Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Web browser stop constantly, and computer started crashing.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Web browser stop constantly, and computer started crashing.

Unread postby erabasa » February 9th, 2013, 11:55 pm

Before hand thank you for your help and time.

My computer web browser crash constantly; Internet explorer, Firefox, Google earth, etc. In addition I have noticed that some software that use graphics crash as well. Please help.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453
Run by Eduardo Dell at 19:47:08 on 2013-02-09
Microsoft Windows 8 Pro with Media Center 6.2.9200.0.1252.1.1033.18.16375.13831 [GMT -8:00]
.
AV: Trend Micro Titanium Maximum Security *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Trend Micro Titanium Maximum Security *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k NetworkService
c:\Program Files (x86)\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\atieclxx.exe
C:\Program Files\Classic Shell\ClassicShellService.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k HsfXAudioService
C:\WINDOWS\system32\dashost.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
C:\Program Files (x86)\Retrospect\Retrospect Express HD 2.5\retrorun.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\SysWOW64\WinMsgBalloonServer.exe
C:\WINDOWS\SysWOW64\WinMsgBalloonClient.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\Stickies\stickies.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\ehome\ehRecvr.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = Preserve
mStart Page = about:blank
uURLSearchHooks: Ashampoo US Toolbar: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
uURLSearchHooks: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
mURLSearchHooks: Ashampoo US Toolbar: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
mURLSearchHooks: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
mWinlogon: Userinit = userinit.exe,
BHO: Ashampoo US Toolbar: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopIEPlg32.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
BHO: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
TB: Ashampoo US Toolbar: {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Ashampoo US Toolbar: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
TB: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
TB: TrendMicro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [RamBooster] C:\Program Files (x86)\RamBooster 2.0\Rambooster.exe
uRun: [Google Update] "C:\Users\Eduardo Dell\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [MusicManager] "C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\EDUARD~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\EDUARD~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Stickies.lnk - C:\Program Files (x86)\Stickies\stickies.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\IOMEGA~1.LNK - C:\Program Files (x86)\Iomega StorCenter\sohoclient.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\TRENDM~1.LNK - C:\Program Files\Trend Micro SafeSync\HrfsClient.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
IE: LastPass - C:\Users\Eduardo Dell\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - C:\Users\Eduardo Dell\AppData\LocalLow\LastPass\context.html?cmd=fillforms
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - <orphaned>
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/Cl ... wsdc32.cab
DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} - hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/ ... emLite.CAB
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{4179BA03-2CB8-490B-A61A-71D1B2B5EA63} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{A9133D78-A505-497A-9E48-57062F648F38} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopIEPlg32.dll
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopIEPlg.dll
x64-BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe64.dll
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
x64-Run: [RunDLLEntry_EptMon] C:\WINDOWS\System32\RunDLL32.exe C:\WINDOWS\System32\EptMon64.dll,RunDLLEntry EptMon64
x64-Run: [RunDLLEntry_THXCfg] C:\WINDOWS\System32\RunDLL32.exe C:\WINDOWS\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [IntelliType Pro] "c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopIEPlg.dll
x64-Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - <orphaned>
x64-Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Eduardo Dell\AppData\Roaming\Mozilla\Firefox\Profiles\cq5fsiuh.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... ource=2&q=
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
FF - plugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Eduardo Dell\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll
FF - plugin: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1168638.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
FF - plugin: C:\WINDOWS\SysWOW64\npDeployJava1.dll
FF - plugin: C:\WINDOWS\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: nglayout.initialpaint.delay - 50
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\Drivers\PxHlpa64.sys [2010-12-23 55280]
R0 TMEBC;TMEBC;C:\WINDOWS\System32\Drivers\TMEBC64.sys [2012-11-16 46392]
R1 tmevtmgr;tmevtmgr;C:\WINDOWS\System32\Drivers\tmevtmgr.sys [2012-11-16 76672]
R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2010/12/23 20:00:09];C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl [2010-12-23 146928]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2012-10-12 239616]
R2 AMD_RAIDXpert;AMD RAIDXpert;C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-3-15 122880]
R2 AMDFusionSVC;AMD Fusion Utility Service;C:\Program Files (x86)\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe [2009-9-8 383544]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-11-16 310952]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2010-1-11 155648]
R2 HsfXAudioService;HsfXAudioService;C:\WINDOWS\System32\svchost.exe -k HsfXAudioService [2012-10-29 29696]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-9-13 229392]
R2 tmusa;Trend Micro Osprey Driver;C:\WINDOWS\System32\Drivers\tmusa.sys [2012-11-16 77112]
R3 CAXHWBS2;CAXHWBS2;C:\WINDOWS\System32\Drivers\CAXHWBS2.sys [2010-12-23 411136]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\WINDOWS\System32\Drivers\k57nd60a.sys [2012-6-2 425472]
R3 tmeevw;tmeevw;C:\WINDOWS\System32\Drivers\tmeevw.sys [2012-11-16 98104]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S0 tmel;tmel;C:\WINDOWS\System32\Drivers\tmel.sys [2012-11-16 34224]
S2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2009-6-10 166384]
S3 ahcix64s;ahcix64s;C:\WINDOWS\System32\Drivers\ahcix64s.sys [2010-12-23 226616]
S3 CompFilter64;UVCCompositeFilter;C:\WINDOWS\System32\Drivers\lvbflt64.sys [2012-10-26 26784]
S3 LVRS64;Logitech RightSound Filter Driver;C:\WINDOWS\System32\Drivers\lvrs64.sys [2012-10-26 351520]
S3 LVUVC64;@oem66.inf,%PID_0821_DD%(UVC);Logitech HD Pro Webcam C910(UVC);C:\WINDOWS\System32\Drivers\lvuvc64.sys [2012-10-26 4758176]
S3 OnlineStorageService;OnlineStorageService;C:\Program Files\Trend Micro SafeSync\hrfscore.exe [2012-8-2 7968056]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-6-10 1124848]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\Drivers\usbaapl64.sys [2012-9-28 53760]
S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-25 117248]
S4 RoxLiveShare10;LiveShare P2P Server 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2009-6-10 309744]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2013-02-08 20:08:52 -------- d-----w- C:\Users\Eduardo Dell\AppData\Roaming\stickies
2013-02-08 20:08:51 844 ----a-w- C:\WINDOWS\uninstallstickies.bat
2013-02-08 20:08:50 -------- d-----w- C:\Program Files (x86)\Stickies
2013-02-01 04:50:39 -------- d-----w- C:\Users\Eduardo Dell\AppData\Local\Programs
2013-01-31 05:24:54 210624 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10191.bin
2013-01-27 17:52:13 139264 ----a-w- C:\WINDOWS\SysWow64\gswin32c.exe
2013-01-27 17:52:12 438976 ----a-w- C:\WINDOWS\SysWow64\Mshflxgd.ocx
2013-01-27 17:52:12 244024 ----a-w- C:\WINDOWS\SysWow64\Msflxgrd.ocx
2013-01-27 17:52:10 -------- d--h--w- C:\ProgramData\QPOCRTemp
2013-01-27 17:52:08 -------- d-----w- C:\ProgramData\QuickPDF
2013-01-27 17:50:48 -------- d-----w- C:\Users\Eduardo Dell\AppData\Roaming\SomePDF
2013-01-27 17:50:41 -------- d-----w- C:\Program Files (x86)\SomePDF
2013-01-27 17:47:41 348160 ----a-w- C:\WINDOWS\SysWow64\MSVCR71.DLL
2013-01-27 17:47:40 499712 ----a-w- C:\WINDOWS\SysWow64\MSVCP71.DLL
2013-01-27 17:47:03 -------- d-----w- C:\Users\Eduardo Dell\AppData\Local\TempDIR
2013-01-25 07:21:16 -------- d-----w- C:\Program Files (x86)\Nightly
2013-01-19 18:10:50 196608 ----a-w- C:\WINDOWS\SysWow64\Utility.dll
2013-01-19 18:10:49 212240 ----a-w- C:\WINDOWS\SysWow64\Richtx32.ocx
2013-01-19 18:10:34 -------- d-----w- C:\WINDOWS\SysWow64\gs
2013-01-19 18:07:43 -------- d-----w- C:\Program Files (x86)\Free PDF Solutions
2013-01-19 05:46:34 -------- d-----w- C:\Program Files (x86)\MusicBee
2013-01-17 05:27:46 -------- d-----w- C:\Users\Eduardo Dell\AppData\Roaming\Canneverbe Limited
2013-01-17 05:27:46 -------- d-----w- C:\ProgramData\Canneverbe Limited
.
==================== Find3M ====================
.
2013-02-04 21:36:29 81248 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2013-02-04 21:36:29 693600 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2013-01-28 04:38:51 2560 ----a-w- C:\WINDOWS\_MSRSTRT.EXE
2012-12-19 14:45:35 234544 ----a-w- C:\WINDOWS\RegBootClean64.exe
2012-12-16 08:28:20 46080 ----a-w- C:\WINDOWS\System32\atmlib.dll
2012-12-16 08:20:01 35328 ----a-w- C:\WINDOWS\SysWow64\atmlib.dll
2012-12-16 08:08:33 362496 ----a-w- C:\WINDOWS\System32\atmfd.dll
2012-12-16 07:57:09 300032 ----a-w- C:\WINDOWS\SysWow64\atmfd.dll
2012-12-06 04:23:00 170496 ----a-w- C:\WINDOWS\System32\TimeBrokerServer.dll
2012-12-06 04:22:59 178176 ----a-w- C:\WINDOWS\System32\SystemEventsBrokerServer.dll
2012-12-04 04:21:42 368640 ----a-w- C:\WINDOWS\System32\sppwinob.dll
2012-12-04 03:59:08 4055552 ----a-w- C:\WINDOWS\System32\win32k.sys
2012-11-29 05:05:57 707584 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2012-11-29 05:05:57 1131520 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2012-11-28 04:21:17 44032 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll
2012-11-28 04:20:59 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll
2012-11-27 07:00:32 194280 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys
2012-11-27 07:00:29 124648 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys
2012-11-27 06:59:13 329960 ----a-w- C:\WINDOWS\System32\drivers\storport.sys
2012-11-27 06:39:46 1122768 ----a-w- C:\WINDOWS\System32\Taskmgr.exe
2012-11-27 04:49:20 1027152 ----a-w- C:\WINDOWS\SysWow64\Taskmgr.exe
2012-11-27 04:20:50 1048064 ----a-w- C:\WINDOWS\SysWow64\mstsc.exe
2012-11-27 04:20:42 179200 ----a-w- C:\WINDOWS\SysWow64\wpnapps.dll
2012-11-27 04:20:35 891904 ----a-w- C:\WINDOWS\SysWow64\winmde.dll
2012-11-27 04:20:31 798208 ----a-w- C:\WINDOWS\SysWow64\WebcamUi.dll
2012-11-27 04:20:29 46592 ----a-w- C:\WINDOWS\SysWow64\vds_ps.dll
2012-11-27 04:20:28 560128 ----a-w- C:\WINDOWS\SysWow64\UserLanguagesCpl.dll
2012-11-27 04:20:23 1217536 ----a-w- C:\WINDOWS\SysWow64\storagewmi.dll
2012-11-27 04:20:15 680960 ----a-w- C:\WINDOWS\System32\vds.exe
2012-11-27 04:20:07 702464 ----a-w- C:\WINDOWS\SysWow64\nshwfp.dll
2012-11-27 04:20:07 1123840 ----a-w- C:\WINDOWS\System32\mstsc.exe
2012-11-27 04:18:59 888832 ----a-w- C:\WINDOWS\System32\nshwfp.dll
2012-11-27 04:18:39 5974528 ----a-w- C:\WINDOWS\System32\mstscax.dll
2012-11-27 04:18:25 1146880 ----a-w- C:\WINDOWS\System32\mcmde.dll
2012-11-27 04:18:13 1071104 ----a-w- C:\WINDOWS\System32\IKEEXT.DLL
2012-11-27 04:18:06 378880 ----a-w- C:\WINDOWS\System32\FWPUCLNT.DLL
2012-11-27 04:17:32 718848 ----a-w- C:\WINDOWS\System32\BFE.DLL
2012-11-27 04:17:31 2302464 ----a-w- C:\WINDOWS\System32\authui.dll
2012-11-27 03:57:32 18432 ----a-w- C:\WINDOWS\System32\drivers\BtaMPM.sys
2012-11-27 03:56:29 31104 ----a-w- C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
2012-11-27 03:55:44 29952 ----a-w- C:\WINDOWS\System32\drivers\BthhfHid.sys
2012-11-26 04:21:18 71168 ----a-w- C:\WINDOWS\SysWow64\ncryptsslp.dll
2012-11-26 04:20:09 86016 ----a-w- C:\WINDOWS\System32\ncryptsslp.dll
2012-11-20 08:00:23 6971624 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2012-11-20 05:24:19 1164800 ----a-w- C:\WINDOWS\SysWow64\Display.dll
2012-11-20 05:24:17 36352 ----a-w- C:\WINDOWS\SysWow64\DevDispItemProvider.dll
2012-11-20 05:17:23 1184256 ----a-w- C:\WINDOWS\System32\Display.dll
2012-11-20 05:17:20 49152 ----a-w- C:\WINDOWS\System32\DevDispItemProvider.dll
2012-11-20 05:02:46 6656 ----a-w- C:\WINDOWS\SysWow64\KBDKURD.DLL
2012-11-20 04:59:26 7168 ----a-w- C:\WINDOWS\System32\KBDKURD.DLL
2012-11-20 04:56:27 27136 ----a-w- C:\WINDOWS\System32\drivers\usbohci.sys
2012-11-20 04:56:11 83456 ----a-w- C:\WINDOWS\System32\drivers\hidclass.sys
2012-11-20 04:54:31 39936 ----a-w- C:\WINDOWS\System32\drivers\hidi2c.sys
2012-11-17 00:50:14 59 ----a-w- C:\WINDOWS\System32\SupportTool.exe.bat
2012-11-15 06:08:41 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb
2012-11-15 06:06:34 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
2012-11-13 04:20:30 1120768 ----a-w- C:\WINDOWS\System32\msctf.dll
2012-11-13 04:19:23 890880 ----a-w- C:\WINDOWS\SysWow64\msctf.dll
.
============= FINISH: 19:47:56.55 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8 Pro with Media Center
Boot Device: \Device\HarddiskVolume2
Install Date: 10/29/2012 6:18:01 AM
System Uptime: 2/9/2013 6:54:52 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0FF3FN
Processor: AMD Phenom(tm) II X6 1055T Processor | CPU 1 | 2800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 1388 GiB total, 1140.649 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
L: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: DW1525 (802.11n) WLAN PCIe Card
Device ID: PCI\VEN_168C&DEV_002A&SUBSYS_0203168C&REV_01\4&3173CF85&0&0048
Manufacturer: Qualcomm Atheros Communications Inc.
Name: DW1525 (802.11n) WLAN PCIe Card
PNP Device ID: PCI\VEN_168C&DEV_002A&SUBSYS_0203168C&REV_01\4&3173CF85&0&0048
Service: athr
.
Class GUID:
Description: ATI TV Wonder 600 USB 2.0
Device ID: USB\VID_0438&PID_B002\660750000259
Manufacturer:
Name: ATI TV Wonder 600 USB 2.0
PNP Device ID: USB\VID_0438&PID_B002\660750000259
Service:
.
==== System Restore Points ===================
.
RP21: 1/21/2013 4:56:39 PM - Scheduled Checkpoint
RP22: 1/29/2013 10:51:04 PM - Scheduled Checkpoint
RP23: 2/5/2013 9:21:01 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.25 (x64 edition)
Ad-Aware Browsing Protection
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 11.6
Aiseesoft Blu-ray Copy 6.3.6
Amazon MP3 Downloader 1.0.15
AMD Fusion Media Explorer
AMD Fusion Utility for Desktops
AnyTrans 3.3.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AppTrans 1.1.0
Ashampoo Burning Studio 11 v.11.0.4
Ashampoo Internet Accelerator 3.20
Ashampoo Photo Optimizer 3 v.3.13
Ashampoo Undeleter v.1.1.0
Ashampoo US Toolbar
ATI AVIVO64 Codecs
ATI Catalyst Install Manager
Bing Bar
Bonjour
Canon Easy-PhotoPrint EX
Canon IJ Network Scan Utility
Canon IJ Network Tool
CANON iMAGE GATEWAY MyCamera Download Plugin
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon MP Navigator EX 1.0
Canon MP970 series
Canon MP970 series User Registration
Canon My Image Garden
Canon My Image Garden Design Files
Canon My Printer
Canon Utilities Digital Photo Professional 3.10
Canon Utilities EOS Sample Music
Canon Utilities EOS Utility
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX
Canon Utilities Movie Uploader for YouTube
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities Solution Menu
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
CDBurnerXP
Cisco Connect
Classic Shell
Compatibility Pack for the 2007 Office system
Conexant D850 PCI V.92 Modem
CopyTrans Suite Remove Only
Dell Dock
Dell Driver Download Manager
Dell Edoc Viewer
Dell Support Center (Support Software)
DirectXInstallService
DW 1525 Driver Installation
EMCGadgets64
Free PDF Solutions PDF to WORD version 1.0
Google Chrome
Google Drive
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
HD Video Converter Factory Pro
iCare Data Recovery 5.0
Internet TV for Windows Media Center
Iomega Product Registration
Iomega StorCenter
iSEEK AnswerWorks English Runtime
iTunes
Junk Mail filter update
LastPass (uninstall only)
Lazesoft Data Recovery version 3.2 Professional Edition
Light Developer v7.1, build 12452
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Mouse and Keyboard Center
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Modem Diagnostic Tool
Mozilla Firefox 17.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Card Reader
Music Manager
MusicBee 2.0
MyAshampoo Toolbar
Netflix in Windows Media Center
Netwaiting
Nightly 20.0a1 (x86 en-US)
Nitro Reader 2
Paint.NET v3.5.10
Pavtube Blu-ray Ripper Ver 4.1.3.4090
PhoneClean 1.4.0
PhoneTrans 2.0.0
PhoneTrans Pro 1.0.6
PIXMA Extended Survey Program
PrimoPDF -- brought to you by Nitro PDF Software
RAIDXpert
RamBooster
Realtek High Definition Audio Driver
Retrospect Express HD 2.5
Roxio Activation Module
Roxio CinePlayer Decoder Pack
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator Premier
Roxio Creator Premier 10
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
ScanSoft OmniPage SE 4
Screen Recording Suite V2.4.8
SDFormatter
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Skins
SoftSkin Photo Makeup 1.0
Some PDF to Txt Converter 2.0
Spotflux
Stickies 7.1e
swMSM
Trend Micro SafeSync
Trend Micro Titanium
Trend Micro Titanium Maximum Security
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VD64Inst
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
WinPcap 4.1.1
WinX HD Video Converter Deluxe 3.12.2
Zoner Photo Studio 14
ZyXEL PLA42xx Series Configuration
.
==== Event Viewer Messages From Past Week ========
.
2/9/2013 8:11:01 AM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.
2/9/2013 8:11:01 AM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
2/9/2013 6:56:23 PM, Error: Service Control Manager [7022] - The AMD Fusion Utility Service service hung on starting.
2/9/2013 6:45:38 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2/9/2013 6:20:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SSDPSRV service.
2/9/2013 6:20:40 PM, Error: Service Control Manager [7000] - The SSDP Discovery service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/9/2013 6:20:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the upnphost service.
2/9/2013 3:33:56 AM, Error: Service Control Manager [7031] - The Windows Store Service (WSService) service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2/9/2013 3:33:56 AM, Error: Service Control Manager [7031] - The UPnP Device Host service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2/9/2013 3:33:56 AM, Error: Service Control Manager [7031] - The Time Broker service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2/9/2013 3:33:56 AM, Error: Service Control Manager [7031] - The SSDP Discovery service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2/8/2013 1:00:22 PM, Error: Service Control Manager [7034] - The Trend Micro Solution Platform service terminated unexpectedly. It has done this 1 time(s).
2/5/2013 3:07:48 AM, Error: Service Control Manager [7034] - The Windows Store Service (WSService) service terminated unexpectedly. It has done this 3 time(s).
2/5/2013 3:07:48 AM, Error: Service Control Manager [7034] - The UPnP Device Host service terminated unexpectedly. It has done this 3 time(s).
2/5/2013 3:07:48 AM, Error: Service Control Manager [7034] - The Time Broker service terminated unexpectedly. It has done this 3 time(s).
2/5/2013 3:07:48 AM, Error: Service Control Manager [7034] - The SSDP Discovery service terminated unexpectedly. It has done this 3 time(s).
2/5/2013 3:02:03 AM, Error: Service Control Manager [7031] - The Windows Store Service (WSService) service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
2/5/2013 3:02:03 AM, Error: Service Control Manager [7031] - The UPnP Device Host service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2/5/2013 3:02:03 AM, Error: Service Control Manager [7031] - The Time Broker service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
2/5/2013 3:02:03 AM, Error: Service Control Manager [7031] - The SSDP Discovery service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2/2/2013 3:04:24 PM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.
.
==== End Of File ===========================
erabasa
Regular Member
 
Posts: 16
Joined: December 11th, 2012, 1:19 am
Advertisement
Register to Remove

Re: Web browser stop constantly, and computer started crashi

Unread postby nunped » February 10th, 2013, 7:22 pm

Hello erabasa, and welcome to the forum.

My name is nunped and I'll be helping you with any malware problems. I'm an Undergraduate trainee here, and as such my posts to you have to first be checked by a Teacher, because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Here are some guidelines for the cleaning process to run as easy as possible.

  1. Please read this topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
  2. The instructions being given are for YOUR computer and system only! Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  3. You must have Administrator rights permissions for this computer.
  4. DO NOT run any other fix or removal tools unless instructed to do so!
  5. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  6. Only post your problem at one help site. Applying fixes from multiple help sites can cause problems.
  7. Only reply to this thread. Do not start another thread.
  8. The absence of symptoms does not imply the absence of malware. Please continue responding until I give you the "All Clean".
  9. No Reply Within 3 Days will result in your topic being closed!


Read through these instructions with your full attention.
Please ask first if you have any doubts.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Web browser stop constantly, and computer started crashi

Unread postby erabasa » February 10th, 2013, 8:35 pm

Thank you Nunped,
erabasa
Regular Member
 
Posts: 16
Joined: December 11th, 2012, 1:19 am

Re: Web browser stop constantly, and computer started crashi

Unread postby nunped » February 11th, 2013, 4:19 pm

Hi erabasa,

You're welcome.

Step 1
Multiple Antivirus Programs
You are running more than 1 Antivirus program!
Trend Micro Titanium Maximum Security
Windows Defender
Running - more than one - antivirus program is not recommended because:
  1. They can conflict with each other.
  2. Report the other antivirus software as malicious.
  3. Antivirus programs use an enormous amount of computer's resources actively scanning your computer.
  4. Can cause your computer to run slowly, become unstable and crash.
I strongly suggest you uninstall one of them. Which one, is your decision.

Step 2 - Junkware Removal Tool Image
  1. Please download jrt.exe by thisisu and save it to your desktop. Alternate download here.
  2. Please temporarily disable your security/protection software as found here, to avoid potential conflicts.
  3. Right-click jrt.exe and select "Run as Administrator"
    The tool will open and start scanning your system. Please be patient, it can take a while depending on your system.
    On completion, a log file JRT.txt is saved to your desktop and will automatically open.
  4. Please copy and paste the contents of JRT.txt and post in your next reply.

Step 3 - OTL
Please download OTL by Old Timer. Save it to your Desktop.
If you can't download the exe file, try these links:
http://oldtimer.geekstogo.com/OTL.com
http://oldtimer.geekstogo.com/OTL.scr
  • Right-click OTL.exe (or OTL.com or OTL.scr) and select "Run as Administrator" to launch the program.
  • Click the Scan All Users checkbox.
    Leave the remaining selections to the default settings.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  • Please post the contents of both OTL.txt and Extras.txt files in your next reply.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Web browser stop constantly, and computer started crashi

Unread postby erabasa » February 11th, 2013, 7:17 pm

jrt.exe Results:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Windows 8 Pro with Media Center x64
Ran by Eduardo Dell on Mon 02/11/2013 at 15:09:27.46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\urlsearchhooks\\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{61e0ef7a-9bc0-45ea-9b2f-f3e9f02692bd}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{624ebd88-df97-4810-a282-26286b8bf95f}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{8f61e414-ea79-4559-8bb6-61d956f70306}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\urlsearchhooks\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\billp studios\detected\startup
Successfully deleted: [Registry Key] hkey_current_user\software\browsercompanion
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\igearsettings
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduitsearchscopes
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\pricegong
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\toolbar
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT2475029
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT2481032
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{3bd44f0e-0596-4008-aee0-45d47e3a8f0e}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\anti-phishing domain advisor"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Eduardo Dell\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Eduardo Dell\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\Eduardo Dell\appdata\local\babylon"
Successfully deleted: [Folder] "C:\Users\Eduardo Dell\appdata\local\blekkotb_031"
Successfully deleted: [Folder] "C:\Users\Eduardo Dell\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Eduardo Dell\appdata\local\tempdir"
Successfully deleted: [Folder] "C:\Users\Eduardo Dell\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Users\Eduardo Dell\appdata\locallow\ashampoo_us"
Successfully deleted: [Folder] "C:\Users\Eduardo Dell\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Eduardo Dell\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\adawaretb"
Successfully deleted: [Folder] "C:\Program Files (x86)\ashampoo_us"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\myashampoo"
Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search.xml"
Successfully deleted: [File] C:\Users\Eduardo Dell\AppData\Roaming\mozilla\firefox\profiles\cq5fsiuh.default\user.js
Successfully deleted: [File] C:\Users\Eduardo Dell\AppData\Roaming\mozilla\firefox\profiles\cq5fsiuh.default\searchplugins\conduit.xml
Successfully deleted: [Folder] C:\Users\Eduardo Dell\AppData\Roaming\mozilla\firefox\profiles\cq5fsiuh.default\conduitcommon
Successfully deleted: [Folder] C:\Users\Eduardo Dell\AppData\Roaming\mozilla\firefox\profiles\cq5fsiuh.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Successfully deleted the following from C:\Users\Eduardo Dell\AppData\Roaming\mozilla\firefox\profiles\cq5fsiuh.default\prefs.js

user_pref("CT2475029..clientLogIsEnabled", false);
user_pref("CT2475029..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2475029..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2475029.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2475029.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2475029.BrowserCompStateIsOpen_129781019473889442", true);
user_pref("CT2475029.CT2475029", "CT2475029");
user_pref("CT2475029.CT2481020.CommunityChanged", true);
user_pref("CT2475029.CT2481020.alertChannelId", "874426");
user_pref("CT2475029.CT2481024.CommunityChanged", true);
user_pref("CT2475029.CT2481024.alertChannelId", "874430");
user_pref("CT2475029.CT2481025.CommunityChanged", true);
user_pref("CT2475029.CT2481025.alertChannelId", "874431");
user_pref("CT2475029.CT2481029.CommunityChanged", true);
user_pref("CT2475029.CT2481029.alertChannelId", "874435");
user_pref("CT2475029.CT2481031.CommunityChanged", true);
user_pref("CT2475029.CT2481031.alertChannelId", "874437");
user_pref("CT2475029.CT2481032.CommunityChanged", true);
user_pref("CT2475029.CT2481032.alertChannelId", "874438");
user_pref("CT2475029.CT2481033.CommunityChanged", true);
user_pref("CT2475029.CT2481033.alertChannelId", "874439");
user_pref("CT2475029.CT2481034.CommunityChanged", true);
user_pref("CT2475029.CT2481034.alertChannelId", "874440");
user_pref("CT2475029.CT2481035.CommunityChanged", true);
user_pref("CT2475029.CT2481035.alertChannelId", "874441");
user_pref("CT2475029.CT2481037.CommunityChanged", true);
user_pref("CT2475029.CT2481037.alertChannelId", "874443");
user_pref("CT2475029.CommunitiesChangesLastCheckTime", "Wed Sep 19 2012 20:07:44 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.CommunitiesChangesLastUrl", "hxxp://grouping.services.conduit.com/GroupingRequest.ctp?type=ToolbarsInfo&ctids=CT2481020,CT2481024,CT2481025,CT2481029,CT24
user_pref("CT2475029.CommunityChanged", true);
user_pref("CT2475029.CurrentServerDate", "20-9-2012");
user_pref("CT2475029.DSInstall", true);
user_pref("CT2475029.DialogsAlignMode", "LTR");
user_pref("CT2475029.DialogsGetterLastCheckTime", "Sun Sep 16 2012 23:25:27 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.DownloadDomainsCheckInterval", "168");
user_pref("CT2475029.DownloadDomainsListLastCheckTime", "Wed Sep 19 2012 20:08:18 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.DownloadDomainsListLastServerUpdateTime", "1201069983");
user_pref("CT2475029.DownloadReferralCookieData", "");
user_pref("CT2475029.EMailNotifierPollDate", "Wed Sep 19 2012 20:07:44 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.FeedLastCount129133095456874337", 0);
user_pref("CT2475029.FeedPollDate129132307482029379", "Wed Sep 19 2012 20:07:46 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.FeedPollDate129132307482029381", "Wed Sep 19 2012 20:07:49 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.FeedPollDate129132307482029382", "Wed Sep 19 2012 20:07:46 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.FeedPollDate129133095459686870", "Wed Sep 19 2012 20:07:46 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.FeedPollDate129133095459686871", "Wed Sep 19 2012 20:07:49 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.FeedPollDate129137437659687146", "Wed Sep 19 2012 20:07:45 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.FeedPollDate129137437659687147", "Wed Sep 19 2012 20:07:45 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.FeedPollDate129137437659687148", "Wed Sep 19 2012 20:07:46 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.FirstServerDate", "17-9-2012");
user_pref("CT2475029.FirstTime", true);
user_pref("CT2475029.FirstTimeFF3", true);
user_pref("CT2475029.FirstTimeHiddenVer", true);
user_pref("CT2475029.FixPageNotFoundErrors", true);
user_pref("CT2475029.GroupingLastCheckTime", "Wed Sep 19 2012 06:06:31 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.GroupingLastErrorCode", "");
user_pref("CT2475029.GroupingLastResponse", true);
user_pref("CT2475029.GroupingLastServerUpdateTime", "129907203147070000");
user_pref("CT2475029.GroupingServerCheckInterval", 1440);
user_pref("CT2475029.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2475029.HPInstall", true);
user_pref("CT2475029.HasUserGlobalKeys", true);
user_pref("CT2475029.HomePageProtectorEnabled", true);
user_pref("CT2475029.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2475029&SearchSource=13");
user_pref("CT2475029.Initialize", true);
user_pref("CT2475029.InitializeCommonPrefs", true);
user_pref("CT2475029.InstallationAndCookieDataSentCount", 3);
user_pref("CT2475029.InstallationType", "Unknown");
user_pref("CT2475029.InstalledDate", "Sun Sep 16 2012 23:25:29 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.InvalidateCache", false);
user_pref("CT2475029.IsAlertDBUpdated", true);
user_pref("CT2475029.IsGrouping", true);
user_pref("CT2475029.IsInitSetupIni", true);
user_pref("CT2475029.IsMulticommunity", true);
user_pref("CT2475029.IsOpenThankYouPage", true);
user_pref("CT2475029.IsOpenUninstallPage", true);
user_pref("CT2475029.IsProtectorsInit", true);
user_pref("CT2475029.LanguagePackLastCheckTime", "Wed Sep 19 2012 06:06:32 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2475029.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2475029.LastLogin_3.15.1.0", "Wed Sep 19 2012 20:08:39 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.LatestVersion", "3.14.1.0");
user_pref("CT2475029.Locale", "en");
user_pref("CT2475029.MCDetectTooltipHeight", "83");
user_pref("CT2475029.MCDetectTooltipShow", true);
user_pref("CT2475029.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2475029.MCDetectTooltipWidth", "295");
user_pref("CT2475029.MyStuffEnabledAtInstallation", true);
user_pref("CT2475029.OriginalFirstVersion", "3.15.1.0");
user_pref("CT2475029.RadioIsPodcast", false);
user_pref("CT2475029.RadioLastCheckTime", "Wed Sep 19 2012 06:06:34 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.RadioLastUpdateIPServer", "3");
user_pref("CT2475029.RadioLastUpdateServer", "129054397178370000");
user_pref("CT2475029.RadioMediaID", "13098944");
user_pref("CT2475029.RadioMediaType", "Media Player");
user_pref("CT2475029.RadioMenuSelectedID", "EBRadioMenu_CT247502913098944");
user_pref("CT2475029.RadioShrinkedFromSetup", false);
user_pref("CT2475029.RadioStationName", "Mellesleg%20-%20Rapp");
user_pref("CT2475029.RadioStationURL", "hxxp://195.228.254.168:8060/");
user_pref("CT2475029.SavedHomepage", "hxxps://www.google.com/");
user_pref("CT2475029.SearchCaption", "MyAshampoo Customized Web Search");
user_pref("CT2475029.SearchEngineBeforeUnload", "MyAshampoo Customized Web Search");
user_pref("CT2475029.SearchFromAddressBarIsInit", true);
user_pref("CT2475029.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=2&q=");
user_pref("CT2475029.SearchInNewTabEnabled", true);
user_pref("CT2475029.SearchInNewTabIntervalMM", 1440);
user_pref("CT2475029.SearchInNewTabLastCheckTime", "Wed Sep 19 2012 06:06:31 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2475029.SearchProtectorEnabled", true);
user_pref("CT2475029.SearchProtectorToolbarDisabled", false);
user_pref("CT2475029.SendProtectorDataViaLogin", true);
user_pref("CT2475029.ServiceMapLastCheckTime", "Wed Sep 19 2012 06:06:31 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.SettingsLastCheckTime", "Wed Sep 19 2012 20:07:44 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.SettingsLastUpdate", "1347263642");
user_pref("CT2475029.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2475029&SearchSource=13");
user_pref("CT2475029.ThirdPartyComponentsLastCheck", "Wed Sep 19 2012 20:07:44 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.ToolbarShrinkedFromSetup", false);
user_pref("CT2475029.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2475029");
user_pref("CT2475029.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT2475029.Uninstall", true);
user_pref("CT2475029.UserID", "UN78475029652341737");
user_pref("CT2475029.ValidationData_Toolbar", 2);
user_pref("CT2475029.WeatherNetwork", "");
user_pref("CT2475029.WeatherPollDate", "Wed Sep 19 2012 20:07:46 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.WeatherUnit", "F");
user_pref("CT2475029.alertChannelId", "868510");
user_pref("CT2475029.approveUntrustedApps", false);
user_pref("CT2475029.components.1000034", false);
user_pref("CT2475029.components.1000082", false);
user_pref("CT2475029.components.1000234", false);
user_pref("CT2475029.components.129464711670143239", false);
user_pref("CT2475029.components.129584873345514033", false);
user_pref("CT2475029.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2475029.globalFirstTimeInfoLastCheckTime", "Sun Sep 16 2012 23:25:28 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.homepageProtectorEnableByLogin", true);
user_pref("CT2475029.initDone", true);
user_pref("CT2475029.isAppTrackingManagerOn", false);
user_pref("CT2475029.isFirstRadioInstallation", false);
user_pref("CT2475029.myStuffEnabled", true);
user_pref("CT2475029.myStuffPublihserMinWidth", 400);
user_pref("CT2475029.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2475029.myStuffServiceIntervalMM", 1440);
user_pref("CT2475029.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2475029.navigateToUrlOnSearch", false);
user_pref("CT2475029.revertSettingsEnabled", false);
user_pref("CT2475029.searchProtectorDialogDelayInSec", 10);
user_pref("CT2475029.searchProtectorEnableByLogin", true);
user_pref("CT2475029.testingCtid", "");
user_pref("CT2475029.toolbarAppMetaDataLastCheckTime", "Wed Sep 19 2012 06:06:32 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.toolbarContextMenuLastCheckTime", "Sun Sep 16 2012 23:25:29 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2475029.usagesFlag", 2);
user_pref("CT2481032..clientLogIsEnabled", false);
user_pref("CT2481032..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2481032..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2481032.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2481032.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2481032.BrowserCompStateIsOpen_1000515", true);
user_pref("CT2481032.BrowserCompStateIsOpen_129469743936644511", true);
user_pref("CT2481032.BrowserCompStateIsOpen_129681724834737563", true);
user_pref("CT2481032.CT2481032", "CT2481032");
user_pref("CT2481032.CurrentServerDate", "14-6-2012");
user_pref("CT2481032.DSInstall", true);
user_pref("CT2481032.DialogsAlignMode", "LTR");
user_pref("CT2481032.DialogsGetterLastCheckTime", "Tue Jun 12 2012 21:05:57 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.DownloadReferralCookieData", "");
user_pref("CT2481032.EMailNotifierPollDate", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedLastCount129137415284993440", 160);
user_pref("CT2481032.FeedLastCount1470371090506316425", 1091);
user_pref("CT2481032.FeedPollDate128975107603475850", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate129104903994210185", "Tue May 22 2012 05:20:42 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate129125588542653211", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate129137415288118473", "Tue May 22 2012 05:20:42 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate129137415288118474", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate129137436798437243", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate129137436798437244", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate129137436798437245", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757377779301063", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757377961554609", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757377979947076", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757378132259586", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757378265651739", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757378449145277", "Tue May 22 2012 05:20:42 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757378705873295", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757378902522699", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757378968484097", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757379044202234", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757379219112080", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757379310186023", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757379320546978", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757379400531926", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757379497083274", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757379497148810", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757379497279882", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757379644150784", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757379646262407", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757379767858421", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757379797989042", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757379883299006", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757380108070872", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757380344955611", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757380390189978", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757380412472059", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757380467866928", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757380521772385", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757380616362201", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757380727291645", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757380767393172", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757380868375745", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381043554700", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381080219037", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381151343676", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381247526121", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381247591657", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381372042911", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381453742514", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381520490197", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381582880127", "Tue May 22 2012 05:20:42 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381641974229", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381669771831", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381670861676", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381749396397", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381869347434", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381908324302", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381919420428", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381932420313", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381975368474", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381979169315", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedPollDate5609757381989950054", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.FeedTTL128975107603475850", 40);
user_pref("CT2481032.FeedTTL129104903994210185", 40);
user_pref("CT2481032.FeedTTL129125588542653211", 40);
user_pref("CT2481032.FeedTTL129137415288118473", 40);
user_pref("CT2481032.FeedTTL129137415288118474", 40);
user_pref("CT2481032.FeedTTL129137436798437243", 40);
user_pref("CT2481032.FeedTTL129137436798437244", 40);
user_pref("CT2481032.FeedTTL129137436798437245", 40);
user_pref("CT2481032.FeedTTL5609757377779301063", 15);
user_pref("CT2481032.FeedTTL5609757377979947076", 15);
user_pref("CT2481032.FeedTTL5609757378132259586", 10);
user_pref("CT2481032.FeedTTL5609757378265651739", 30);
user_pref("CT2481032.FeedTTL5609757378705873295", 15);
user_pref("CT2481032.FeedTTL5609757379310186023", 5);
user_pref("CT2481032.FeedTTL5609757379320546978", 2);
user_pref("CT2481032.FeedTTL5609757379400531926", 5);
user_pref("CT2481032.FeedTTL5609757380108070872", 5);
user_pref("CT2481032.FeedTTL5609757380412472059", 15);
user_pref("CT2481032.FeedTTL5609757380467866928", 2);
user_pref("CT2481032.FeedTTL5609757380727291645", 5);
user_pref("CT2481032.FeedTTL5609757380767393172", 1440);
user_pref("CT2481032.FeedTTL5609757381043554700", 2);
user_pref("CT2481032.FeedTTL5609757381247526121", 15);
user_pref("CT2481032.FeedTTL5609757381372042911", 60);
user_pref("CT2481032.FeedTTL5609757381453742514", 15);
user_pref("CT2481032.FeedTTL5609757381908324302", 30);
user_pref("CT2481032.FeedTTL5609757381932420313", 10);
user_pref("CT2481032.FeedTTL5609757381979169315", 15);
user_pref("CT2481032.FirstServerDate", "22-5-2012");
user_pref("CT2481032.FirstTime", true);
user_pref("CT2481032.FirstTimeFF3", true);
user_pref("CT2481032.FirstTimeHiddenVer", true);
user_pref("CT2481032.FixPageNotFoundErrors", false);
user_pref("CT2481032.GroupingServerCheckInterval", 1440);
user_pref("CT2481032.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2481032.HPInstall", true);
user_pref("CT2481032.HasUserGlobalKeys", true);
user_pref("CT2481032.HomePageProtectorEnabled", true);
user_pref("CT2481032.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2481032&SearchSource=13");
user_pref("CT2481032.Initialize", true);
user_pref("CT2481032.InitializeCommonPrefs", true);
user_pref("CT2481032.InstallationAndCookieDataSentCount", 3);
user_pref("CT2481032.InstallationType", "Unknown");
user_pref("CT2481032.InstalledDate", "Tue May 22 2012 05:20:42 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.InvalidateCache", false);
user_pref("CT2481032.IsGrouping", false);
user_pref("CT2481032.IsInitSetupIni", true);
user_pref("CT2481032.IsMulticommunity", false);
user_pref("CT2481032.IsOpenThankYouPage", true);
user_pref("CT2481032.IsOpenUninstallPage", true);
user_pref("CT2481032.IsProtectorsInit", true);
user_pref("CT2481032.LanguagePackLastCheckTime", "Wed Jun 13 2012 21:33:53 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2481032.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2481032.LastLogin_3.13.0.6", "Wed Jun 13 2012 21:33:53 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.LatestVersion", "3.13.0.6");
user_pref("CT2481032.Locale", "en");
user_pref("CT2481032.MCDetectTooltipHeight", "83");
user_pref("CT2481032.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2481032.MCDetectTooltipWidth", "295");
user_pref("CT2481032.MyStuffEnabledAtInstallation", true);
user_pref("CT2481032.OriginalFirstVersion", "3.13.0.6");
user_pref("CT2481032.RadioIsPodcast", false);
user_pref("CT2481032.RadioLastCheckTime", "Tue May 22 2012 05:20:42 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.RadioLastUpdateIPServer", "3");
user_pref("CT2481032.RadioLastUpdateServer", "3");
user_pref("CT2481032.RadioMediaID", "9962");
user_pref("CT2481032.RadioMediaType", "Media Player");
user_pref("CT2481032.RadioMenuSelectedID", "EBRadioMenu_CT24810329962");
user_pref("CT2481032.RadioShrinkedFromSetup", false);
user_pref("CT2481032.RadioStationName", "California%20Rock");
user_pref("CT2481032.RadioStationURL", "hxxp://feedlive.net/california.asx");
user_pref("CT2481032.SavedHomepage", "google.com");
user_pref("CT2481032.SearchCaption", "Ashampoo US Customized Web Search");
user_pref("CT2481032.SearchEngineBeforeUnload", "Ashampoo US Customized Web Search");
user_pref("CT2481032.SearchFromAddressBarIsInit", true);
user_pref("CT2481032.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&q=");
user_pref("CT2481032.SearchInNewTabEnabled", true);
user_pref("CT2481032.SearchInNewTabIntervalMM", 1440);
user_pref("CT2481032.SearchInNewTabLastCheckTime", "Wed Jun 13 2012 21:33:53 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2481032.SearchProtectorEnabled", true);
user_pref("CT2481032.SearchProtectorToolbarDisabled", false);
user_pref("CT2481032.SendProtectorDataViaLogin", true);
user_pref("CT2481032.ServiceMapLastCheckTime", "Wed Jun 13 2012 21:33:53 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.SettingsLastCheckTime", "Wed Jun 13 2012 21:33:53 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.SettingsLastUpdate", "1337169810");
user_pref("CT2481032.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2481032&SearchSource=13");
user_pref("CT2481032.ThirdPartyComponentsInterval", 504);
user_pref("CT2481032.ThirdPartyComponentsLastCheck", "Tue May 22 2012 05:20:41 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.ThirdPartyComponentsLastUpdate", "1331805997");
user_pref("CT2481032.ToolbarShrinkedFromSetup", false);
user_pref("CT2481032.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2481032");
user_pref("CT2481032.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT2481032.UserID", "UN77640642130186753");
user_pref("CT2481032.WeatherNetwork", "");
user_pref("CT2481032.WeatherPollDate", "Tue May 22 2012 05:20:51 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.WeatherUnit", "F");
user_pref("CT2481032.alertChannelId", "874438");
user_pref("CT2481032.autoDisableScopes", 0);
user_pref("CT2481032.components.1000034", true);
user_pref("CT2481032.components.1000234", true);
user_pref("CT2481032.components.1000515", true);
user_pref("CT2481032.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2481032.globalFirstTimeInfoLastCheckTime", "Tue May 22 2012 05:20:41 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.homepageProtectorEnableByLogin", true);
user_pref("CT2481032.initDone", true);
user_pref("CT2481032.isAppTrackingManagerOn", true);
user_pref("CT2481032.isFirstRadioInstallation", false);
user_pref("CT2481032.myStuffEnabled", true);
user_pref("CT2481032.myStuffPublihserMinWidth", 400);
user_pref("CT2481032.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2481032.myStuffServiceIntervalMM", 1440);
user_pref("CT2481032.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2481032.navigateToUrlOnSearch", false);
user_pref("CT2481032.revertSettingsEnabled", false);
user_pref("CT2481032.searchProtectorDialogDelayInSec", 10);
user_pref("CT2481032.searchProtectorEnableByLogin", true);
user_pref("CT2481032.testingCtid", "");
user_pref("CT2481032.toolbarAppMetaDataLastCheckTime", "Wed Jun 13 2012 21:33:53 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.toolbarContextMenuLastCheckTime", "Tue May 22 2012 05:20:42 GMT-0700 (Pacific Daylight Time)");
user_pref("CT2481032.usagesFlag", 2);
user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481032&SearchSource=13,hxxp://search.conduit.com/?ctid=CT2475029&SearchSource=13");
user_pref("CommunityToolbar.ConduitSearchList", "Ashampoo US Customized Web Search,MyAshampoo Customized Web Search");
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT2475029", "\"bb2a74f73abb51d84ae4c11bb3a540362\"");
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT2481032", "\"e7298d67b2ce87f2caebeed48d239b791\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /864310/US", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /870236/US", "\"1-225870-85834800\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2475029", "\"1333628348\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2481032", "\"1323698884\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "G9mW7heT/8xIX1frcduu0A==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "2E1/v7EfCEDbv3VaBQMELg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "UgzXjW7BIkfdx+x39Ruv3w==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "FqddrIU7eyJgaaLyHDeVMQ==");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\"8076e3ce381dcd1:151f\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.13.0.6", "\"4ead38b3e6bcd1:145a\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.15.1.0", "\"0e0a4327275cd1:151f\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT2475029", "\"f1c77625c0e9bd1c80a2fd6901845fa9\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT2481032", "\"d76323372b05c3748a3d6b1c93a98292\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=en", "\"05b02c8b436781eb52a1cc128602004c\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"f9c50c3adcdf540ce724fe8e50cb73b5\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"b55532a023ad5151ef0e9a42fdea5427\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"73d601eddf875e9c741a79a9476de748\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"62631a5ea36bc4464cf6ed472113364e\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"1da121be7f00a0e67b8a2cf530fcd700\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"cf9da6281399ae6cafddd0b0f8328c32\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/428333.xml", "\"a86701299dd49b372e7c51afd632f801\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/759251.xml", "\"e9b7194a1b4d8860c950b6b5d9d0685f\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"d0fcc7770d647c7356c2625292d83860\"");
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Eduardo Dell\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\cq5fsiuh.default\\conduitCommon\\modules\\3.15.1.0
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
user_pref("CommunityToolbar.ToolbarsList", "CT2481032,CT2475029");
user_pref("CommunityToolbar.ToolbarsList2", "CT2481032,CT2475029");
user_pref("CommunityToolbar.ToolbarsList4", "CT2481032,CT2475029");
user_pref("CommunityToolbar.globalUserId", "b3866711-378b-4ad0-9c7a-edbd777b4097");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2475029");
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Sep 16 2012 23:25:29 GMT-0700 (Pacific Daylight Time)");
user_pref("CommunityToolbar.notifications.alertEnabled", true);
user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Sep 19 2012 20:07:57 GMT-0700 (Pacific Daylight Time)");
user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Sep 19 2012 06:06:32 GMT-0700 (Pacific Daylight Time)");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "c7144310-8518-4319-be0c-2e7f80f3face");
user_pref("CommunityToolbar.originalHomepage", "google.com");
user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Wed Sep 19 2012 20:07:49 GMT-0700 (Pacific Daylight Time)");
user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Wed Sep 19 2012 20:07:49 GMT-0700 (Pacific Daylight Time)");
user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Wed Sep 19 2012 20:07:49 GMT-0700 (Pacific Daylight Time)");
user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Wed Sep 19 2012 20:07:49 GMT-0700 (Pacific Daylight Time)");
user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Wed Sep 19 2012 20:07:49 GMT-0700 (Pacific Daylight Time)");
user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Wed Sep 19 2012 20:07:49 GMT-0700 (Pacific Daylight Time)");
user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Tue May 22 2012 05:20:44 GMT-0700 (Pacific Daylight Time)");
user_pref("CommunityToolbar.twitter.user_759251.LastCheckTime", "Wed Sep 19 2012 20:07:49 GMT-0700 (Pacific Daylight Time)");
user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Wed Sep 19 2012 20:07:49 GMT-0700 (Pacific Daylight Time)");
user_pref("browser.search.defaultthis.engineName", "MyAshampoo Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}");
user_pref("browser.search.order.1", "Blekko");
user_pref("extensions.toolbar.mindspark._gcMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=4C11E6F7-FAED-4A8E-B2F3-90C076F0C459&n=77ee4108&ptnrS=XNman000");
user_pref("extensions.toolbar.mindspark._gcMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.installDate", "2012102920");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.partnerId", "XNman000");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.partnerSubId", "");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.toolbarId", "4C11E6F7-FAED-4A8E-B2F3-90C076F0C459");
user_pref("extensions.toolbar.mindspark._gcMembers_.lastActivePing", "1354487280693");
user_pref("extensions.toolbar.mindspark._gcMembers_.options.defaultSearch", false);
user_pref("extensions.toolbar.mindspark._gcMembers_.options.homePageEnabled", false);
user_pref("extensions.toolbar.mindspark._gcMembers_.options.keywordEnabled", false);
user_pref("extensions.toolbar.mindspark._gcMembers_.options.tabEnabled", false);
user_pref("extensions.toolbar.mindspark._gcMembers_.weather.location", "90001");
user_pref("extensions.toolbar.mindspark.lastInstalled", "weatherblink@mindspark.com");
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=2&q=");
Emptied folder: C:\Users\Eduardo Dell\AppData\Roaming\mozilla\firefox\profiles\cq5fsiuh.default\minidumps [67 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 02/11/2013 at 15:16:25.80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
erabasa
Regular Member
 
Posts: 16
Joined: December 11th, 2012, 1:19 am

Re: Web browser stop constantly, and computer started crashi

Unread postby erabasa » February 11th, 2013, 7:32 pm

Due to text limitation, posting OTL.Txt:

OTL logfile created on: 2/11/2013 3:20:13 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eduardo Dell\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16453)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.99 Gb Total Physical Memory | 14.26 Gb Available Physical Memory | 89.17% Memory free
31.99 Gb Paging File | 29.93 Gb Available in Paging File | 93.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1387.65 Gb Total Space | 1127.09 Gb Free Space | 81.22% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: EDUARDODELL-PC | User Name: Eduardo Dell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/11 15:12:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eduardo Dell\Desktop\OTL.exe
PRC - [2013/02/09 02:16:03 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
PRC - [2013/02/08 12:08:50 | 001,134,592 | ---- | M] (Zhorn Software) -- C:\Program Files (x86)\Stickies\stickies.exe
PRC - [2013/01/14 15:31:30 | 007,437,824 | ---- | M] (Google Inc.) -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
PRC - [2012/10/28 09:29:22 | 000,063,488 | ---- | M] (IvoSoft) -- C:\Program Files\Classic Shell\ClassicShellService.exe
PRC - [2011/10/13 16:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/01/11 10:20:48 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/12/29 14:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/09/08 10:48:24 | 000,383,544 | ---- | M] (Advanced Micro Devices) -- c:\Program Files (x86)\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe
PRC - [2009/05/21 06:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 06:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/03/15 22:47:28 | 000,122,880 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonServer.exe
PRC - [2009/03/15 22:47:24 | 000,139,264 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonClient.exe
PRC - [2009/03/15 22:47:22 | 000,122,880 | ---- | M] (AMD) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
PRC - [2009/03/15 22:47:20 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
PRC - [2008/12/11 11:04:58 | 000,111,896 | ---- | M] (EMC Corporation) -- C:\Program Files (x86)\Retrospect\Retrospect Express HD 2.5\retrorun.exe
PRC - [2007/04/13 07:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2007/02/04 11:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe


========== Modules (No Company Name) ==========

MOD - [2013/02/08 12:08:50 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Stickies\shook70.dll
MOD - [2013/01/14 15:19:36 | 000,344,064 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
MOD - [2013/01/14 15:19:22 | 000,231,936 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
MOD - [2013/01/14 15:18:54 | 000,253,440 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
MOD - [2013/01/14 15:18:44 | 000,117,248 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
MOD - [2013/01/10 12:01:44 | 000,026,624 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
MOD - [2013/01/10 12:01:26 | 010,683,392 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
MOD - [2013/01/10 12:01:24 | 001,681,408 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
MOD - [2013/01/10 12:01:22 | 007,741,952 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
MOD - [2013/01/10 12:01:20 | 002,248,192 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
MOD - [2012/07/25 07:54:01 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc80-mt-1_49.dll
MOD - [2012/07/07 21:47:37 | 000,588,872 | ---- | M] () -- C:\Program Files (x86)\LastPass\LPToolbar.dll
MOD - [2012/07/07 21:47:35 | 005,571,656 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\LocalLow\LastPass\LPPlugin.dll
MOD - [2012/05/30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/12/29 14:35:40 | 000,111,848 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD DX\CLFormatDetector.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:64bit: - [2012/12/05 20:23:00 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2012/12/05 20:22:59 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2012/11/13 04:05:48 | 007,968,056 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro SafeSync\hrfscore.exe -- (OnlineStorageService)
SRV:64bit: - [2012/11/05 20:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/11/05 20:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012/10/28 09:29:22 | 000,063,488 | ---- | M] (IvoSoft) [Auto | Running] -- C:\Program Files\Classic Shell\ClassicShellService.exe -- (ClassicShellService)
SRV:64bit: - [2012/10/18 01:52:28 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/09/20 01:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/09/19 22:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/19 22:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012/09/13 00:44:42 | 000,229,392 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV:64bit: - [2012/07/25 19:17:59 | 000,015,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2012/07/25 19:08:04 | 001,968,128 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2012/07/25 19:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 19:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/25 19:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 19:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 19:06:36 | 000,463,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2012/07/25 19:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 19:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 19:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 19:06:00 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/07/25 19:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 19:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 19:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/25 19:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 19:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 19:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2010/01/11 10:20:48 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2013/02/08 06:06:15 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/24 23:21:22 | 000,115,776 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/05 20:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/25 19:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2011/10/21 14:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 16:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/12/23 18:05:46 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/12/23 17:58:30 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/10/20 10:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/09/08 10:48:24 | 000,383,544 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- c:\Program Files (x86)\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe -- (AMDFusionSVC)
SRV - [2009/06/10 08:59:54 | 000,309,744 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2009/06/10 08:59:46 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2009/06/10 08:58:46 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009/05/21 06:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2009/04/29 11:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2009/03/15 22:47:22 | 000,122,880 | ---- | M] (AMD) [Auto | Running] -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
SRV - [2008/12/11 11:04:58 | 000,111,896 | ---- | M] (EMC Corporation) [Auto | Running] -- C:\Program Files (x86)\Retrospect\Retrospect Express HD 2.5\retrorun.exe -- (RetroExpLauncher)
SRV - [2007/04/13 07:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/11/26 23:00:32 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2012/11/26 19:56:29 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2012/11/26 19:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/19 20:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/05 23:52:07 | 000,445,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2012/11/05 23:36:23 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2012/11/05 19:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/26 16:42:22 | 004,758,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/10/26 16:42:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012/10/26 16:42:22 | 000,026,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvbflt64.sys -- (CompFilter64)
DRV:64bit: - [2012/10/18 01:52:18 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/10/18 01:52:16 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/10/12 15:35:26 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\point64.sys -- (Point64)
DRV:64bit: - [2012/10/12 00:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/10 23:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/10 23:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/10/09 19:31:14 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/09/28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/09/19 23:55:33 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2012/09/19 23:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012/09/19 23:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/09/19 23:55:29 | 000,028,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/09/19 23:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/19 23:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/09/19 23:03:08 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2012/09/10 21:06:14 | 000,077,112 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\tmusa.sys -- (tmusa)
DRV:64bit: - [2012/08/25 05:16:16 | 000,098,104 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tmeevw.sys -- (tmeevw)
DRV:64bit: - [2012/08/24 05:07:14 | 000,046,392 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\TMEBC64.sys -- (TMEBC)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/26 20:18:20 | 000,034,224 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\tmel.sys -- (tmel)
DRV:64bit: - [2012/07/25 21:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/25 21:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/25 21:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/25 21:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/25 21:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/25 21:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/25 21:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2012/07/25 21:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2012/07/25 21:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/25 21:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/25 21:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/25 21:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/25 21:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/25 21:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/25 21:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/25 21:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/25 21:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/25 21:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/25 21:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 20:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 20:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/25 20:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 20:44:30 | 000,258,288 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2012/07/25 20:36:15 | 000,034,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2012/07/25 19:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 18:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 18:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 18:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 18:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 18:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 18:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 18:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 18:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 18:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 18:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 18:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 18:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 18:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 18:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 18:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 18:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 18:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 18:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid)
DRV:64bit: - [2012/07/25 18:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2012/07/25 18:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 18:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2012/07/25 18:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2012/07/25 18:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 18:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 18:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/12 02:29:40 | 000,106,000 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2012/07/12 02:29:26 | 000,076,672 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2012/07/12 02:29:04 | 000,173,504 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2012/06/02 06:31:37 | 000,425,472 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2012/06/02 06:31:32 | 002,935,808 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/08/10 15:40:58 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2010/01/28 22:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/10/20 10:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/08/24 06:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/07/14 11:35:40 | 000,226,616 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/07/09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/04/29 11:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009/02/13 14:21:20 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\CAXHWBS2.sys -- (CAXHWBS2)
DRV:64bit: - [2009/02/13 14:19:34 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2009/02/12 22:24:56 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2006/06/18 06:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2012/06/04 23:37:22 | 000,256,904 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\tmcomm.sys -- (tmcomm)
DRV - [2009/12/29 14:35:40 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/12/23 20:00:09] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{FB14FF5D-9313-49BB-B1D8-B64569201FB7}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{5D9ADB55-1A07-4CD3-80FF-1E95087CB236}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 07 29 E9 61 7D CD 01 [binary data]
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes,DefaultScope = {DC1D185C-C15B-4FB0-9101-41F631E8A0E3}
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE8SRC&src=IE-SearchBox
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes\{137AFD03-D4F6-40D9-9742-8C942BB430EC}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes\{714CA69F-6531-490C-BACC-7FC7521EB826}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481032
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes\{DC1D185C-C15B-4FB0-9101-41F631E8A0E3}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.0
FF - prefs.js..extensions.enabledAddons: %7B87934c42-161d-45bc-8cef-ef18abe2a30c%7D:2.2
FF - prefs.js..extensions.enabledAddons: %7B22181a4d-af90-4ca3-a569-faed9118d6bc%7D:6.0.0.1285
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.4
FF - prefs.js..extensions.enabledAddons: tmbepff-7.5%40trendmicro.com:7.5.0.1125
FF - prefs.js..extensions.enabledAddons: %7B21541D23-FDA1-4bf3-8AF2-8F623BF70B07%7D:1.0.0.1194
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Eduardo Dell\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Eduardo Dell\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\tmbepff-7.5@trendmicro.com: C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20002\7.5.1125\7.5.1125\FIREFOXEXTENSION [2013/02/09 01:29:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/11/18 08:13:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gcffxtbr@WeatherBlink.com: C:\Program Files (x86)\WeatherBlink\bar\2.bin [2012/10/31 21:49:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\tmbepff-7.5@trendmicro.com: C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1125\7.5.1125\firefoxextension [2013/02/09 01:29:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2012/11/16 16:50:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{21541D23-FDA1-4bf3-8AF2-8F623BF70B07}: C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension\ [2013/02/09 01:30:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/02 18:48:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/02 18:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/02 18:48:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/02 18:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 20.0a1\extensions\\Components: C:\Program Files (x86)\Nightly\components [2013/01/24 23:21:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 20.0a1\extensions\\Plugins: C:\Program Files (x86)\Nightly\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Nightly 20.0a1\extensions\\Components: C:\Program Files (x86)\Nightly\components [2013/01/24 23:21:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Nightly 20.0a1\extensions\\Plugins: C:\Program Files (x86)\Nightly\plugins

[2012/03/11 13:30:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eduardo Dell\AppData\Roaming\mozilla\Extensions
[2013/02/11 15:16:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eduardo Dell\AppData\Roaming\mozilla\Firefox\Profiles\cq5fsiuh.default\extensions
[2013/01/24 06:16:24 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Eduardo Dell\AppData\Roaming\mozilla\Firefox\Profiles\cq5fsiuh.default\extensions\firefox@ghostery.com
[2012/07/07 21:47:37 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Eduardo Dell\AppData\Roaming\mozilla\Firefox\Profiles\cq5fsiuh.default\extensions\support@lastpass.com
[2012/12/02 18:48:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/02/09 01:29:04 | 000,000,000 | ---D | M] (Trend Micro BEP Firefox Extension) -- C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20002\7.5.1125\7.5.1125\FIREFOXEXTENSION
[2013/02/09 01:30:12 | 000,000,000 | ---D | M] (Trend Micro Osprey Firefox Extension) -- C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20013\FXEXT\FIREFOXEXTENSION
[2012/11/16 16:50:24 | 000,000,000 | ---D | M] (Trend Micro Toolbar) -- C:\PROGRAM FILES\TREND MICRO\TITANIUM\UIFRAMEWORK\TOOLBAR\FIREFOXEXTENSION
File not found (No name found) -- C:\USERS\EDUARDO DELL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CQ5FSIUH.DEFAULT\EXTENSIONS\{87934C42-161D-45BC-8CEF-EF18ABE2A30C}
[2012/11/29 00:27:51 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/26 22:00:30 | 000,003,747 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/11/29 00:27:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/29 00:27:12 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\np-mswmp.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
CHR - Extension: BIODIGITAL HUMAN = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0\
CHR - Extension: Beatlab = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\alnfdikmbdfgkcbdodjcbmedanjinmkk\1.0.1_0\
CHR - Extension: Speech Recognizer = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjekmpappghadlogpigifkghlmebjk\4.1.1_0\
CHR - Extension: Radios de Guatemala = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbeemmocjmifdbcfnppdjbjahoedgakc\1.2_0\
CHR - Extension: WOT = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.8_0\
CHR - Extension: TED = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhngmopjabffcomehdlajegigjjlaahk\1.0.1_0\
CHR - Extension: Rotten Netflix = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bididflonamappcfophnbijljnfagepj\0.2_1\
CHR - Extension: YouTube = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: TrendMicro BEP Extension = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee\7.5.0.1125_0\
CHR - Extension: Human Body = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccmcdjbdhohdkneafoniplilibgkljhn\1.2_0\
CHR - Extension: Human Body = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccmcdjbdhohdkneafoniplilibgkljhn\1.2_0\.bak
CHR - Extension: BrainPOP Featured Movie = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdikkckjinnmjpgkjjpnfmmbcpbhmklf\2.0_0\
CHR - Extension: ShopLocket = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjaibgdfaifnnjollpannioonpleckpj\0.0.0.1_0\
CHR - Extension: Google Search = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Netflix = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh\1.0.0.2_0\
CHR - Extension: UK TV Online = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\egbckljaejiomnicmghbdbogcebgniie\1.3_0\
CHR - Extension: HD Pc Tv = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\egecimncaacafcibloejnpokeilfboak\3.7.3_0\
CHR - Extension: World Map for Kids Personalized Poster = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\eidbdcpbipebmgonphogofblmpmloadg\0.0.0.1_0\
CHR - Extension: Tonematrix = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\enpfehkomaakbncdddjkoffacajcglha\1.1_0\
CHR - Extension: Pandora = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl\1.0_0\
CHR - Extension: Best Apps = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gekkkgddoohlaojggcdmihoeahbnlomf\1.0.1.1_0\
CHR - Extension: PorkyStuff.com = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hafflpnadcahmfalcbfhandilfcpekho\1.0.1_0\
CHR - Extension: LastPass = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.14_0\
CHR - Extension: TrendMicro Toolbar = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\6.0.0.1285_0\
CHR - Extension: Flixster = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh\1.0.6_0\
CHR - Extension: TiltShiftMaker = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjofhgnhekhkccpcnnloagmdpafifeo\1.3.3_0\
CHR - Extension: NPR Infinite Player = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpcelemhneoooapbbopolpjhmbfmnbf\2.1_0\
CHR - Extension: Windows Media Player Extension for HTML5 = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\
CHR - Extension: Bing wallpaper for Google homepage. = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ignkobhlkpgjcpkfgfohhdgdaldfaoni\7.6_0\
CHR - Extension: iCheckNetflixPlus = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeinanillnkehhekcipjggepagfdkpjb\2.2.1_0\
CHR - Extension: iCheckNetflixPlus = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeinanillnkehhekcipjggepagfdkpjb\2.2.1_0\~
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: HBO HD TV = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmmhpcjedfmfknlfkbhdfpnngkodijac\2_0\
CHR - Extension: Televisi\u00F3n = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnjpfpkhjdpikghojaeaochddcpcnnco\1.0.0_0\
CHR - Extension: Google Voice (by Google) = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.8_0\
CHR - Extension: Free Indian Movies = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgppgknapmhhioekdlkaikjooknjhpik\2_0\
CHR - Extension: eedu elements preview = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\liailpokmdneicpokkodminaehgjegdg\0.0.0.5_0\
CHR - Extension: TV for Google Chrome\u2122 = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe\2.0.3_0\
CHR - Extension: Television = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmpnclogcjhhhbcacafchckiceeoanbg\1.0_0\
CHR - Extension: Doctor Games = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncmifihpgjpgpepbfghibedgidhaljj\1.6_0\
CHR - Extension: Doctor Games = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncmifihpgjpgpepbfghibedgidhaljj\1.6_0\.bak
CHR - Extension: Google Maps = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Download iPad Movies = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfodikaemekielioedhemalpdbopbmih\1.0_0\
CHR - Extension: Mint = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhgffcfekbglhpcdjkhhjekhdnddkflg\1.5_0\
CHR - Extension: PBS Kids PLAY! = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkmpnidbgboeiebfgmoibgjhopampkj\1.0.3_0\
CHR - Extension: Google Mail Checker = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Discovery Science HD TV = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nepbifpeifkefpcpmaimcdbdemegnnck\2_0\
CHR - Extension: Animal Planet TV = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nigfekheclmacnjajdhhbfpblipehpij\2_0\
CHR - Extension: KinoPad - kids' image search pad - = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nomahcgnmcfoonfmpddopfiimaljobjj\0.0.0.2_0\
CHR - Extension: Picasa = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: DOGOnews = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcolnnhmiknpeonnnmoadeficjagocgf\1.0.1.3_0\
CHR - Extension: M TV -::- Hindi Music = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdoikfedgdnlleiojlgkhdjjfdaghjni\2_0\
CHR - Extension: Red Leaf Beauty = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfdejdelallhijjifafnnbihagdhfgaj\1.2_0\
CHR - Extension: Viewster - Watch Free Movies Online = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh\1.8_0\
CHR - Extension: iFly Magazine = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pheaefjlcgkfojojchnmpablebfhjknn\1.0_0\
CHR - Extension: Best Online Tv = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pindfhfglefcpndghchinlpajoelobbo\1.0.8_0\
CHR - Extension: Gmail = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Online TV Canada = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppdgeipomealafcgcohepedmpmcnipim\2.3_0\

O1 HOSTS File: ([2012/07/25 21:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe64.dll (Trend Micro Inc.)
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O3 - HKLM\..\Toolbar: (TrendMicro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (no name) - {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\WINDOWS\SysNative\EptMon64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\WINDOWS\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000..\Run: [MusicManager] C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000..\Run: [RamBooster] C:\Program Files (x86)\RamBooster 2.0\Rambooster.exe (J.Pajula)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Eduardo Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O4 - Startup: C:\Users\Eduardo Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk = C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O7 - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: LastPass - file://C:\Users\Eduardo Dell\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Users\Eduardo Dell\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: LastPass - file://C:\Users\Eduardo Dell\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Eduardo Dell\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/Cl ... wsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.com/DellDriverScanner/DellSystem.CAB (Reg Error: Key error.)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/ ... emLite.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4179BA03-2CB8-490B-A61A-71D1B2B5EA63}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9133D78-A505-497A-9E48-57062F648F38}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmtb - No CLSID value found
O18:64bit: - Protocol\Handler\tmtbim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/11 15:12:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Eduardo Dell\Desktop\OTL.exe
[2013/02/11 15:09:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/02/11 15:08:07 | 000,000,000 | ---D | C] -- C:\JRT
[2013/02/11 14:50:30 | 000,547,275 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Eduardo Dell\Desktop\JRT.exe
[2013/02/08 12:08:52 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\AppData\Roaming\stickies
[2013/02/08 12:08:50 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stickies
[2013/02/08 12:08:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stickies
[2013/02/02 18:15:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro SafeSync
[2013/01/31 20:50:47 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
[2013/01/31 20:50:39 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\AppData\Local\Programs
[2013/01/27 19:29:54 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\Documents\Curriculum-Vitae-PSD
[2013/01/27 09:52:12 | 000,438,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Mshflxgd.ocx
[2013/01/27 09:52:12 | 000,244,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Msflxgrd.ocx
[2013/01/27 09:52:10 | 000,000,000 | -H-D | C] -- C:\ProgramData\QPOCRTemp
[2013/01/27 09:52:08 | 000,000,000 | ---D | C] -- C:\ProgramData\QuickPDF
[2013/01/27 09:50:48 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\AppData\Roaming\SomePDF
[2013/01/27 09:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SomePDF
[2013/01/27 09:50:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SomePDF
[2013/01/24 23:21:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nightly
[2013/01/19 10:10:50 | 000,196,608 | ---- | C] (QuickPDFtoWord) -- C:\WINDOWS\SysWow64\Utility.dll
[2013/01/19 10:10:49 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Richtx32.ocx
[2013/01/19 10:10:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\gs
[2013/01/19 10:07:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF Solutions
[2013/01/19 10:07:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free PDF Solutions
[2013/01/18 21:46:34 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee
[2013/01/18 21:46:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBee
[2013/01/18 21:46:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicBee
[2013/01/16 21:27:46 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\AppData\Roaming\Canneverbe Limited
[2013/01/16 21:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2013/01/16 21:27:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2012/03/17 22:57:32 | 000,089,680 | ---- | C] (Microsoft Corporation) -- C:\Users\Eduardo Dell\MSSSerif120.fon

========== Files - Modified Within 30 Days ==========

[2013/02/11 15:21:06 | 000,000,910 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/11 15:14:10 | 000,020,531 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\Computer 1.GIF
[2013/02/11 15:12:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eduardo Dell\Desktop\OTL.exe
[2013/02/11 15:06:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/02/11 14:55:00 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2768428122-3267476443-1308564694-1000UA.job
[2013/02/11 14:50:30 | 000,547,275 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Eduardo Dell\Desktop\JRT.exe
[2013/02/11 09:50:08 | 000,852,298 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/02/11 09:50:08 | 000,721,080 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013/02/11 09:50:08 | 000,133,386 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013/02/11 02:21:00 | 000,000,906 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/10 20:55:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2768428122-3267476443-1308564694-1000Core.job
[2013/02/10 15:59:04 | 402,653,184 | -HS- | M] () -- C:\swapfile.sys
[2013/02/10 15:43:43 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/09 18:55:05 | 851,636,221 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/09 18:55:05 | 744,609,618 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2013/02/09 18:28:27 | 000,001,160 | ---- | M] () -- C:\Users\Eduardo Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/02/09 01:27:57 | 005,020,880 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/02/08 12:08:51 | 000,000,844 | ---- | M] () -- C:\WINDOWS\uninstallstickies.bat
[2013/02/08 12:08:50 | 000,001,067 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
[2013/02/06 21:30:36 | 000,074,881 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\https___secure.bankofamerica.pdf
[2013/02/04 13:36:29 | 000,693,600 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013/02/04 13:36:29 | 000,081,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013/02/03 23:42:21 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/02/02 18:15:38 | 000,001,868 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Trend Micro SafeSync.lnk
[2013/01/27 20:49:36 | 000,000,588 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\Finance and Accounting Resume Tips Monster.website
[2013/01/27 20:42:51 | 000,000,585 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\Accounting Jobs, Careers, Recruitment & Courses in Australia.website
[2013/01/27 20:42:46 | 000,000,456 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\Resume Writing Tips by Ann Baehr.website
[2013/01/27 20:42:42 | 000,000,611 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\Accountant General-Chartered-CPA Resumes @ CountingJobs.com.au.website
[2013/01/27 20:42:37 | 000,000,489 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\Controller Sample Resume 5 AccountingJobsToday.website
[2013/01/27 20:38:51 | 000,002,560 | ---- | M] () -- C:\WINDOWS\_MSRSTRT.EXE
[2013/01/27 09:51:24 | 000,000,193 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2013/01/27 09:50:45 | 000,001,387 | ---- | M] () -- C:\Users\Eduardo Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Some PDF to Txt Converter.lnk
[2013/01/27 09:40:47 | 002,219,654 | ---- | M] () -- C:\Users\Eduardo Dell\Documents\IMG_NEW.pdf
[2013/01/19 10:27:40 | 134,364,856 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\transunion 96-12.rtf
[2013/01/19 10:26:57 | 077,611,469 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\experian 9-6-12.rtf
[2013/01/19 10:22:37 | 422,433,744 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\equifax 1-2-2013.rtf
[2013/01/19 09:22:47 | 000,175,537 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\experian Score.pdf
[2013/01/19 09:21:53 | 000,138,709 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\equifax Score 1-2-13.pdf
[2013/01/19 09:19:13 | 001,514,085 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\equifax 1-2-2013.pdf
[2013/01/19 08:08:56 | 000,527,991 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\transunion 96-12.pdf
[2013/01/19 08:03:14 | 001,202,397 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\experian 9-6-12.pdf
[2013/01/18 21:20:18 | 000,264,796 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\eduardo-rabasa_equestrian-visions-xtreme-1.pdf
[2013/01/16 21:27:40 | 000,001,971 | ---- | M] () -- C:\Users\Eduardo Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk
[2013/01/15 01:00:05 | 000,002,378 | ---- | M] () -- C:\Users\Eduardo Dell\Documents\cc_20130115_010002.reg
[2013/01/15 00:59:50 | 000,034,152 | ---- | M] () -- C:\Users\Eduardo Dell\Documents\cc_20130115_005946.reg

========== Files Created - No Company Name ==========

[2013/02/11 15:14:10 | 000,020,531 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\Computer 1.GIF
[2013/02/09 01:27:35 | 005,020,880 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/02/09 01:27:32 | 744,609,618 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2013/02/08 12:08:51 | 000,000,844 | ---- | C] () -- C:\WINDOWS\uninstallstickies.bat
[2013/02/08 12:08:50 | 000,001,067 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
[2013/02/06 21:30:36 | 000,074,881 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\https___secure.bankofamerica.pdf
[2013/01/31 20:50:28 | 000,000,966 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2768428122-3267476443-1308564694-1000UA.job
[2013/01/31 20:50:27 | 000,000,914 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2768428122-3267476443-1308564694-1000Core.job
[2013/01/27 19:54:53 | 000,000,588 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\Finance and Accounting Resume Tips Monster.website
[2013/01/27 19:52:46 | 000,000,585 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\Accounting Jobs, Careers, Recruitment & Courses in Australia.website
[2013/01/27 19:37:07 | 000,000,611 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\Accountant General-Chartered-CPA Resumes @ CountingJobs.com.au.website
[2013/01/27 19:36:08 | 000,000,489 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\Controller Sample Resume 5 AccountingJobsToday.website
[2013/01/27 19:06:08 | 000,000,456 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\Resume Writing Tips by Ann Baehr.website
[2013/01/27 09:52:13 | 000,139,264 | ---- | C] () -- C:\WINDOWS\SysWow64\gswin32c.exe
[2013/01/27 09:51:22 | 000,000,193 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2013/01/27 09:50:45 | 000,001,387 | ---- | C] () -- C:\Users\Eduardo Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Some PDF to Txt Converter.lnk
[2013/01/27 09:40:47 | 002,219,654 | ---- | C] () -- C:\Users\Eduardo Dell\Documents\IMG_NEW.pdf
[2013/01/19 10:27:35 | 134,364,856 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\transunion 96-12.rtf
[2013/01/19 10:26:51 | 077,611,469 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\experian 9-6-12.rtf
[2013/01/19 10:14:57 | 422,433,744 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\equifax 1-2-2013.rtf
[2013/01/19 10:10:49 | 000,051,604 | ---- | C] () -- C:\WINDOWS\SysWow64\Adist5k.ppd
[2013/01/19 09:22:46 | 000,175,537 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\experian Score.pdf
[2013/01/19 09:21:52 | 000,138,709 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\equifax Score 1-2-13.pdf
[2013/01/19 08:35:14 | 001,514,085 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\equifax 1-2-2013.pdf
[2013/01/19 08:08:56 | 000,527,991 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\transunion 96-12.pdf
[2013/01/19 08:03:13 | 001,202,397 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\experian 9-6-12.pdf
[2013/01/18 21:20:17 | 000,264,796 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\eduardo-rabasa_equestrian-visions-xtreme-1.pdf
[2013/01/16 21:27:40 | 000,001,971 | ---- | C] () -- C:\Users\Eduardo Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk
[2013/01/16 21:27:40 | 000,001,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013/01/15 01:00:03 | 000,002,378 | ---- | C] () -- C:\Users\Eduardo Dell\Documents\cc_20130115_010002.reg
[2013/01/15 00:59:48 | 000,034,152 | ---- | C] () -- C:\Users\Eduardo Dell\Documents\cc_20130115_005946.reg
[2013/01/14 05:48:15 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/12/15 09:43:17 | 000,000,167 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Roaming\PLGComp.ini
[2012/12/02 11:04:52 | 000,234,544 | ---- | C] () -- C:\WINDOWS\RegBootClean64.exe
[2012/11/16 18:30:32 | 000,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2012/10/29 19:21:02 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2012/10/29 18:36:25 | 000,007,666 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Local\resmon.resmoncfg
[2012/10/28 23:40:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/10/26 16:42:24 | 000,336,232 | ---- | C] () -- C:\WINDOWS\SysWow64\DevManagerCore.dll
[2012/10/26 16:42:22 | 010,919,784 | ---- | C] () -- C:\WINDOWS\SysWow64\LogiDPP.dll
[2012/10/26 16:42:22 | 000,103,272 | ---- | C] () -- C:\WINDOWS\SysWow64\LogiDPPApp.exe
[2012/10/25 20:57:05 | 000,000,424 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2012/10/12 02:32:24 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2012/10/12 02:32:22 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2012/10/12 02:32:18 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2012/09/30 21:50:22 | 000,020,458 | ---- | C] () -- C:\Users\Eduardo Dell\MUSEM4DJ.GIF
[2012/08/20 21:09:29 | 000,758,650 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012/08/02 17:47:29 | 000,000,410 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/07/26 00:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012/07/26 00:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012/07/25 23:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/07/25 17:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012/07/25 12:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012/07/25 12:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012/07/15 21:51:56 | 000,003,584 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/08 09:17:57 | 000,191,470 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Local\census.cache
[2012/07/08 09:17:45 | 000,141,140 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Local\ars.cache
[2012/07/08 09:07:55 | 000,000,036 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Local\housecall.guid.cache
[2012/06/13 20:10:38 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2012/06/09 07:44:20 | 000,000,080 | RHS- | C] () -- C:\WINDOWS\SysWow64\3A7994E54F.dll
[2012/06/02 06:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/05/20 06:40:37 | 000,170,112 | -H-- | C] () -- C:\WINDOWS\SysWow64\mlfcache.dat
[2012/04/26 05:28:44 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\SysWow64\WebCamLib.dll
[2012/04/05 19:37:11 | 000,000,286 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2012/03/17 06:18:18 | 000,000,000 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Roaming\wklnhst.dat

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/11/05 20:19:27 | 019,789,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/11/05 20:20:00 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 19:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 19:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 19:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >
erabasa
Regular Member
 
Posts: 16
Joined: December 11th, 2012, 1:19 am

Re: Web browser stop constantly, and computer started crashi

Unread postby erabasa » February 11th, 2013, 7:34 pm

And now, Extras.txt:

OTL Extras logfile created on: 2/11/2013 3:20:13 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eduardo Dell\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16453)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.99 Gb Total Physical Memory | 14.26 Gb Available Physical Memory | 89.17% Memory free
31.99 Gb Paging File | 29.93 Gb Available in Paging File | 93.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1387.65 Gb Total Space | 1127.09 Gb Free Space | 81.22% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: EDUARDODELL-PC | User Name: Eduardo Dell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F3F1CC1-D0A2-468A-90BA-9E131FD77187}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2BF83103-6AD4-4ABF-ACF1-882142C63B9E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{31B90ED5-2311-429B-AD61-D564AFA9BFA1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{33D6A8FE-EEAD-4A5B-9FBE-273A281403B9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{41E51887-94FC-4D39-86AF-AF41C3C65332}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{566F8033-DF8F-4232-ACB3-1145BD2BFB0B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5DC695CB-6D3A-403D-9114-AD003D71A101}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{798FD128-0A67-4664-9E31-68AF021ED6FB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8CD460F6-45C9-465F-9350-503CD6608D2F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9D40D947-577B-450A-9056-EE2F716BD23F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A4312E39-56F5-48DF-9574-C636D68B2238}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C047AFAF-CDDF-4996-8860-F4E1C98ABED7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D5B4EAA8-6EE3-46AF-927B-495FE8467EC0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F5BA07DA-DD8E-4EC0-94BA-D30EEABE9856}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{040F20E2-A527-434A-A6E7-B21A7D23DB35}" = dir=out | name=stumbleupon |
"{0AFED9B0-9304-4C3F-94B1-5BC91389AC43}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0D4C8A81-5D6F-4D85-8255-5D711165F7D0}" = dir=out | name=currency converter |
"{0EC95CBD-74F3-4B22-AC11-FDDDB22255AE}" = dir=out | name=dictionary.com – dictionary & thesaurus |
"{0F0FE429-FB23-48D1-AA34-4926C20D9201}" = dir=out | name=khan academy |
"{10B991D5-DFD7-436B-8BAD-AE8325659843}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1179C6F0-7518-40C7-B6E5-9532B6168CCF}" = dir=out | name=bbc news mobile |
"{1D8E86E9-502F-4209-82FC-A0412F7D2F1D}" = dir=out | name=shazam |
"{20B8B257-838E-487A-8602-7383766649C7}" = dir=in | name=@{filmonlivetvfree.filmonlivetvfree_1.3.6.88_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/resources/app-name} |
"{212949C9-A3B9-4856-B544-B37CD5AC1F8E}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{25D3FD16-BE4E-4677-B75B-D30EF87A1303}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{283B91F0-9E4E-4CDC-B40C-BCF24077C880}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2AE4AD20-A874-44DB-9244-D4ADB306C1F5}" = dir=out | name=tedtalks hd |
"{2C33B277-0CC1-43F2-8FE0-9C5884295A49}" = dir=out | name=@{microsoft.bingfinance_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{2C67B6BA-7D36-40AC-B252-6AA343A976BA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{2DB94670-B7FC-436E-94BD-1C547AB6F23F}" = dir=out | name=lastpass |
"{2E1394B1-4093-4DF4-AC49-03F077232EAC}" = dir=out | name=fox business |
"{3315B42F-3AF3-4396-8028-DA3314D955B1}" = dir=out | name=news bento |
"{343108FB-AEEA-4892-ACDC-3A1F456322B0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{39D4DC1B-62F2-4EAE-ACC0-7532CBB16D62}" = protocol=6 | dir=out | app=system |
"{3D3100C5-F03B-4234-B6B1-453F70A672B2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{42C75B87-6207-45BD-848D-0193161259CC}" = dir=out | name=my history digest |
"{4B080460-6C31-42BC-94BE-28870A72C19E}" = protocol=6 | dir=in | app=c:\program files (x86)\iomega storcenter\sohoclient.exe |
"{4B38A1EB-09FB-441C-8200-514F25B6712C}" = dir=out | name=@{filmonlivetvfree.livetv_1.3.6.57_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.livetv/resources/app-name} |
"{4D1D74D9-C13B-4468-A040-05DE072B8FA7}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{4D483E34-29C3-4434-B303-FDAB85612A61}" = dir=out | name=piano8 |
"{505CA7B7-167D-4328-92A4-AA18DE201DA9}" = dir=out | name=google search |
"{5475AC23-E64C-4C32-9505-FA6E4614563C}" = dir=out | name=g maps |
"{5CB382B1-0D11-4179-995F-81C05CA6C1E7}" = dir=out | name=uvideos |
"{5E065D80-4C0A-47E2-8A9B-F3C0AC53945E}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{644849ED-C20C-4898-93E6-0B99450D63AF}" = dir=out | name=@{14c78905.trendmicrosafeguard_6.0.0.2185_neutral__y1xsffnhj35f6?ms-resource://14c78905.trendmicrosafeguard/resources/productname} |
"{6A97F122-D893-49A2-8A4B-9E6A2E601BFF}" = dir=out | name=usa today |
"{71293BD7-C30A-4ED6-A859-D038485D8647}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{74DD8DAC-5C2E-478F-A42E-D2F0AF97F02E}" = dir=out | name=vimeo |
"{74F5997E-3171-4945-9B2A-4057C456805B}" = dir=out | name=howstuffworks |
"{78FB0A4B-08F3-4F00-9357-76FAFBE8F6F9}" = dir=out | name=mushroom age |
"{7A1B57B0-2C51-4EB1-88C2-6414B6011126}" = dir=in | name=@{filmonlivetvfree.livetv_1.3.6.57_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.livetv/resources/app-name} |
"{7B589C7C-96BF-4F54-AE34-2341B40A001F}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{8771D0EF-6F5C-40C2-9120-1C444B4D5544}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{888FCDFA-0B23-45EC-B58F-CDA2C3BDCB0F}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{892613DD-6377-4E56-A9E2-52354947A70A}" = dir=out | name=@{filmonlivetvfree.filmonlivetvfree_1.3.6.88_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/resources/app-name} |
"{91CA0AB0-D637-4DC5-8A51-C6F5F1D23A10}" = dir=out | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{9567C6F6-76BA-4A1F-932F-35157303A54F}" = dir=out | name=radio soma |
"{9D85A76D-0E4E-419B-BB27-28630729C548}" = dir=in | name=lyrics |
"{9DC222E5-29FE-40E4-B50F-26564C04F23E}" = dir=in | name=@{14c78905.trendmicrosafeguard_6.0.0.2185_neutral__y1xsffnhj35f6?ms-resource://14c78905.trendmicrosafeguard/resources/productname} |
"{9E51B74E-C844-4BE0-B6DB-5371B657FB44}" = dir=out | name=youvue |
"{9FBD13EE-59CD-4D22-8209-406080F764AA}" = dir=out | name=backgrounds wallpapers hd |
"{A385FCC9-EE78-4D28-A85D-854572D36734}" = dir=out | name=scientific calculator pro |
"{A389D8E5-BF57-4B4A-A29B-CD8C86935958}" = dir=out | name=popular science |
"{A79E2146-7E23-477D-B5D4-37B864CC63D2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{A8EC7F11-B448-4E82-A3B0-C46D24F34C71}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{ABEA58A4-2F36-44B6-A0EA-8CA62E6332A7}" = dir=in | name=multimedia 8 |
"{AE0A46E4-36A1-45A7-AA42-5F953D35591A}" = dir=out | name=fhotoroom |
"{B353A35D-A372-4C95-9B64-59E53B4118D7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{B3AF71B5-22A0-4AC1-A63D-5AFC2EACC7DA}" = dir=out | name=@{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{B84D1854-1891-42FB-98A4-299C23E64BB4}" = dir=out | name=lyrics |
"{BBDFAEDC-1D7A-4197-81C0-4C73C2113526}" = dir=in | name=currency converter |
"{BD889C88-214A-495C-B70A-FA066C3ACCEF}" = dir=out | name=@{31026mc2.memonica-windows8tipstricks_1.0.0.11_neutral__fxfta2ss2hbe6?ms-resource://31026mc2.memonica-windows8tipstricks/resources/appname} |
"{C066D16C-8607-48A0-B905-929524708FD9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{C2967C29-4239-4125-8C91-AF5583158481}" = dir=in | name=music maker jam |
"{CBA9EFBE-6B27-4FB8-9676-8EDE88C77AF1}" = dir=out | name=music maker jam |
"{CBFC73AE-5EE5-4171-8A3B-1D0B24E93E0C}" = dir=out | name=fresh paint |
"{CF944B35-44C5-4689-A4A6-03CB6C0822D6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D1423D35-4628-4DF4-8EDE-49F7CB51CA02}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D2ADFDA0-72A4-42CF-B15D-616F01271F35}" = dir=out | name=bank of america |
"{D3784D6E-2BDE-420D-8D9A-043EBEAC149A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DC00035B-9707-4C94-B14B-12FA84F1995E}" = dir=out | name=photomatic |
"{DD2ABA5E-DB26-4099-A6C9-4562681191DA}" = dir=out | name=naturespace: relax meditate escape sleep |
"{DDED19BE-1D13-433C-96BC-82B27A0A6286}" = dir=out | name=kayak flights & hotels |
"{DDED307E-06D3-4CE6-9274-7476B6DB1991}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E10899B7-F03B-4D6E-844B-3E5F80A2E8CF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E194C309-738D-4E63-903D-A4372D8EE1E2}" = dir=out | name=cognitive kids |
"{E3442ECB-28E4-47AB-9187-7F499D665D32}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E4D471DB-3D55-4C1F-8313-9724C9EF4C46}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E9B1DE03-2E25-43BE-A648-589A15071B8B}" = dir=in | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{EA93804C-2F73-4282-A98D-992DB25E1CB7}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{EADF23FF-8FC2-434F-9DBD-1092E144E25C}" = dir=out | name=wikipedia |
"{EE2F4315-B974-49E2-871D-438E2DCD31F2}" = dir=out | name=facebook friends |
"{EE4E5F89-5E1E-44B6-A6E5-FC04FD78F7B2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F042294D-BDE5-4291-9C3B-4BB607D8C102}" = dir=out | name=gmaps |
"{F5109504-EE5E-4953-90C6-5E23A1C9FE8A}" = dir=out | name=multimedia 8 |
"{F677A07B-65F8-44FB-963E-F32E4C38D947}" = dir=out | name=wordweb |
"{F67E74CD-AD09-443E-BE23-CB463762D306}" = dir=out | name=netflix |
"{F7A59556-D3AE-4BAA-9602-3394E214DB76}" = protocol=17 | dir=in | app=c:\program files (x86)\iomega storcenter\sohoclient.exe |
"{FFD030CE-5C99-4724-8167-BBCB50C0590F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FFE9EF61-8CAB-46B1-8AE1-EF2CFEB77BEA}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{FFF3E437-4A04-420C-807E-D5D913BD296B}" = dir=out | name=@{14c78905.trendmicromalwaremap_6.0.0.2184_neutral__y1xsffnhj35f6?ms-resource://14c78905.trendmicromalwaremap/resources/productname} |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02AD9D20-03D2-4DE0-8793-E8253026AD86}" = EMCGadgets64
"{0335701D-8E28-4A7F-B0EF-312974755BB2}" = Modem Diagnostic Tool
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP970_series" = Canon MP970 series
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0925-000001000000}" = 7-Zip 9.25 (x64 edition)
"{2A51F4EA-AC2C-4715-A55A-8042E27EF65D}" = ZyXEL PLA42xx Series Configuration
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{62B883AB-AC37-9127-56D0-2C3FC0AFC724}" = ccc-utility64
"{6554CC56-48CD-3F9E-5A71-CCB04DA6B4BC}" = ATI Catalyst Install Manager
"{66E2237E-2E10-48A2-B8D3-2092B8BA8484}" = Classic Shell
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7A30C6E4-056F-3B4D-DD0D-36EBEF03417F}" = ATI AVIVO64 Codecs
"{7AB6F8D7-7804-4662-BE8C-1AFCCD602D9F}" = Microsoft Mouse and Keyboard Center
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Maximum Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C30BB9AD-F9E4-4506-B416-57C03702998D}" = Nitro Reader 2
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_HSF" = Conexant D850 PCI V.92 Modem
"HFRS_is1" = Trend Micro SafeSync
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"ZonerPhotoStudio14_EN_is1" = Zoner Photo Studio 14

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{097E59B5-CCAB-46B6-6A0B-EDF2CA595C84}" = CCC Help French
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}" = Netflix in Windows Media Center
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{1C7DA16A-255C-4E65-9BBB-0445FA9A036D}" = Spotflux
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1FD2E976-6FCF-493C-979C-B99AAAF4081A}}_is1" = PhoneTrans Pro 1.0.6
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25FAEDD1-3733-86F7-55F5-D7AEAF2D93B0}" = CCC Help Danish
"{280DF415-F2C2-122F-CC52-AA7EAECF3E14}" = CCC Help Czech
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2D943F95-2C76-4951-9AEF-0977AF5DE11A}" = AMD Fusion Media Explorer
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32773B3E-45CA-5CA3-0A6A-E3FF592B3AD3}" = Catalyst Control Center Graphics Previews Vista
"{36CEA188-3DFA-6391-4774-C92D4B092407}" = Skins
"{3CE715EB-457A-4C92-A907-0895AC264F75}_is1" = Pavtube Blu-ray Ripper Ver 4.1.3.4090
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Netwaiting
"{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
"{451517F1-7E41-400B-AA36-FB7E2563526D}" = DW 1525 Driver Installation
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{46D936B9-DE22-983C-341C-968C3E122CF8}" = CCC Help Dutch
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{480C0D1B-C42A-FD87-F404-A54D9B1C619C}" = CCC Help Hungarian
"{481AB4A0-BB71-F2D9-E155-89F0D773FE9E}" = Catalyst Control Center Localization All
"{53447D64-FD9C-B3B9-25B3-47292EE10EBF}" = CCC Help Japanese
"{56158912-D481-DE3A-298C-E13B24E3A87C}" = Catalyst Control Center Graphics Full New
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6262B40D-FAA5-5CCF-6DE3-9FAFB6C7DC89}" = Catalyst Control Center Graphics Previews Common
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64997420-9AFE-289E-1B7A-E2C59937D973}" = CCC Help Portuguese
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BBC8D43-AA08-8FCD-EDA6-EED2342A4FF0}" = CCC Help Turkish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72E5E3F5-5BE3-BA64-49A6-4FA26EF69721}" = Catalyst Control Center InstallProxy
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{749FCBB7-D313-CCCA-E2CF-7850A019311F}" = CCC Help Finnish
"{74CC9A1B-4A3D-AEEC-3ED6-71F7B42A5EFE}" = CCC Help Chinese Traditional
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A21C722-F259-4976-B7AA-6658E5FDEDAF}" = Google Drive
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}" = AMD Fusion Utility for Desktops
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"{8BBCF476-7566-9129-F7C0-619087484138}" = CCC Help Norwegian
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FF50F43-7BB0-4BF4-C67F-F9BF254AC278}" = CCC Help Spanish
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90FF23FE-0E1B-40DF-A22E-B4C0372E5936}" = Iomega Product Registration
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9DD96558-0E0C-8563-E00D-C970155C5503}" = CCC Help German
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A24AAF6D-3EDB-43da-89BE-1A95D5CFA672}_is1" = Aiseesoft Blu-ray Copy 6.3.6
"{A5355F15-F98B-4704-9BAE-E53B9FE48F48}" = SDFormatter
"{A58E067E-2C66-B40A-AF7A-4A82307E671C}" = CCC Help Thai
"{A69D7B32-2BE9-42BF-B576-69B5E0FF7394}" = Catalyst Control Center - Branding
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA43D433-3DE8-F2CA-1728-4BA962D9FAE4}" = CCC Help Chinese Standard
"{AD17B1DD-9342-F787-92EC-E93441042A23}" = CCC Help English
"{ADE3CACC-EC31-480C-83A0-587EE60CE8DF}" = RamBooster
"{AF1D271B-B122-1707-6707-9E29A96082D2}" = CCC Help Polish
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2F3DBD9-A9D2-4838-B45D-C917DAB32BC3}" = ScanSoft OmniPage SE 4
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BB2CB14A-F3A3-4BBF-9111-EBC82049ABA6}" = Roxio Creator Premier
"{BCC57687-98A2-4C4C-B0F8-BC6B6F52D4E3}" = Retrospect Express HD 2.5
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BEE0F537-96FA-8F84-FB5E-570EE86F636A}" = Catalyst Control Center Core Implementation
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CDD450A5-9F2E-1D61-5FEB-DDD30E985D23}" = CCC Help Korean
"{CF5C7154-98F4-4D44-A58C-8BC19751CCCC}" = Roxio Creator Premier 10
"{D5BAE960-8312-3EB3-A116-3F5926A1E7B7}" = Catalyst Control Center Graphics Full Existing
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E4382E64-1EB5-09D2-5D29-FEBB46A6F340}" = CCC Help Italian
"{E580ED1F-AAF8-4F7E-B174-54BFA2B94E0B}}_is1" = AnyTrans 3.3.0
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E980ED1F-AOF8-PF7E-B174-59POS2BOIUVB}}_is1" = PhoneClean 1.4.0
"{E9E8E4CC-8274-3831-7103-10B2AD73588C}" = CCC Help Russian
"{EA100873-8DD1-4505-2D61-9666569B54B6}" = Catalyst Control Center Graphics Light
"{EB9F3F92-4857-4121-AA6F-1C424AC6C266}_is1" = Screen Recording Suite V2.4.8
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Premier
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0B50B3A-0C1F-43D8-BE90-70241B473114}}_is1" = PhoneTrans 2.0.0
"{F0B50B3A-0C1F-43D8-BE9A-70ADFB473114}}_is1" = AppTrans 1.1.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26A0379-5852-CA4C-0BF6-662AC274A3D8}" = CCC Help Swedish
"{F8C87E78-B318-C156-F8B0-427F6D3FC443}" = CCC Help Greek
"{FF527B68-2D1D-B15B-0FFC-8BF8487AD194}" = ccc-core-static
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.15
"Ashampoo Burning Studio 11_is1" = Ashampoo Burning Studio 11 v.11.0.4
"Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3.20
"Ashampoo Photo Optimizer 3_is1" = Ashampoo Photo Optimizer 3 v.3.13
"Ashampoo Undeleter_is1" = Ashampoo Undeleter v.1.1.0
"Ashampoo_US Toolbar" = Ashampoo US Toolbar
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Canon MP970 series User Registration" = Canon MP970 series User Registration
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Cisco Connect" = Cisco Connect
"Dell Dock" = Dell Dock
"DPP" = Canon Utilities Digital Photo Professional 3.10
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"EOS Sample Music" = Canon Utilities EOS Sample Music
"EOS Utility" = Canon Utilities EOS Utility
"EOS Video Snapshot Task" = Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX
"Free PDF Solutions PDF to WORD_is1" = Free PDF Solutions PDF to WORD version 1.0
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"HDVideoConverterFactoryPro" = HD Video Converter Factory Pro
"iCare Data Recovery_is1" = iCare Data Recovery 5.0
"InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
"InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"Iomega StorCenter" = Iomega StorCenter
"LastPass" = LastPass (uninstall only)
"Light Developer_is1" = Light Developer v7.1, build 12452
"LS-815EE836-7F81-47A9-8C3F-123C58F89CAE_is1" = Lazesoft Data Recovery version 3.2 Professional Edition
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MusicBee" = MusicBee 2.0
"MyAshampoo Toolbar" = MyAshampoo Toolbar
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"Nightly 20.0a1 (x86 en-US)" = Nightly 20.0a1 (x86 en-US)
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"SoftSkin Photo Makeup_is1" = SoftSkin Photo Makeup 1.0
"Some PDF to Txt Converter_is1" = Some PDF to Txt Converter 2.0
"STANDARDR" = Microsoft Office Standard 2007
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WinX HD Video Converter Deluxe_is1" = WinX HD Video Converter Deluxe 3.12.2
"ZhornStickies" = Stickies 7.1e
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"bd4d3a0508d364f5" = Dell Driver Download Manager
"CopyTrans Suite" = CopyTrans Suite Remove Only
"MusicManager" = Music Manager

< End of report >
erabasa
Regular Member
 
Posts: 16
Joined: December 11th, 2012, 1:19 am

Re: Web browser stop constantly, and computer started crashi

Unread postby nunped » February 12th, 2013, 5:01 pm

Hi erabasa,

We need to perform a reset of Google Chrome, and the only way to do it is to reinstall it:

Step 1 - Reinstall Chrome
  1. From the top or bottom right corner a widget panel appears, select Settings.
  2. Select, click Control Panel to open.
  3. Depending on your current view setting
    • Double click on Programs and Features.
      or
    • Under Programs, click on Uninstall a program.
  4. Locate the following program(s):
    Ashampoo US Toolbar
    Google Chrome
    MyAshampoo Toolbar
  5. Select the program and click on [b]Uninstall to uninstall it.
    Carefully read any prompts...
    Some uninstallers prompt in a way to trick you into keeping the program, sometimes, preventing them from being uninstalled again!
  6. Repeat steps 4 - 5 for each program in the list. When finished... Close the Control Panel window.

You can reinstall Chrome from: https://www.google.com/intl/en/chrome/browser/

Step 2 - OTL fix
  • Right click OTL.exe and select "Run as Administrator" to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:commands
[createrestorepoint]

:OTL
IE - HKLM\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor= {searchTerms}
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor= {searchTerms}
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes\{714CA69F-6531-490C-BACC-7FC7521EB826}: "URL" = http://search.conduit.com/ResultsExt.aspx?q= {searchTerms}&SearchSource=4&ctid=CT2481032
O3 - HKLM\..\Toolbar: (no name) - {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - No CLSID value found.
@Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:0B4227B4

:commands
[emptytemp]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Step 3 - SystemLook
Please download SystemLook from the link below and save it to your Desktop.
Download Mirror #1
  • Double-click [b]SystemLook.exe to run it.
  • Copy and paste the contents of the following codebox into the main textfield:
    Code: Select all
    :filefind
    *Fun4IM*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    *babylon*
    
    :folderfind
    *Fun4IM*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    *babylon*
    
    :Regfind
    Fun4IM
    Bandoo
    Searchnu
    Searchqu
    iLivid
    whitesmoke
    datamngr
    kelkoopartners
    trolltech
    babylon
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan.
  • Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Web browser stop constantly, and computer started crashi

Unread postby erabasa » February 13th, 2013, 2:25 am

Otl fix log:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{597b1823-7ff0-4cd3-8095-9d8cba514992}\ not found.
Registry key HKEY_USERS\S-1-5-21-2768428122-3267476443-1308564694-1000\Software\Microsoft\Internet Explorer\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{597b1823-7ff0-4cd3-8095-9d8cba514992}\ not found.
Registry key HKEY_USERS\S-1-5-21-2768428122-3267476443-1308564694-1000\Software\Microsoft\Internet Explorer\SearchScopes\{714CA69F-6531-490C-BACC-7FC7521EB826}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{714CA69F-6531-490C-BACC-7FC7521EB826}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{f20de5e0-2a6e-4c54-985f-1cf59551ce39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f20de5e0-2a6e-4c54-985f-1cf59551ce39}\ not found.
ADS C:\ProgramData\TEMP:0B4227B4 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default.migrated

User: Eduardo Dell
->Temp folder emptied: 10617898 bytes
->Temporary Internet Files folder emptied: 289511185 bytes
->Java cache emptied: 53506 bytes
->FireFox cache emptied: 137480104 bytes
->Google Chrome cache emptied: 6867246 bytes
->Flash cache emptied: 5930 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 187050 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 299057 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 757 bytes
RecycleBin emptied: 1203270352 bytes

Total Files Cleaned = 1,572.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02122013_221015

Files\Folders moved on Reboot...
C:\Users\Eduardo Dell\AppData\Local\Temp\~DFA9951CFA54776D0E.TMP moved successfully.
C:\Users\Eduardo Dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\7A7E08C8-3FF5-45F2-873D-A84D669DC82F.dat moved successfully.
C:\Users\Eduardo Dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LUM3ILJQ\viewtopic[1].htm moved successfully.
C:\Users\Eduardo Dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File\Folder C:\WINDOWS\temp\hsperfdata_EDUARDODELL-PC$\1952 not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
erabasa
Regular Member
 
Posts: 16
Joined: December 11th, 2012, 1:19 am

Re: Web browser stop constantly, and computer started crashi

Unread postby erabasa » February 13th, 2013, 2:29 am

Systemlook log:

SystemLook 30.07.11 by jpshortstuff
Log created at 22:22 on 12/02/2013 by Eduardo Dell
Administrator - Elevation successful

========== filefind ==========

Searching for "*Fun4IM*"
No files found.

Searching for "*Bandoo*"
No files found.

Searching for "*Searchnu*"
No files found.

Searching for "*Searchqu*"
No files found.

Searching for "*iLivid*"
No files found.

Searching for "*whitesmoke*"
No files found.

Searching for "*datamngr*"
No files found.

Searching for "*trolltech*"
No files found.

Searching for "*babylon*"
C:\Windows.old\$Recycle.Bin\S-1-5-21-2768428122-3267476443-1308564694-1000\$R0GD3N8\DIR725\anyuser@babylon-x[2].txt --a---- 71 bytes [01:30 01/10/2000] [01:30 01/10/2000] 49BF3A2279B31DD7CBBC165A15AE2ADC
C:\Windows.old\$Recycle.Bin\S-1-5-21-2768428122-3267476443-1308564694-1000\$RCT9EH7\DIR1099\anyuser@babylon-x[2].txt --a---- 71 bytes [01:30 01/10/2000] [01:30 01/10/2000] B7D939EA4172843CC9946730634EC801

========== folderfind ==========

Searching for "*Fun4IM*"
No folders found.

Searching for "*Bandoo*"
No folders found.

Searching for "*Searchnu*"
No folders found.

Searching for "*Searchqu*"
No folders found.

Searching for "*iLivid*"
No folders found.

Searching for "*whitesmoke*"
No folders found.

Searching for "*datamngr*"
No folders found.

Searching for "*trolltech*"
No folders found.

Searching for "*babylon*"
No folders found.

========== Regfind ==========

Searching for "Fun4IM"
No data found.

Searching for "Bandoo"
No data found.

Searching for "Searchnu"
No data found.

Searching for "Searchqu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"

Searching for "iLivid"
No data found.

Searching for "whitesmoke"
No data found.

Searching for "datamngr"
No data found.

Searching for "kelkoopartners"
No data found.

Searching for "trolltech"
[HKEY_CURRENT_USER\Software\Trolltech]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QSqlDriverFactoryInterface:]
[HKEY_USERS\S-1-5-21-2768428122-3267476443-1308564694-1000\Software\Trolltech]
[HKEY_USERS\S-1-5-21-2768428122-3267476443-1308564694-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-2768428122-3267476443-1308564694-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-2768428122-3267476443-1308564694-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-2768428122-3267476443-1308564694-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QSqlDriverFactoryInterface:]

Searching for "babylon"
No data found.

-= EOF =-
erabasa
Regular Member
 
Posts: 16
Joined: December 11th, 2012, 1:19 am

Re: Web browser stop constantly, and computer started crashi

Unread postby nunped » February 13th, 2013, 10:03 am

Hi erabasa,

Step 1 - OTL fix
  • Right click OTL.exe and select "Run as Administrator" to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:commands
[createrestorepoint]

:files
C:\Windows.old\$Recycle.Bin\S-1-5-21-2768428122-3267476443-1308564694-1000\$R0GD3N8\DIR725\anyuser@babylon-x[2].txt
C:\Windows.old\$Recycle.Bin\S-1-5-21-2768428122-3267476443-1308564694-1000\$RCT9EH7\DIR1099\anyuser@babylon-x[2].txt

:Reg
[-HKEY_CURRENT_USER\Software\Trolltech]
[-HKEY_USERS\S-1-5-21-2768428122-3267476443-1308564694-1000\Software\Trolltech]

:commands
[emptytemp]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Step 2
  • Have you successfully reinstalled Chrome?
  • How is your computer behaving now?
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Web browser stop constantly, and computer started crashi

Unread postby erabasa » February 14th, 2013, 12:51 am

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== FILES ==========
C:\Windows.old\$Recycle.Bin\S-1-5-21-2768428122-3267476443-1308564694-1000\$R0GD3N8\DIR725\anyuser@babylon-x[2].txt moved successfully.
C:\Windows.old\$Recycle.Bin\S-1-5-21-2768428122-3267476443-1308564694-1000\$RCT9EH7\DIR1099\anyuser@babylon-x[2].txt moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Trolltech\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2768428122-3267476443-1308564694-1000\Software\Trolltech\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default.migrated

User: Eduardo Dell
->Temp folder emptied: 317482 bytes
->Temporary Internet Files folder emptied: 92645235 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1058 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 93966 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 964624379 bytes

Total Files Cleaned = 1,009.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02132013_204610

Files\Folders moved on Reboot...
C:\Users\Eduardo Dell\AppData\Local\Temp\~DF33C8462D89A61319.TMP moved successfully.
C:\Users\Eduardo Dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\7A7E08C8-3FF5-45F2-873D-A84D669DC82F.dat moved successfully.
C:\Users\Eduardo Dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z50TVTBE\viewtopic[1].htm moved successfully.
C:\Users\Eduardo Dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File\Folder C:\WINDOWS\temp\hsperfdata_EDUARDODELL-PC$\2004 not found!
C:\WINDOWS\temp\winstore.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
erabasa
Regular Member
 
Posts: 16
Joined: December 11th, 2012, 1:19 am

Re: Web browser stop constantly, and computer started crashi

Unread postby erabasa » February 14th, 2013, 2:15 am

Yes!!!!!

I was able to work on the browser with heavy architectural pages and not a single issue. This is amazing, I had suffer thinking it was the video card, the power unit, etc, etc. and now I think we got it.

Thank you very much and really I appreciate your effort and time, please share my gratitude with any body who help.

Cheers,
erabasa
Regular Member
 
Posts: 16
Joined: December 11th, 2012, 1:19 am

Re: Web browser stop constantly, and computer started crashi

Unread postby erabasa » February 15th, 2013, 1:24 am

Well it was not long lived. Tonight while trying the browsers both internet explorer and firefox crashed again. The difference this time, is that the programs get stock without being able to fully close or reopen for a while. The messages after the crash are:
We're Sorry
Firefox had a problem and crashed. We'll try to restore your tabs and windows when it restarts.
To help us diagnose and fix the problem, you can send us a crash report.

Internet Explore has stopped working
A problem caused the program to stop working correctly.

Let's try again if possible please!
erabasa
Regular Member
 
Posts: 16
Joined: December 11th, 2012, 1:19 am

Re: Web browser stop constantly, and computer started crashi

Unread postby nunped » February 15th, 2013, 2:41 pm

Hi erabasa,

Step 1 - New scan with OTL
  • Right-click OTL.exe (or OTL.com or OTL.scr) and select "Run as Administrator" to launch the program.
  • Click the Scan All Users checkbox.
    Leave the remaining selections to the default settings.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  • Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Step 2 - GMER
Please download GMER Rootkit Scanner from Here.
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Note: Do not run any programs while Gmer is running.
  • Right click the .exe file and chose Run as Administrator. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All << (don't miss this one)
    See image below, Click the image to enlarge it
    Image
  • Then click the Scan button & wait for it to finish
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file
  • Save it where you can easily find it, such as your desktop, and post it in your next reply
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 380 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware