -- C:\Program Files (x86)\Aug2009_XAudio_x86.cab
[2012/05/16 07:12:22 | 000,272,611 | ---- | C] () -- C:\Program Files (x86)\Nov2008_XAudio_x86.cab
[2012/05/16 07:12:22 | 000,271,412 | ---- | C] () -- C:\Program Files (x86)\Aug2008_XAudio_x64.cab
[2012/05/16 07:12:22 | 000,271,038 | ---- | C] () -- C:\Program Files (x86)\Aug2008_XAudio_x86.cab
[2012/05/16 07:12:22 | 000,269,628 | ---- | C] () -- C:\Program Files (x86)\JUN2008_XAudio_x64.cab
[2012/05/16 07:12:22 | 000,269,024 | ---- | C] () -- C:\Program Files (x86)\JUN2008_XAudio_x86.cab
[2012/05/16 07:12:22 | 000,251,194 | ---- | C] () -- C:\Program Files (x86)\Mar2008_XAudio_x64.cab
[2012/05/16 07:12:22 | 000,235,955 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx10_43_x64.cab
[2012/05/16 07:12:22 | 000,232,635 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx10_42_x64.cab
[2012/05/16 07:12:20 | 000,803,884 | ---- | C] () -- C:\Program Files (x86)\Nov2007_d3dx10_36_x86.cab
[2012/05/16 07:12:20 | 000,802,113 | ---- | C] () -- C:\Program Files (x86)\data1.cab
[2012/05/16 07:12:20 | 000,796,867 | ---- | C] () -- C:\Program Files (x86)\AUG2007_d3dx10_35_x86.cab
[2012/05/16 07:12:20 | 000,768,036 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx9_43_x86.cab
[2012/05/16 07:12:20 | 000,762,188 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dcsx_43_x86.cab
[2012/05/16 07:12:20 | 000,752,783 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dcsx_43_x64.cab
[2012/05/16 07:12:20 | 000,728,456 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx9_42_x86.cab
[2012/05/16 07:12:20 | 000,699,044 | ---- | C] () -- C:\Program Files (x86)\JUN2007_d3dx10_34_x64.cab
[2012/05/16 07:12:20 | 000,698,612 | ---- | C] () -- C:\Program Files (x86)\APR2007_d3dx10_33_x64.cab
[2012/05/16 07:12:20 | 000,698,472 | ---- | C] () -- C:\Program Files (x86)\JUN2007_d3dx10_34_x86.cab
[2012/05/16 07:12:20 | 000,695,865 | ---- | C] () -- C:\Program Files (x86)\APR2007_d3dx10_33_x86.cab
[2012/05/16 07:12:19 | 000,852,286 | ---- | C] () -- C:\Program Files (x86)\AUG2007_d3dx10_35_x64.cab
[2012/05/16 07:12:19 | 000,849,919 | ---- | C] () -- C:\Program Files (x86)\JUN2008_d3dx10_38_x86.cab
[2012/05/16 07:12:19 | 000,849,167 | ---- | C] () -- C:\Program Files (x86)\Aug2008_d3dx10_39_x86.cab
[2012/05/16 07:12:19 | 000,844,884 | ---- | C] () -- C:\Program Files (x86)\Mar2008_d3dx10_37_x64.cab
[2012/05/16 07:12:19 | 000,818,260 | ---- | C] () -- C:\Program Files (x86)\Mar2008_d3dx10_37_x86.cab
[2012/05/16 07:12:18 | 001,550,796 | ---- | C] () -- C:\Program Files (x86)\Nov2008_d3dx9_40_x86.cab
[2012/05/16 07:12:18 | 001,464,672 | ---- | C] () -- C:\Program Files (x86)\Aug2008_d3dx9_39_x86.cab
[2012/05/16 07:12:18 | 001,463,878 | ---- | C] () -- C:\Program Files (x86)\JUN2008_d3dx9_38_x86.cab
[2012/05/16 07:12:18 | 001,443,282 | ---- | C] () -- C:\Program Files (x86)\Mar2008_d3dx9_37_x86.cab
[2012/05/16 07:12:18 | 001,412,902 | ---- | C] () -- C:\Program Files (x86)\OCT2006_d3dx9_31_x64.cab
[2012/05/16 07:12:18 | 001,397,830 | ---- | C] () -- C:\Program Files (x86)\Apr2006_d3dx9_30_x64.cab
[2012/05/16 07:12:18 | 001,362,796 | ---- | C] () -- C:\Program Files (x86)\Feb2006_d3dx9_29_x64.cab
[2012/05/16 07:12:18 | 001,357,976 | ---- | C] () -- C:\Program Files (x86)\Dec2005_d3dx9_28_x64.cab
[2012/05/16 07:12:18 | 001,350,542 | ---- | C] () -- C:\Program Files (x86)\Aug2005_d3dx9_27_x64.cab
[2012/05/16 07:12:18 | 001,347,354 | ---- | C] () -- C:\Program Files (x86)\Apr2005_d3dx9_25_x64.cab
[2012/05/16 07:12:18 | 001,336,002 | ---- | C] () -- C:\Program Files (x86)\Jun2005_d3dx9_26_x64.cab
[2012/05/16 07:12:18 | 001,247,499 | ---- | C] () -- C:\Program Files (x86)\Feb2005_d3dx9_24_x64.cab
[2012/05/16 07:12:18 | 001,127,217 | ---- | C] () -- C:\Program Files (x86)\OCT2006_d3dx9_31_x86.cab
[2012/05/16 07:12:18 | 001,115,221 | ---- | C] () -- C:\Program Files (x86)\Apr2006_d3dx9_30_x86.cab
[2012/05/16 07:12:18 | 001,084,720 | ---- | C] () -- C:\Program Files (x86)\Feb2006_d3dx9_29_x86.cab
[2012/05/16 07:12:18 | 001,079,456 | ---- | C] () -- C:\Program Files (x86)\Dec2005_d3dx9_28_x86.cab
[2012/05/16 07:12:18 | 001,078,962 | ---- | C] () -- C:\Program Files (x86)\Apr2005_d3dx9_25_x86.cab
[2012/05/16 07:12:18 | 001,077,644 | ---- | C] () -- C:\Program Files (x86)\Aug2005_d3dx9_27_x86.cab
[2012/05/16 07:12:18 | 001,067,160 | ---- | C] () -- C:\Program Files (x86)\Mar2009_d3dx10_41_x64.cab
[2012/05/16 07:12:18 | 001,064,925 | ---- | C] () -- C:\Program Files (x86)\Jun2005_d3dx9_26_x86.cab
[2012/05/16 07:12:18 | 001,040,745 | ---- | C] () -- C:\Program Files (x86)\Mar2009_d3dx10_41_x86.cab
[2012/05/16 07:12:18 | 001,013,225 | ---- | C] () -- C:\Program Files (x86)\Feb2005_d3dx9_24_x86.cab
[2012/05/16 07:12:18 | 000,994,154 | ---- | C] () -- C:\Program Files (x86)\Nov2008_d3dx10_40_x64.cab
[2012/05/16 07:12:18 | 000,965,421 | ---- | C] () -- C:\Program Files (x86)\Nov2008_d3dx10_40_x86.cab
[2012/05/16 07:12:18 | 000,944,460 | ---- | C] () -- C:\Program Files (x86)\Jun2010_D3DCompiler_43_x64.cab
[2012/05/16 07:12:18 | 000,937,246 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx9_43_x64.cab
[2012/05/16 07:12:18 | 000,931,471 | ---- | C] () -- C:\Program Files (x86)\Jun2010_D3DCompiler_43_x86.cab
[2012/05/16 07:12:18 | 000,930,116 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx9_42_x64.cab
[2012/05/16 07:12:18 | 000,919,044 | ---- | C] () -- C:\Program Files (x86)\Aug2009_D3DCompiler_42_x64.cab
[2012/05/16 07:12:18 | 000,916,430 | ---- | C] () -- C:\Program Files (x86)\Apr2006_MDX1_x86.cab
[2012/05/16 07:12:18 | 000,900,598 | ---- | C] () -- C:\Program Files (x86)\Aug2009_D3DCompiler_42_x86.cab
[2012/05/16 07:12:18 | 000,867,828 | ---- | C] () -- C:\Program Files (x86)\JUN2008_d3dx10_38_x64.cab
[2012/05/16 07:12:18 | 000,867,612 | ---- | C] () -- C:\Program Files (x86)\Aug2008_d3dx10_39_x64.cab
[2012/05/16 07:12:18 | 000,864,600 | ---- | C] () -- C:\Program Files (x86)\Nov2007_d3dx10_36_x64.cab
[2012/05/16 07:12:17 | 003,319,740 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dcsx_42_x86.cab
[2012/05/16 07:12:17 | 003,146,312 | ---- | C] () -- C:\Program Files (x86)\pbsvc_blr.exe
[2012/05/16 07:12:17 | 003,112,111 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dcsx_42_x64.cab
[2012/05/16 07:12:17 | 001,973,702 | ---- | C] () -- C:\Program Files (x86)\Mar2009_d3dx9_41_x64.cab
[2012/05/16 07:12:17 | 001,906,878 | ---- | C] () -- C:\Program Files (x86)\Nov2008_d3dx9_40_x64.cab
[2012/05/16 07:12:17 | 001,802,058 | ---- | C] () -- C:\Program Files (x86)\Nov2007_d3dx9_36_x64.cab
[2012/05/16 07:12:17 | 001,800,160 | ---- | C] () -- C:\Program Files (x86)\AUG2007_d3dx9_35_x64.cab
[2012/05/16 07:12:17 | 001,794,084 | ---- | C] () -- C:\Program Files (x86)\Aug2008_d3dx9_39_x64.cab
[2012/05/16 07:12:17 | 001,792,608 | ---- | C] () -- C:\Program Files (x86)\JUN2008_d3dx9_38_x64.cab
[2012/05/16 07:12:17 | 001,769,862 | ---- | C] () -- C:\Program Files (x86)\Mar2008_d3dx9_37_x64.cab
[2012/05/16 07:12:17 | 001,709,360 | ---- | C] () -- C:\Program Files (x86)\Nov2007_d3dx9_36_x86.cab
[2012/05/16 07:12:17 | 001,708,152 | ---- | C] () -- C:\Program Files (x86)\AUG2007_d3dx9_35_x86.cab
[2012/05/16 07:12:17 | 001,612,446 | ---- | C] () -- C:\Program Files (x86)\Mar2009_d3dx9_41_x86.cab
[2012/05/16 07:12:17 | 001,607,774 | ---- | C] () -- C:\Program Files (x86)\JUN2007_d3dx9_34_x64.cab
[2012/05/16 07:12:17 | 001,607,358 | ---- | C] () -- C:\Program Files (x86)\APR2007_d3dx9_33_x64.cab
[2012/05/16 07:12:17 | 001,607,286 | ---- | C] () -- C:\Program Files (x86)\JUN2007_d3dx9_34_x86.cab
[2012/05/16 07:12:17 | 001,606,039 | ---- | C] () -- C:\Program Files (x86)\APR2007_d3dx9_33_x86.cab
[2012/05/16 07:12:17 | 001,574,376 | ---- | C] () -- C:\Program Files (x86)\DEC2006_d3dx9_32_x86.cab
[2012/05/16 07:12:17 | 001,571,154 | ---- | C] () -- C:\Program Files (x86)\DEC2006_d3dx9_32_x64.cab
[2012/05/16 07:12:16 | 004,162,630 | ---- | C] () -- C:\Program Files (x86)\Apr2006_MDX1_x86_Archive.cab
[2012/05/16 07:12:14 | 008,525,240 | ---- | C] () -- C:\Program Files (x86)\Blacklight Retribution.exe
[2012/05/15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/01/09 11:54:57 | 000,000,353 | ---- | C] () -- C:\Users\Domsfriend\AppData\Roaming\Network Meter_Settings.ini
[2011/11/10 18:09:28 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011/10/24 17:20:56 | 000,000,017 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011/10/06 21:27:11 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011/08/08 21:47:40 | 000,000,009 | ---- | C] () -- C:\Windows\SysWow64\status.bin
[2011/05/19 09:05:09 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/04/12 18:56:55 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/04/10 17:47:14 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/04/02 19:13:56 | 000,024,273 | ---- | C] () -- C:\Users\Domsfriend\AppData\Roaming\UserTile.png
[2011/03/01 15:36:48 | 000,282,696 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/03/01 15:36:43 | 002,793,768 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/03/01 15:36:43 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/02/28 21:46:19 | 000,000,107 | ---- | C] () -- C:\Windows\VSWizard.ini
[2011/02/12 18:13:43 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011/02/12 18:13:43 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011/02/12 18:13:40 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011/02/12 18:13:40 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2011/02/12 18:09:51 | 000,034,960 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2011/02/12 18:09:24 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011/02/12 18:09:17 | 000,028,463 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

========== ZeroAccess Check ==========

[2009/07/14 16:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

========== LOP Check ==========

[2012/08/27 21:23:16 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\.minecraft
[2012/05/08 18:38:11 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\2K Sports
[2012/04/28 18:26:44 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\Bioshock
[2012/04/01 13:21:22 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\bizarre creations
[2012/05/27 21:30:42 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\Chief Architect Premier X3
[2011/08/29 18:36:46 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\DAEMON Tools Lite
[2011/04/04 19:47:13 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\DAEMON Tools Pro
[2012/09/17 18:47:00 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\Fatshark
[2011/05/16 22:47:35 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\Gadgets4Vista
[2011/08/17 18:53:57 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\GetRightToGo
[2011/08/29 17:57:11 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\Lionhead Studios
[2012/03/04 18:04:56 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\MAXON
[2011/11/07 15:24:59 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\Mount&Blade
[2011/09/28 16:43:14 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\Mount&Blade Warband
[2011/05/08 18:18:22 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\Mount&Blade With Fire and Sword
[2011/08/19 21:53:48 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\OpenCandy
[2011/08/25 18:30:25 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\Opera
[2012/08/09 22:40:45 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\Origin
[2011/08/30 22:00:33 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\PunkBuster
[2012/05/28 22:49:11 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/03/03 22:46:14 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\Summitsoft
[2012/09/18 00:04:27 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\SystemRequirementsLab
[2011/10/29 21:08:49 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\TeamViewer
[2011/08/30 18:43:24 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\The Creative Assembly
[2012/08/22 16:32:45 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\TS3Client
[2011/08/19 18:18:53 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\ts3overlay
[2012/07/10 13:44:40 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\TuneUpMedia
[2011/12/10 12:48:34 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\Tunngle
[2012/06/26 07:29:21 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\Ubisoft
[2012/09/20 10:05:56 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\uTorrent
[2012/09/06 06:37:25 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\xsecva
[2012/05/06 17:15:34 | 000,000,000 | ---D | M] -- C:\Users\Domsfriend\AppData\Roaming\YourFileDownloader

========== Purity Check ==========



< End of report >
knowlze
Member+
 
Posts: 37
Joined: September 8th, 2012, 9:08 pm

Re: Computer Running Slowly

Unread postby Cypher » September 20th, 2012, 5:05 am

Hi knowlze,

  • Download FRST64 to a USB flash drive.
  • Plug the USB drive into the infected machine.

Boot your computer into Recovery Environment

  • Restart the computer and press F8 repeatedly until the Advanced Options Menu appears.
  • Select Repair your computer.
  • Select Language and click Next
  • Enter password (if necessary) and click OK, you should now see the screen below ...

Image

  • Select the Command Prompt option.
  • A command window will open.
    • Type notepad then hit Enter.
    • Notepad will open.
      • Click File > Open then select Computer.
      • Note down the drive letter for your USB Drive.
      • Close Notepad.
  • Back in the command window ....
    • Type e:/frst64.exe and hit Enter (where e: is replaced by the drive letter for your USB drive)
    • FRST will start to run.
      • When the tool opens click Yes to disclaimer.
      • Press Scan button.
      • When finished scanning it will make a log FRST.txt on the flash drive.
  • Close the command window.
  • Boot back into normal mode and post me the FRST.txt log please.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 50 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware