Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Need help with computer.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Need help with computer.

Unread postby GeorgeGamer » February 21st, 2014, 2:48 pm

I am on a windows 7 computer and we recently just got the internet back after 2 months and it seems to be running really slow and has virus's on it. I would like help removing these virus's and anything else which is unnecessary on a computer, or may cause it to run slower, such as tool bars or gaming mods like wildtangent or pogo or stuff like that. Here is my Hijackthis

Any information you need to help me, just ask


__________________________________________________________


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:47:29 PM, on 2/21/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16798)
Boot mode: Normal

Running processes:
C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\ProgramData\MovieMode\MovieMode.exe
C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Users\Nathan\AppData\Roaming\Search Protection\SearchProtection.exe
C:\Program Files (x86)\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\PureLeads\PureLeadsTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Leigh\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQDSK/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT33147 ... 9819&SSPV=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: CrossriderApp0049074 - {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.91\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Updater By SweetPacks Helper - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: EnhanceTronic - {f530d5e8-9d18-4cba-b7cc-95944f9ebe3d} - C:\Program Files (x86)\EnhanceTronic\EnhanceTronicbho.dll
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.91\AVG SafeGuard toolbar_toolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [PureLeads Tray] "C:\Program Files (x86)\PureLeads\PureLeadsTray.exe"
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Nathan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [SearchProtection] "C:\Users\Nathan\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.8.130\SSScheduler.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\plsapp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\plsapp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\plsapp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\plsapp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\plsapp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Comcast AntiSpyware (AntiSpywareService) - Unknown owner - C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: MgAssist Service (MgAssistService) - Unknown owner - C:\Program Files (x86)\Mobogenie\MgAssist.exe
O23 - Service: Movie Mode (MovieMode) - GenTechnologies Apps, LLC - C:\ProgramData\MovieMode\MovieModeService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: plsapp - Sendori - C:\Program Files (x86)\PureLeads\plsapp.exe
O23 - Service: PlsvcV1 - PureLeads - C:\Program Files (x86)\PureLeads\PureLeadsSvc.exe
O23 - Service: PlsvcV2 - sendori - C:\Program Files (x86)\PureLeads\PureLeads.Service.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update EnhanceTronic - Unknown owner - C:\Program Files (x86)\EnhanceTronic\updateEnhanceTronic.exe
O23 - Service: Updater By SweetPacks - Unknown owner - C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
O23 - Service: Util EnhanceTronic - Unknown owner - C:\Program Files (x86)\EnhanceTronic\bin\utilEnhanceTronic.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater17.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe

--
End of file - 15268 bytes
GeorgeGamer
Active Member
 
Posts: 12
Joined: February 21st, 2014, 2:39 pm
Advertisement
Register to Remove

Re: Need help with computer.

Unread postby Cypher » February 23rd, 2014, 11:52 am

Hi and welcome to Malware Removal Forum.
My name is Cypher, and I will be helping you with your malware problems.
This may or may not, solve other issues you have with your machine.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Remember, absence of symptoms does not mean the infection is all gone.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Post an uninstall list
  • Open HijackThis.
  • Click on the Open the Misc Tools section button.
  • Look under System tools.
  • Click on the Open Uninstall Manager... button.
  • Click on the Save list... button.
  • It will prompt you to save. Save this log in a convenient location. By default it's named uninstall_list.txt.
  • Notepad will open. Please post this log in your next reply.

Next.

Please download zoek.exe and save it to your desktop.
  • Close any open browsers.
  • Temporarily disable your AntiVirus program. (If necessary)
  • Right click on zoek.exe and select " Run as administrator " to run it.
  • Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up.
  • Click the More Options button below the large panel and check the box:

    • Auto Clean
  • Click on Run script button
  • Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
  • Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.

    Note: It will also create a log in the C:\ directory named "zoek-results.log"

Next.

Please download OTL by Old Timer and save it to your Desktop.

  • Right click on OTL.exe and select " Run as administrator " to run it.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Logs/Information to Post in your Next Reply

  • Uninstall list.
  • zoek-results.log.
  • OTL.txt and Extra.txt contents.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Need help with computer.

Unread postby GeorgeGamer » February 23rd, 2014, 2:46 pm

Alright Yea I am familiar with this website, i know not to use other ones at the same time. besides i only trust this one anyways :P Anyways when i downloaded zoek and tried to open it, it never opened at all. I tried for a while but I gave up and i hope it doesnt prevent us from completing our mission. Here are the files you requested



_____________________________UNINSTALL LIST______________________________

Adobe Flash Player 10 Plugin
Adobe Flash Player 12 ActiveX
Adobe Reader X (10.1.5)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Software Update
AVG SafeGuard toolbar
Bing Bar
Compatibility Pack for the 2007 Office system
CyberLink DVD Suite Deluxe
CyberLink DVD Suite Deluxe
D3DX10
DivX Web Player
DVD Flick 1.3.0.7
Google Chrome
Google Update Helper
HDVidCodec
Hewlett-Packard ACLM.NET v1.2.1.1
HP Advisor
HP Customer Experience Enhancements
HP Games
HP Product Detection
HP Remote Solution
HP Remote Solution
HP Setup
HP Support Assistant
HP Update
ImgBurn
Java 7 Update 51
Java(TM) 6 Update 22
Junk Mail filter update
LabelPrint
LabelPrint
LightScribe System Software
Mesh Runtime
Messenger Companion
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mobogenie
Movie Mode
MSVCRT
MSVCRT_amd64
Pando Media Booster
PC Tools Registry Mechanic 11.1
PictureMover
Power2Go
Power2Go
PowerDirector
PowerDirector
PowerISO
PureLeads
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Recovery Manager
Safari
Search Protect
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
swMSM
System Requirements Lab
System Requirements Lab CYRI
System Requirements Lab Detection
The weDownload Manager
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update Installer for WildTangent Games App
VC80CRTRedist - 8.0.50727.762
VSO ConvertXToDVD
WildTangent Games App
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mail
Windows Live Mesh
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer Resources
ZoneAlarm Antivirus
ZoneAlarm Firewall
ZoneAlarm Free Firewall
ZoneAlarm Security
ZoneAlarm Security Toolbar

@@@PS. Zonealarm has been acting weird, i would like to have it removed and reinstalled.@@@


_______________________________OTL Text__________________________

as mOTL logfile created on: 2/23/2014 1:10:09 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nathan\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16798)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 39.84% Memory free
5.50 Gb Paging File | 3.10 Gb Available in Paging File | 56.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.79 Gb Total Space | 370.82 Gb Free Space | 81.36% Space Free | Partition Type: NTFS
Drive D: | 9.87 Gb Total Space | 1.48 Gb Free Space | 14.98% Space Free | Partition Type: NTFS
Drive E: | 4.33 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: BRAT | User Name: Nathan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2014/02/23 13:09:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nathan\Downloads\OTL.exe
PRC - [2014/02/23 13:01:55 | 000,154,232 | ---- | M] (Noël Danjou) -- C:\Users\Nathan\AppData\Local\Temp\wget.exe
PRC - [2014/02/23 12:58:50 | 001,284,608 | ---- | M] () -- C:\Users\Nathan\Desktop\zoek.exe
PRC - [2014/02/20 21:58:46 | 002,552,856 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
PRC - [2014/02/19 21:55:55 | 001,772,056 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
PRC - [2014/02/19 21:55:55 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
PRC - [2014/02/19 20:03:06 | 000,859,464 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/02/19 13:43:10 | 000,080,680 | ---- | M] () -- C:\Program Files (x86)\EnhanceTronic\updateEnhanceTronic.exe
PRC - [2014/02/19 13:31:44 | 000,391,680 | ---- | M] (weDownload) -- C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-updater.exe
PRC - [2014/02/19 13:31:38 | 000,411,136 | ---- | M] (weDownload) -- C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-enabler.exe
PRC - [2014/02/19 13:31:24 | 000,947,200 | ---- | M] (weDownload) -- C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-firefoxinstaller.exe
PRC - [2014/02/19 13:10:02 | 000,080,680 | ---- | M] () -- C:\Program Files (x86)\EnhanceTronic\bin\utilEnhanceTronic.exe
PRC - [2014/02/19 12:13:01 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2014/02/19 12:11:30 | 000,775,872 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
PRC - [2014/02/19 12:11:30 | 000,063,168 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\MgAssist.exe
PRC - [2014/02/12 07:52:12 | 004,539,168 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
PRC - [2014/02/12 07:52:12 | 002,981,664 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
PRC - [2014/02/12 07:52:12 | 002,362,656 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
PRC - [2014/02/10 18:33:12 | 000,055,440 | ---- | M] (GenTechnologies Apps, LLC) -- C:\ProgramData\MovieMode\MovieModeService.exe
PRC - [2014/02/10 18:32:54 | 000,151,184 | ---- | M] (GenTechnologies Apps, LLC) -- C:\ProgramData\MovieMode\MovieMode.exe
PRC - [2014/02/05 03:34:16 | 000,840,552 | ---- | M] (Spigot, Inc.) -- C:\Users\Nathan\AppData\Roaming\Search Protection\SearchProtection.exe
PRC - [2014/01/29 20:55:08 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2014/01/23 18:12:52 | 000,091,936 | ---- | M] (PureLeads) -- C:\Program Files (x86)\PureLeads\PureLeadsSvc.exe
PRC - [2014/01/23 18:12:52 | 000,083,232 | ---- | M] (PureLeads) -- C:\Program Files (x86)\PureLeads\PureLeadsTray.exe
PRC - [2014/01/23 18:12:50 | 003,690,784 | ---- | M] (Sendori) -- C:\Program Files (x86)\PureLeads\plsapp.exe
PRC - [2014/01/23 18:12:50 | 000,024,352 | ---- | M] (sendori) -- C:\Program Files (x86)\PureLeads\PureLeads.Service.exe
PRC - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
PRC - [2013/08/14 15:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/02/28 12:37:14 | 000,188,760 | ---- | M] () -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
PRC - [2013/01/27 08:36:02 | 000,337,432 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/08/21 13:43:58 | 000,794,272 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012/08/21 13:43:58 | 000,105,120 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/11/20 07:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2009/06/17 12:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe


========== Modules (No Company Name) ==========

MOD - [2014/02/23 12:58:50 | 001,284,608 | ---- | M] () -- C:\Users\Nathan\Desktop\zoek.exe
MOD - [2014/02/20 21:58:46 | 002,552,856 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
MOD - [2014/02/20 16:01:51 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4412bbbb473c356b5ea3e1ea13b25f52\System.Management.ni.dll
MOD - [2014/02/20 15:52:41 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\72284863df9bea3f081ae98996400619\PresentationFramework.Aero.ni.dll
MOD - [2014/02/20 15:52:30 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\4b1795df6372b251625f958595e08d3d\System.Web.ni.dll
MOD - [2014/02/20 15:52:22 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll
MOD - [2014/02/20 15:51:45 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\fe1942c05eda4f9744f80afb4ae76a2d\System.Data.ni.dll
MOD - [2014/02/20 15:51:07 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f703846404bb66a4ae03ef8133755007\PresentationFramework.ni.dll
MOD - [2014/02/20 15:50:46 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/20 15:50:38 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/20 15:50:36 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\f9bb7cc29930815b098e26853962c1de\UIAutomationTypes.ni.dll
MOD - [2014/02/20 15:50:35 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\660ac5d6da77df8e86fb26f05c6a9816\PresentationCore.ni.dll
MOD - [2014/02/20 15:50:21 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014/02/20 15:50:04 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/20 15:49:56 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/20 15:49:54 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/20 15:49:45 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/02/19 21:55:55 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
MOD - [2014/02/19 20:03:05 | 000,394,568 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppgooglenaclpluginchrome.dll
MOD - [2014/02/19 20:03:04 | 013,632,840 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
MOD - [2014/02/19 20:03:03 | 004,060,488 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
MOD - [2014/02/19 20:02:59 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
MOD - [2014/02/19 20:02:58 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll
MOD - [2014/02/19 20:02:56 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
MOD - [2014/02/19 20:02:54 | 000,051,016 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
MOD - [2014/02/19 12:11:30 | 000,775,872 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MOD - [2014/02/19 12:11:30 | 000,471,040 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DCR.dll
MOD - [2014/02/19 12:11:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\Device.dll
MOD - [2014/02/10 18:32:54 | 001,152,656 | ---- | M] () -- C:\Windows\SysWOW64\MovieMode.48CA2AEFA22D.dll
MOD - [2013/03/23 15:49:16 | 000,037,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2010/11/04 20:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/09/29 18:25:46 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2009/09/29 18:25:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2009/09/29 18:25:38 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2009/09/29 18:25:38 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2009/09/29 18:25:38 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2009/09/29 18:25:36 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2009/09/29 18:25:28 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2009/09/29 18:25:18 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/09/06 12:32:06 | 000,288,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/02/28 12:37:14 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/03/27 13:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2014/02/20 15:56:39 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/19 21:55:55 | 001,772,056 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe -- (vToolbarUpdater17.3.0)
SRV - [2014/02/19 13:43:10 | 000,080,680 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EnhanceTronic\updateEnhanceTronic.exe -- (Update EnhanceTronic)
SRV - [2014/02/19 13:10:02 | 000,080,680 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EnhanceTronic\bin\utilEnhanceTronic.exe -- (Util EnhanceTronic)
SRV - [2014/02/19 12:11:30 | 000,063,168 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Mobogenie\MgAssist.exe -- (MgAssistService)
SRV - [2014/02/12 07:52:12 | 002,362,656 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2014/02/10 18:33:12 | 000,055,440 | ---- | M] (GenTechnologies Apps, LLC) [Auto | Running] -- C:\ProgramData\MovieMode\MovieModeService.exe -- (MovieMode)
SRV - [2014/01/29 20:55:08 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stop_Pending] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2014/01/27 20:15:18 | 000,227,904 | ---- | M] (WildTangent) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2014/01/23 18:12:52 | 000,091,936 | ---- | M] (PureLeads) [Auto | Running] -- C:\Program Files (x86)\PureLeads\PureLeadsSvc.exe -- (PlsvcV1)
SRV - [2014/01/23 18:12:50 | 003,690,784 | ---- | M] (Sendori) [Auto | Running] -- C:\Program Files (x86)\PureLeads\plsapp.exe -- (plsapp)
SRV - [2014/01/23 18:12:50 | 000,024,352 | ---- | M] (sendori) [Auto | Start_Pending] -- C:\Program Files (x86)\PureLeads\PureLeads.Service.exe -- (PlsvcV2)
SRV - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService)
SRV - [2013/08/14 15:19:24 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/27 10:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/08/21 13:43:58 | 000,794,272 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/17 12:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/02/19 21:55:55 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/10/23 11:00:56 | 000,454,168 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2013/10/09 01:31:54 | 000,489,568 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2013/07/17 02:02:04 | 007,717,984 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2013/01/27 08:35:46 | 000,127,384 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/08/13 06:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/30 12:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {96E44610-527E-4900-8145-49370B34A28F}
IE:64bit: - HKLM\..\SearchScopes\{96E44610-527E-4900-8145-49370B34A28F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{9C91DE74-9191-4202-862D-807C47706800}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{96E44610-527E-4900-8145-49370B34A28F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{9C91DE74-9191-4202-862D-807C47706800}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2418376
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10042&barid={3F634DF0-A702-11E2-8FD4-002354F99EB2}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT33147 ... 9819&SSPV=
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.conduit.com/Results.aspx? ... 7739819&q={searchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{76798B12-AE0C-4108-8737-A53950CC1A1E}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =586383&p={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg.com/search?cid={79ED0A06-BA30-42D6-9279-4E558876B58B}&mid=3cf163f016a747d18c17d16a121d7741-347812de67ab6b9107a97ea1038e113b0051b0a4&lang=en&ds=oc011&coid=avgtbdisoc&cmpid=&pr=sa&d=2014-02-19 21:57:09&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll File not found
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX [2013/04/16 20:59:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\2.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox [2013/04/16 20:59:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/02/19 12:13:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91 [2014/02/19 21:57:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014/02/19 12:13:38 | 000,000,000 | ---D | M]

[2013/04/16 20:58:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjagnifjocnddgeknajocbkkhlgibem\5.2.2_0\
CHR - Extension: No name found = C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: No name found = C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: No name found = C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek\1.0_2\
CHR - Extension: No name found = C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli\2.1_0\
CHR - Extension: No name found = C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\
CHR - Extension: No name found = C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (The weDownload Manager) - {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho64.dll (weDownload)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension64.dll ()
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (The weDownload Manager) - {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho.dll (weDownload)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.91\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (EnhanceTronic) - {f530d5e8-9d18-4cba-b7cc-95944f9ebe3d} - C:\Program Files (x86)\EnhanceTronic\EnhanceTronicBHO.dll (EnhanceTronic)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.91\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe ()
O4 - HKLM..\Run: [PureLeads Tray] C:\Program Files (x86)\PureLeads\PureLeadsTray.exe (PureLeads)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKCU..\Run: [NextLive] C:\Users\Nathan\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
O4 - HKCU..\Run: [SearchProtection] C:\Users\Nathan\AppData\Roaming\Search Protection\SearchProtection.EXE (Spigot, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\plsapp.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\plsapp.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\plsapp.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\plsapp.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\plsapp.dll (Sendori)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4091BD3D-4A59-48F8-8FA7-C0E933889BDD}: DhcpNameServer = 75.75.76.76 75.75.75.75
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (Conduit)
O20 - AppInit_DLLs: (c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll) - c:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (Conduit)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/23 13:02:12 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014/02/22 12:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2014/02/22 12:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2014/02/21 20:51:05 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\HP Support Assistant
[2014/02/21 20:50:08 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\HpUpdate
[2014/02/20 06:07:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/02/20 04:30:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/02/20 04:29:16 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Apple Computer
[2014/02/20 01:37:01 | 000,000,000 | ---D | C] -- C:\Users\Nathan\Documents\dvd
[2014/02/20 01:28:09 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\DVD Flick
[2014/02/20 01:28:06 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\ImgBurn
[2014/02/19 21:57:51 | 000,439,296 | ---- | C] (Sendori) -- C:\Windows\SysNative\plsapp64.dll
[2014/02/19 21:57:49 | 000,354,592 | ---- | C] (Sendori) -- C:\Windows\SysWow64\plsapp.dll
[2014/02/19 21:57:49 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\AVG SafeGuard toolbar
[2014/02/19 21:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\PureLeads
[2014/02/19 21:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PureLeads
[2014/02/19 21:57:06 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014/02/19 21:56:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2014/02/19 21:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2014/02/19 21:56:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2014/02/19 21:55:12 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\OpenCandy
[2014/02/19 21:55:08 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2014/02/19 21:55:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2014/02/19 21:39:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick
[2014/02/19 21:39:29 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\ssubtmr6.dll
[2014/02/19 21:39:29 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\Windows\SysWow64\trayicon_handler.ocx
[2014/02/19 21:39:29 | 000,028,672 | ---- | C] (-) -- C:\Windows\SysWow64\mousewheel.ocx
[2014/02/19 21:39:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Flick
[2014/02/19 21:11:30 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Nathan\AppData\Roaming\pcouffin.sys
[2014/02/19 21:11:30 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Vso
[2014/02/19 21:11:30 | 000,000,000 | ---D | C] -- C:\Users\Nathan\Documents\PcSetup
[2014/02/19 21:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\VSO
[2014/02/19 21:11:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VSO
[2014/02/19 15:44:07 | 007,717,984 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2014/02/19 15:44:02 | 000,489,568 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2014/02/19 15:44:02 | 000,090,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2014/02/19 15:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2014/02/19 15:37:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Check Point Software Technologies LTD
[2014/02/19 15:37:48 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Check Point Software Technologies LTD
[2014/02/19 15:37:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint
[2014/02/19 15:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2014/02/19 13:34:34 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Search Protection
[2014/02/19 13:33:45 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\BitTorrent
[2014/02/19 13:32:24 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2014/02/19 13:31:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The weDownload Manager
[2014/02/19 13:31:20 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\SearchProtect
[2014/02/19 13:31:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2014/02/19 12:24:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/02/19 12:24:43 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2014/02/19 12:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/02/19 12:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/02/19 12:14:11 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\RealNetworks
[2014/02/19 12:14:04 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Real
[2014/02/19 12:13:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2014/02/19 12:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2014/02/19 12:13:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2014/02/19 12:13:04 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2014/02/19 12:12:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2014/02/19 12:12:37 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Real
[2014/02/19 12:12:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/02/19 12:11:54 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Google
[2014/02/19 12:11:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/02/19 12:11:10 | 000,000,000 | ---D | C] -- C:\Users\Nathan\.android
[2014/02/19 12:11:09 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\cache
[2014/02/19 12:11:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2014/02/19 12:11:06 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\newnext.me
[2014/02/19 12:11:06 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\genienext
[2014/02/19 12:11:05 | 000,000,000 | ---D | C] -- C:\Users\Nathan\Documents\Mobogenie
[2014/02/19 12:11:05 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Mobogenie
[2014/02/19 12:11:01 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
[2014/02/19 12:10:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobogenie
[2014/02/19 12:10:47 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\MovieMode
[2014/02/19 12:10:40 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Programs
[2014/02/19 12:10:07 | 000,000,000 | ---D | C] -- C:\ProgramData\MovieMode
[2014/02/19 12:09:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EnhanceTronic
[2014/02/19 11:29:47 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Apple
[2014/02/19 11:23:12 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Macromedia
[2014/02/17 20:37:40 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\ElevatedDiagnostics
[2014/02/17 20:33:56 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\iWin
[2014/02/17 20:01:32 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Adobe
[2014/02/17 20:00:53 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\WildTangent
[2014/02/17 19:22:32 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\.minecraft
[2014/02/17 19:22:02 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Hewlett-Packard
[2014/02/17 19:22:01 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Hewlett-Packard
[2014/02/17 19:21:59 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Zemana
[2014/02/17 19:21:59 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\ID Vault
[2014/02/17 19:21:59 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Apple Computer
[2014/02/17 19:21:51 | 000,000,000 | R--D | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/02/17 19:21:51 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Searches
[2014/02/17 19:21:51 | 000,000,000 | R--D | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/02/17 19:21:51 | 000,000,000 | -H-D | C] -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/02/17 19:21:49 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\dll-files.com
[2014/02/17 19:21:42 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Identities
[2014/02/17 19:21:40 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Contacts
[2014/02/17 19:21:35 | 000,000,000 | --SD | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Videos
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Saved Games
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Pictures
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Music
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Links
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Favorites
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Downloads
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Documents
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Desktop
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\AppData\Local\Temporary Internet Files
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Templates
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Start Menu
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\SendTo
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Recent
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\PrintHood
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\NetHood
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Documents\My Videos
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Documents\My Pictures
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Documents\My Music
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\My Documents
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Local Settings
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\AppData\Local\History
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Cookies
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Application Data
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\AppData\Local\Application Data
[2014/02/17 19:21:35 | 000,000,000 | -H-D | C] -- C:\Users\Nathan\AppData
[2014/02/17 19:21:35 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Temp
[2014/02/17 19:21:35 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Microsoft
[2014/02/17 19:21:35 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Media Center Programs

========== Files - Modified Within 30 Days ==========

[2014/02/23 13:07:17 | 001,414,034 | ---- | M] () -- C:\Users\Nathan\Desktop\zoek.scr
[2014/02/23 13:07:13 | 001,414,034 | ---- | M] () -- C:\Users\Nathan\Desktop\zoek.com
[2014/02/23 12:58:50 | 001,284,608 | ---- | M] () -- C:\Users\Nathan\Desktop\zoek.exe
[2014/02/23 12:56:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/23 12:53:16 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/23 12:53:16 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
[2014/02/23 12:53:12 | 000,001,550 | ---- | M] () -- C:\Windows\tasks\The weDownload Manager-codedownloader.job
[2014/02/23 12:53:10 | 000,002,544 | ---- | M] () -- C:\Windows\tasks\The weDownload Manager-firefoxinstaller.job
[2014/02/23 12:53:10 | 000,001,594 | ---- | M] () -- C:\Windows\tasks\The weDownload Manager-updater.job
[2014/02/23 12:53:10 | 000,001,448 | ---- | M] () -- C:\Windows\tasks\The weDownload Manager-enabler.job
[2014/02/23 12:27:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/23 10:19:55 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/23 10:19:55 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/23 10:12:58 | 000,140,300 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2014/02/23 10:07:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/23 10:07:04 | 2214,043,648 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/22 12:27:26 | 000,001,937 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/02/21 20:45:19 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2014/02/21 13:09:35 | 000,002,149 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/21 03:24:54 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/21 03:24:54 | 000,624,162 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/21 03:24:54 | 000,106,538 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/20 15:35:04 | 000,330,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/02/20 05:05:28 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/02/20 05:05:28 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/02/19 21:55:55 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014/02/19 21:55:08 | 000,001,831 | ---- | M] () -- C:\Users\Nathan\Desktop\ImgBurn.lnk
[2014/02/19 21:39:32 | 000,001,880 | ---- | M] () -- C:\Users\Nathan\Desktop\DVD Flick.lnk
[2014/02/19 21:11:30 | 000,099,384 | ---- | M] () -- C:\Users\Nathan\AppData\Roaming\inst.exe
[2014/02/19 21:11:30 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\Nathan\AppData\Roaming\pcouffin.sys
[2014/02/19 21:11:30 | 000,007,859 | ---- | M] () -- C:\Users\Nathan\AppData\Roaming\pcouffin.cat
[2014/02/19 21:11:30 | 000,001,167 | ---- | M] () -- C:\Users\Nathan\AppData\Roaming\pcouffin.inf
[2014/02/19 21:11:27 | 000,001,186 | ---- | M] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\ConvertXToDVD 5.lnk
[2014/02/19 16:24:06 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2014/02/19 16:15:10 | 000,002,245 | ---- | M] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/02/19 15:39:37 | 000,417,513 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2014/02/19 15:38:54 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2014/02/19 13:34:30 | 000,000,876 | ---- | M] () -- C:\Users\Nathan\Desktop\BitTorrent.lnk
[2014/02/19 13:34:30 | 000,000,856 | ---- | M] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2014/02/19 13:32:02 | 000,002,430 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
[2014/02/19 13:31:15 | 000,002,660 | ---- | M] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - wildgames.lnk
[2014/02/19 12:25:20 | 000,000,032 | ---- | M] () -- C:\Users\Nathan\jagex_cl_runescape_LIVE.dat
[2014/02/19 12:13:42 | 000,001,230 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2014/02/19 12:13:04 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2014/02/19 12:11:01 | 000,000,985 | ---- | M] () -- C:\Users\Nathan\Desktop\Mobogenie.lnk
[2014/02/19 11:17:42 | 000,001,403 | ---- | M] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/02/17 18:33:07 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForLeigh.job
[2014/02/17 18:32:33 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2014/02/10 18:32:54 | 001,152,656 | ---- | M] () -- C:\Windows\SysWow64\MovieMode.48CA2AEFA22D.dll

========== Files Created - No Company Name ==========

[2014/02/23 12:58:33 | 001,284,608 | ---- | C] () -- C:\Users\Nathan\Desktop\zoek.exe
[2014/02/23 10:12:58 | 000,140,300 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2014/02/20 05:05:28 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/02/20 05:05:28 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/02/19 21:55:08 | 000,001,861 | ---- | C] () -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2014/02/19 21:55:08 | 000,001,831 | ---- | C] () -- C:\Users\Nathan\Desktop\ImgBurn.lnk
[2014/02/19 21:39:32 | 000,001,880 | ---- | C] () -- C:\Users\Nathan\Desktop\DVD Flick.lnk
[2014/02/19 21:11:30 | 000,099,384 | ---- | C] () -- C:\Users\Nathan\AppData\Roaming\inst.exe
[2014/02/19 21:11:30 | 000,007,859 | ---- | C] () -- C:\Users\Nathan\AppData\Roaming\pcouffin.cat
[2014/02/19 21:11:30 | 000,001,167 | ---- | C] () -- C:\Users\Nathan\AppData\Roaming\pcouffin.inf
[2014/02/19 21:11:27 | 000,001,186 | ---- | C] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\ConvertXToDVD 5.lnk
[2014/02/19 15:39:10 | 000,417,513 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2014/02/19 15:38:54 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2014/02/19 13:34:30 | 000,000,876 | ---- | C] () -- C:\Users\Nathan\Desktop\BitTorrent.lnk
[2014/02/19 13:34:30 | 000,000,856 | ---- | C] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2014/02/19 13:32:01 | 000,002,430 | ---- | C] () -- C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
[2014/02/19 13:31:44 | 000,001,594 | ---- | C] () -- C:\Windows\tasks\The weDownload Manager-updater.job
[2014/02/19 13:31:38 | 000,001,448 | ---- | C] () -- C:\Windows\tasks\The weDownload Manager-enabler.job
[2014/02/19 13:31:34 | 000,001,550 | ---- | C] () -- C:\Windows\tasks\The weDownload Manager-codedownloader.job
[2014/02/19 13:31:24 | 000,002,544 | ---- | C] () -- C:\Windows\tasks\The weDownload Manager-firefoxinstaller.job
[2014/02/19 13:31:14 | 000,002,660 | ---- | C] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - wildgames.lnk
[2014/02/19 12:25:20 | 000,000,032 | ---- | C] () -- C:\Users\Nathan\jagex_cl_runescape_LIVE.dat
[2014/02/19 12:24:41 | 000,001,937 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/02/19 12:13:42 | 000,001,230 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2014/02/19 12:12:33 | 000,002,245 | ---- | C] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/02/19 12:12:33 | 000,002,149 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/19 12:12:02 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/19 12:12:00 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/19 12:11:01 | 000,000,985 | ---- | C] () -- C:\Users\Nathan\Desktop\Mobogenie.lnk
[2014/02/19 11:17:42 | 000,001,403 | ---- | C] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/02/17 19:21:52 | 000,001,419 | ---- | C] () -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/02/17 19:21:35 | 000,000,290 | ---- | C] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/02/17 19:21:35 | 000,000,272 | ---- | C] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/02/17 18:32:33 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2014/02/17 08:23:48 | 001,414,034 | ---- | C] () -- C:\Users\Nathan\Desktop\zoek.scr
[2014/02/17 08:23:48 | 001,414,034 | ---- | C] () -- C:\Users\Nathan\Desktop\zoek.com
[2014/02/10 18:32:54 | 001,152,656 | ---- | C] () -- C:\Windows\SysWow64\MovieMode.48CA2AEFA22D.dll
[2013/09/02 01:32:19 | 000,000,023 | ---- | C] () -- C:\Windows\kodakpcd.ini
[2010/10/08 17:56:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/02/17 19:22:35 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\.minecraft
[2014/02/19 22:34:07 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\BitTorrent
[2014/02/19 15:37:48 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\Check Point Software Technologies LTD
[2014/02/17 19:21:49 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\dll-files.com
[2014/02/17 19:21:59 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\ID Vault
[2014/02/20 01:28:06 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\ImgBurn
[2014/02/17 20:33:56 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\iWin
[2014/02/23 12:58:53 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\newnext.me
[2014/02/19 21:55:12 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\OpenCandy
[2014/02/19 13:34:34 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\Search Protection
[2014/02/19 21:11:30 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\Vso
[2014/02/19 13:31:24 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\WildTangent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >


_________Not enough room, extra is continued in next post____________
GeorgeGamer
Active Member
 
Posts: 12
Joined: February 21st, 2014, 2:39 pm

Re: Need help with computer.

Unread postby GeorgeGamer » February 23rd, 2014, 2:48 pm

extras



OTL Extras logfile created on: 2/23/2014 1:10:09 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nathan\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16798)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 39.84% Memory free
5.50 Gb Paging File | 3.10 Gb Available in Paging File | 56.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.79 Gb Total Space | 370.82 Gb Free Space | 81.36% Space Free | Partition Type: NTFS
Drive D: | 9.87 Gb Total Space | 1.48 Gb Free Space | 14.98% Space Free | Partition Type: NTFS
Drive E: | 4.33 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: BRAT | User Name: Nathan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{048A412C-1346-42C7-B71E-F690FC205C58}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{069CD325-70E3-43D7-AFCF-6E4C950CCEC8}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{0A5B790B-AC38-4B65-9157-0C23AB72278A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B6C31DC-7383-44D3-8662-82CDE9777012}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{0CB30F73-3BE5-47CB-B033-26C47767642A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{12CE80CB-D771-48A8-A2E3-B55BC069E0C9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1642A3A8-E039-490A-B4F0-86E5284EC61B}" = lport=139 | protocol=6 | dir=in | app=system |
"{1F23C980-9D0C-473B-8D1F-045D57BF892D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1FB3957B-8271-4929-B5F3-7669CD2B88E1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{22239A55-BF7B-433C-904F-9C0765130597}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{2EAC46D3-6871-4BA6-B440-502C85E1780E}" = rport=138 | protocol=17 | dir=out | app=system |
"{3AD5822A-8624-4B96-9EB9-CCBE851ED23D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{3B80A8A7-C246-4A21-802A-AD13417D10C4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{3B819403-8ABF-49CF-9729-739814CAB1FE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{3BF80B5F-F76E-49C1-84BB-BE24922C88D3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{429FD445-029B-433B-B8D4-AE8D43AFA7EA}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{42D0049E-659E-4094-AC09-69FBB7011C6F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{42E577AB-2956-4853-B619-69620E2E55D2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{463BCDE2-6469-48ED-A8FD-304DECAB0C67}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{48F15233-EE38-4B3E-AE52-254B1454A004}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{49C0C394-E092-40DD-A761-D2529BDC4908}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4BEF7308-1975-45D4-B5D2-5242340BD53B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{5243C1D5-47EE-418F-B3DC-430D59FD69FD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{578F9AE7-FEC8-45AE-A08E-BCC6797FF387}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{5C37E37D-6670-4CA9-AAEE-CF242ABA398A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{5D1972E7-4097-48D8-8B17-6678BCED3015}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{5EC0D506-6912-40D3-9ECD-B36F1E4C9D24}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5F77287F-860A-4B3F-AA94-320FF89FEA9A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{62092788-88D6-4D01-BD68-2B3154861A1A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{690BA100-3574-49AA-86DB-278E90E317D9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{6D918623-6113-4C90-85D9-F491960A737C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{770B8BB7-D63D-4371-94EC-95A1EB8C4B83}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{788CAA92-8C35-476F-8E63-1C511B9D010C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{78DF561A-C98A-4CEE-99B6-32C56347C5A5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7A8C2BB4-D867-44EF-A412-DDAC80248631}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7B8A9510-B269-4343-9F7B-37CA839D0B93}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7C252824-6228-431C-B88E-5E95A8DBC5DA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7DE15050-F26B-4A2B-BA7E-0C011A063F46}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7FAE5C79-137C-48EF-9A6E-18F7203B3684}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{850E68E4-3451-4F86-AC05-AA68FF987396}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{85C9256A-C981-459A-8A66-6A4A28ED97AC}" = lport=138 | protocol=17 | dir=in | app=system |
"{88E88CF4-99C8-4666-A53F-E8A467A02148}" = lport=10243 | protocol=6 | dir=in | app=system |
"{895ED2BF-D2B7-483D-950A-751940AE09F4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8A9237D2-0DF1-44AE-9153-432E3F608D16}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{90C9005B-06CD-436D-8C1E-155DAB4A3B16}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9A181F92-60DF-47BF-908C-3FEA9123C369}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9AACE435-F12B-42A4-AFEB-A3C4B67B174F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{9B9F3770-158F-48CD-B496-B18669953FB4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{9BE2C9E4-1BD5-4B15-8705-451130ABA299}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{A4E41AA1-9950-41AA-8E78-A6814A30BB6F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{ACD93CEA-9702-4E97-A7CE-C485FAB80CCC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AEE28A2E-B598-46BD-AE89-6E6C4BCE2BD5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{B2496D38-DEEC-41AF-B216-00E4B0E82625}" = rport=445 | protocol=6 | dir=out | app=system |
"{B7FE5DE6-2A05-45D9-A81D-DB8655BB21A4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{B8C39C45-E5F3-4653-B910-BA44F60A4CFE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{BC8A9F91-0C77-4368-AF72-7A1875E38AD5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{BD835839-95D7-47EE-A703-6EED928C93C8}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C987FA06-CC09-4596-B7D4-BB02CBC4D059}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{CA7A0018-0111-4DA3-93B9-E13EBAB6848E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{CDCFD86A-70C9-4C78-AEB4-9A2FF9EB97AE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{CEE15B1C-690B-431F-987E-891A3CFF29BC}" = rport=139 | protocol=6 | dir=out | app=system |
"{D645E057-3888-492F-BECD-A34898B88A8F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{D91BDD9C-0E2C-4A17-B004-61A03016483E}" = lport=137 | protocol=17 | dir=in | app=system |
"{DC9C902A-A279-4A90-B5E9-E7493E2F828C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E32677E9-DDA5-49CE-82E9-AB5DE07BEF84}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E4492416-F5DD-4C2D-BEFD-C16336DC8756}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E5B73E93-79EF-4501-A631-612A9EF8A8C9}" = rport=137 | protocol=17 | dir=out | app=system |
"{E7466FED-90CD-4BCE-9860-7F3F9C53092C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E93C1577-0DAB-4A50-8854-C5676F2F5602}" = rport=10243 | protocol=6 | dir=out | app=system |
"{ECE6F388-9481-4454-8CB7-668EDD3218D3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F2FFD93B-89EA-4B3F-96C4-3364BB55F3DC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F625BBE3-A110-49DE-8145-5219F17A0B74}" = lport=445 | protocol=6 | dir=in | app=system |
"{F8207F55-7DAD-45FC-B7B9-B6BC73021FDB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0941E54A-765F-4D1F-A0F7-8C590B6DB6DD}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{1DFE154D-FEE9-47B6-A242-3B013F0437C4}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{22020135-4207-4A91-A8E6-080EEC22EA45}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2944E753-3962-414F-AAA1-467F9643787B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{2E03DDF3-70BC-484A-B64F-3E9DCE74F686}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{2F56123B-59A6-4D01-B27E-EC08442F64E9}" = protocol=6 | dir=in | app=c:\users\leigh\appdata\roaming\spotify\spotify.exe |
"{30EE49B1-240D-4ECC-8D75-6AFA9AE5DB1E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3492FBD9-82CA-4B90-AF14-66274D28A76A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{35976CBF-BE15-4442-90DB-7853F4CE04D6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3EC40D51-5058-45D6-B210-75F542B3364D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{53EB68DE-6C8C-4DF4-8655-8529D2D0FE11}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{572A8E9D-70E0-401E-9AC5-78C5A9EAD160}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{57656479-3D52-4575-8EC9-A682AEFE7804}" = protocol=17 | dir=in | app=c:\users\nathan\appdata\roaming\bittorrent\bittorrent.exe |
"{579A3248-DD4F-4362-9C38-D6567424C5FF}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{5D52CCC2-6E44-40C8-B9CD-4F45CF10741F}" = protocol=6 | dir=in | app=c:\users\leigh\appdata\roaming\spotify\spotify.exe |
"{60DBEA1E-B739-443A-87BE-38D683752518}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{61D3D47B-727E-4363-8A08-5B19CB575775}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6D4FA8E4-9CE0-47BC-9D92-236A4AC74237}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6E5DD78E-233C-470B-BEC1-81885EA10438}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{716828C0-B61B-4B04-93BB-EFCB81072B8A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{721933DE-AF01-492B-9146-6884CA06DC12}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{82DC5ADA-5019-464E-9224-9996CE75CD01}" = protocol=6 | dir=out | app=system |
"{84359E82-82FF-4568-A7E5-6617F22250E1}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{A3D7C6F4-4975-419B-BE62-BC7DD76C92E9}" = protocol=17 | dir=in | app=c:\users\leigh\appdata\roaming\spotify\spotify.exe |
"{A709C2A9-BE30-41C3-A07E-E51643D0AD8D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A72818A2-916C-42C9-AAA1-A78830BEBE78}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B1C41E8B-FA9C-45BF-BDEF-C6EE5CF61018}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B4157798-AEE7-4B12-8DE0-4EADBD0D657C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B65B38E9-D968-4AB8-BB24-221E4D1C229D}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{B85C1CBE-3BD7-41B3-A8D6-53EF3D7743F6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BD084E6F-3C36-4EFA-94C3-3F4C13144CE3}" = protocol=17 | dir=in | app=c:\users\leigh\appdata\roaming\spotify\spotify.exe |
"{BEBB09D2-999C-41E1-95BB-C610E56B2C39}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C824BE97-AD6E-44E0-A4B6-879EFB78B24F}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D3EE30F0-40D7-4835-AADD-E73A392647AC}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D838E06D-3AA6-4126-8C73-6A927089801F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D8737664-9DAA-459F-AD8B-3D8C05A3A961}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D96C80E2-15BE-4009-A154-4533B86954CC}" = protocol=6 | dir=in | app=c:\users\nathan\appdata\roaming\bittorrent\bittorrent.exe |
"{DC4964A3-F92E-4605-BC0C-C9FEFF7AD89E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DE88CA55-E77A-4335-9CA0-20F20B0F8C41}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E1951B8B-FBC1-4540-929E-8E70C9D88B79}" = protocol=58 | dir=in | app=system |
"{E639FBFD-2D81-471A-9830-9CA742B91304}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{ECE3A879-EEDB-42C8-995F-C8D6F2B9737F}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{EDE06014-F6B6-4396-A981-FFD097FA64CE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{EFBE544F-50E0-46C8-BC4F-723C4F7C3ADA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F393D21E-65B2-4F23-83A2-3F2A6CE2EBB5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F57C5353-99F6-4FD4-9704-A8B6624A7D21}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{124C9C4B-E2BE-4665-AA1A-5F7E50C54B71}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{D476C0D2-91A5-4E85-B271-6783DEE893A6}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{1777AE74-AA9C-4153-BBD8-EF70C467582C}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{3D75185B-CB89-47D1-881A-A29C7B046FFD}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1" = Updater By SweetPacks 2.0.0.566
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"EnhanceTronic" = EnhanceTronic
"LSI Soft Modem" = LSI PCI-SV92EX Soft Modem
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1152429F-E6F3-472B-8556-DD6DB666A31B}" = ZoneAlarm Security
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 51
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6BE22EEE-C8CD-4B16-B17E-E036C00B473B}" = ZoneAlarm Firewall
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92F39985-0DA5-4CC4-869F-2A3048C182E6}" = System Requirements Lab
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A407FC22-36BF-4C82-A516-59D94BC505A9}" = System Requirements Lab Detection
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.5)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1" = VSO ConvertXToDVD
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9EDC330-8D87-48EE-92E0-871B9AAFA7F0}" = ZoneAlarm Antivirus
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"1ClickDownload" = HDVidCodec
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"DVD Flick_is1" = DVD Flick 1.3.0.7
"Google Chrome" = Google Chrome
"HP Remote Solution" = HP Remote Solution
"ImgBurn" = ImgBurn
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Mobogenie" = Mobogenie
"MovieMode" = Movie Mode
"PowerISO" = PowerISO
"PureLeads" = PureLeads
"RealPlayer 16.0" = RealPlayer
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.1
"SearchProtect" = Search Protect
"The weDownload Manager" = The weDownload Manager
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"zonealarm" = ZoneAlarm Security Toolbar
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"Search Protection" = Search Protection

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/5/2012 7:26:38 PM | Computer Name = brat | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/5/2012 7:26:38 PM | Computer Name = brat | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4431

Error - 11/5/2012 7:26:38 PM | Computer Name = brat | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4431

Error - 11/5/2012 7:26:39 PM | Computer Name = brat | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/5/2012 7:26:39 PM | Computer Name = brat | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5445

Error - 11/5/2012 7:26:39 PM | Computer Name = brat | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5445

Error - 11/5/2012 7:26:40 PM | Computer Name = brat | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/5/2012 7:26:40 PM | Computer Name = brat | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6490

Error - 11/5/2012 7:26:40 PM | Computer Name = brat | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6490

Error - 11/5/2012 7:26:41 PM | Computer Name = brat | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/5/2012 7:26:41 PM | Computer Name = brat | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7488

[ Hewlett-Packard Events ]
Error - 1/16/2013 1:06:20 AM | Computer Name = brat | Source = HPSF.exe | ID = 4000
Description =

Error - 1/16/2013 1:07:21 AM | Computer Name = brat | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088hpsa_service.exe at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 2815 Ram Utilization: 50 TargetSite: Void UpdateAndDetect()

Error - 1/20/2013 1:54:40 PM | Computer Name = brat | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 2815 Ram Utilization: TargetSite: Void UpdateAndDetect()

Error - 1/27/2013 9:25:07 PM | Computer Name = brat | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088hpsa_service.exe at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 2815 Ram Utilization: 30 TargetSite: Void UpdateAndDetect()

Error - 2/2/2013 2:32:26 PM | Computer Name = brat | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088hpsa_service.exe at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 2815 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 3/9/2013 1:50:46 PM | Computer Name = brat | Source = HPSF.exe | ID = 4000
Description =

Error - 3/9/2013 1:51:26 PM | Computer Name = brat | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 2815 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 3/14/2013 1:41:43 PM | Computer Name = brat | Source = HPSF.exe | ID = 4000
Description =

Error - 3/14/2013 1:52:38 PM | Computer Name = brat | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088hpsa_service.exe at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 2815 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 3/16/2013 12:29:45 PM | Computer Name = brat | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088hpsa_service.exe at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 2815 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

[ System Events ]
Error - 2/23/2014 9:09:39 AM | Computer Name = brat | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ehRecvr service.

Error - 2/23/2014 9:40:33 AM | Computer Name = brat | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ehRecvr service.

Error - 2/23/2014 9:41:03 AM | Computer Name = brat | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ehRecvr service.

Error - 2/23/2014 11:02:13 AM | Computer Name = brat | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 2/23/2014 11:02:43 AM | Computer Name = brat | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 2/23/2014 11:05:35 AM | Computer Name = brat | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 2/23/2014 11:06:05 AM | Computer Name = brat | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 2/23/2014 11:07:10 AM | Computer Name = brat | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:06:02 AM on ?2/?23/?2014 was unexpected.

Error - 2/23/2014 11:09:07 AM | Computer Name = brat | Source = Service Control Manager | ID = 7022
Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service hung
on starting.

Error - 2/23/2014 11:13:47 AM | Computer Name = brat | Source = Service Control Manager | ID = 7022
Description = The PlsvcV2 service hung on starting.


< End of report >
GeorgeGamer
Active Member
 
Posts: 12
Joined: February 21st, 2014, 2:39 pm

Re: Need help with computer.

Unread postby Cypher » February 24th, 2014, 10:41 am

Hi,
when i downloaded zoek and tried to open it, it never opened at all. I tried for a while but I gave up

How long did you wait? it could taken a minute or so to open.

Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

Next.

I see you have a "Registry Cleaner" installed.
PC Tools Registry Mechanic 11.1

All programs of this type are a complete and utter waste of time, and usually cause more problems than they ever resolve. The Registry in Windows is remarkably tolerant of "orphans" and will happily run with thousands of them without any measurable drop in performance. However, remove just one wrong Registry entry, and you can easily end up with problems, upto and including an unbootable machine. "Auto fixing" programs do not have a good record for not making errors.

The gain vs risk equation is not a good one, and I strongly recommend you uninstall this program.

Click Start > Control Panel > Uninstall a program.
Uninstall the following if present.
Adobe Reader X (10.1.5)
AVG SafeGuard toolbar
Java(TM) 6 Update 22
PC Tools Registry Mechanic 11.1
Search Protect
ZoneAlarm Security Toolbar


Next.

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Right click on adwcleaner.exe and select " Run as administrator " to run it.
  • Click on Scan.
  • When the scan has finished, uncheck any entries you don't want to remove, then click on Clean.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Next.

Post a new OTL log.

  • Right click on OTL.exe And select Run as administrator to run it.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When done, one Notepad file will open.
    • OTL.txt <-- Will be opened
  • Please post the contents of this Notepad file in your next reply.

Logs/Information to Post in your Next Reply

  • AdwCleaner log.
  • New OTL log.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Need help with computer.

Unread postby GeorgeGamer » February 24th, 2014, 12:55 pm

Hello cypher. I waiting at least 10 minutes at one point for zoek. I have no idea what is wrong with this computer. Before we continue, because nothing is working, I was wondering if may be some of the settings on my computer may be off, such as the uac settings or something which might be why i cant run as administrator. I downloaded the tcrb and was succesful at backing up the keyregs.I uninstalled the mentioned files. adwcleaner I installed and when i run the scan it works but when i click clean it says not responding and does nothing. I let it sit for like a half hour. Tried restarting and stuff and retrying and it freezes up each time and does not even shut down when i push end process. Its just frozen there.


I guess we didnt get much progress this time but here is the OTL.txt. Also I tried doing zoek again for about 20 minutes, nothing. :(



____________________________OTL.txt____________________________________

OTL logfile created on: 2/24/2014 11:44:30 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nathan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16798)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 51.37% Memory free
5.50 Gb Paging File | 3.51 Gb Available in Paging File | 63.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.79 Gb Total Space | 368.80 Gb Free Space | 80.92% Space Free | Partition Type: NTFS
Drive D: | 9.87 Gb Total Space | 1.48 Gb Free Space | 14.98% Space Free | Partition Type: NTFS
Drive E: | 4.33 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: BRAT | User Name: Nathan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/24 11:16:38 | 001,241,834 | ---- | M] () -- C:\Users\Nathan\Desktop\adwcleaner.exe
PRC - [2014/02/23 13:09:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nathan\Desktop\OTL.exe
PRC - [2014/02/19 20:03:06 | 000,859,464 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/02/19 13:43:10 | 000,080,680 | ---- | M] () -- C:\Program Files (x86)\EnhanceTronic\updateEnhanceTronic.exe
PRC - [2014/02/19 13:34:34 | 000,370,624 | ---- | M] () -- C:\Users\Nathan\AppData\Local\Temp\~nsu.tmp\Au_.exe
PRC - [2014/02/19 13:31:44 | 000,391,680 | ---- | M] (weDownload) -- C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-updater.exe
PRC - [2014/02/19 13:31:38 | 000,411,136 | ---- | M] (weDownload) -- C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-enabler.exe
PRC - [2014/02/19 13:31:24 | 000,947,200 | ---- | M] (weDownload) -- C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-firefoxinstaller.exe
PRC - [2014/02/19 13:10:02 | 000,080,680 | ---- | M] () -- C:\Program Files (x86)\EnhanceTronic\bin\utilEnhanceTronic.exe
PRC - [2014/02/19 12:13:01 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2014/02/19 12:11:30 | 000,775,872 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
PRC - [2014/02/19 12:11:30 | 000,063,168 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\MgAssist.exe
PRC - [2014/02/10 18:33:12 | 000,055,440 | ---- | M] (GenTechnologies Apps, LLC) -- C:\ProgramData\MovieMode\MovieModeService.exe
PRC - [2014/02/10 18:32:54 | 000,151,184 | ---- | M] (GenTechnologies Apps, LLC) -- C:\ProgramData\MovieMode\MovieMode.exe
PRC - [2014/02/05 03:34:16 | 000,840,552 | ---- | M] (Spigot, Inc.) -- C:\Users\Nathan\AppData\Roaming\Search Protection\SearchProtection.exe
PRC - [2014/01/29 20:55:08 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2014/01/23 18:12:52 | 000,091,936 | ---- | M] (PureLeads) -- C:\Program Files (x86)\PureLeads\PureLeadsSvc.exe
PRC - [2014/01/23 18:12:52 | 000,083,232 | ---- | M] (PureLeads) -- C:\Program Files (x86)\PureLeads\PureLeadsTray.exe
PRC - [2014/01/23 18:12:50 | 003,690,784 | ---- | M] (Sendori) -- C:\Program Files (x86)\PureLeads\plsapp.exe
PRC - [2014/01/23 18:12:50 | 000,024,352 | ---- | M] (sendori) -- C:\Program Files (x86)\PureLeads\PureLeads.Service.exe
PRC - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
PRC - [2013/08/14 15:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/02/28 12:37:14 | 000,188,760 | ---- | M] () -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
PRC - [2013/01/27 08:36:02 | 000,337,432 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2009/06/17 12:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe


========== Modules (No Company Name) ==========

MOD - [2014/02/24 11:16:38 | 001,241,834 | ---- | M] () -- C:\Users\Nathan\Desktop\adwcleaner.exe
MOD - [2014/02/20 16:01:51 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4412bbbb473c356b5ea3e1ea13b25f52\System.Management.ni.dll
MOD - [2014/02/20 15:52:41 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\72284863df9bea3f081ae98996400619\PresentationFramework.Aero.ni.dll
MOD - [2014/02/20 15:52:30 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\4b1795df6372b251625f958595e08d3d\System.Web.ni.dll
MOD - [2014/02/20 15:52:22 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll
MOD - [2014/02/20 15:51:45 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\fe1942c05eda4f9744f80afb4ae76a2d\System.Data.ni.dll
MOD - [2014/02/20 15:51:07 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f703846404bb66a4ae03ef8133755007\PresentationFramework.ni.dll
MOD - [2014/02/20 15:50:46 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/20 15:50:38 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/20 15:50:36 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\f9bb7cc29930815b098e26853962c1de\UIAutomationTypes.ni.dll
MOD - [2014/02/20 15:50:35 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\660ac5d6da77df8e86fb26f05c6a9816\PresentationCore.ni.dll
MOD - [2014/02/20 15:50:21 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014/02/20 15:50:04 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/20 15:49:56 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/20 15:49:54 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/20 15:49:45 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/02/19 20:03:05 | 000,394,568 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppgooglenaclpluginchrome.dll
MOD - [2014/02/19 20:03:04 | 013,632,840 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
MOD - [2014/02/19 20:03:03 | 004,060,488 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
MOD - [2014/02/19 20:02:59 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
MOD - [2014/02/19 20:02:58 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll
MOD - [2014/02/19 20:02:56 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
MOD - [2014/02/19 20:02:54 | 000,051,016 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
MOD - [2014/02/19 13:34:34 | 000,370,624 | ---- | M] () -- C:\Users\Nathan\AppData\Local\Temp\~nsu.tmp\Au_.exe
MOD - [2014/02/19 12:11:30 | 000,775,872 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MOD - [2014/02/19 12:11:30 | 000,471,040 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DCR.dll
MOD - [2014/02/19 12:11:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\Device.dll
MOD - [2014/02/10 18:32:54 | 001,152,656 | ---- | M] () -- C:\Windows\SysWOW64\MovieMode.48CA2AEFA22D.dll
MOD - [2013/03/23 15:49:16 | 000,037,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2010/11/04 20:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/09/29 18:25:46 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2009/09/29 18:25:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2009/09/29 18:25:38 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2009/09/29 18:25:38 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2009/09/29 18:25:38 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2009/09/29 18:25:36 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2009/09/29 18:25:28 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2009/09/29 18:25:18 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/09/06 12:32:06 | 000,288,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/02/28 12:37:14 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/03/27 13:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2014/02/20 15:56:39 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/19 13:43:10 | 000,080,680 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EnhanceTronic\updateEnhanceTronic.exe -- (Update EnhanceTronic)
SRV - [2014/02/19 13:10:02 | 000,080,680 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EnhanceTronic\bin\utilEnhanceTronic.exe -- (Util EnhanceTronic)
SRV - [2014/02/19 12:11:30 | 000,063,168 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Mobogenie\MgAssist.exe -- (MgAssistService)
SRV - [2014/02/10 18:33:12 | 000,055,440 | ---- | M] (GenTechnologies Apps, LLC) [Auto | Running] -- C:\ProgramData\MovieMode\MovieModeService.exe -- (MovieMode)
SRV - [2014/01/29 20:55:08 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2014/01/27 20:15:18 | 000,227,904 | ---- | M] (WildTangent) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2014/01/23 18:12:52 | 000,091,936 | ---- | M] (PureLeads) [Auto | Running] -- C:\Program Files (x86)\PureLeads\PureLeadsSvc.exe -- (PlsvcV1)
SRV - [2014/01/23 18:12:50 | 003,690,784 | ---- | M] (Sendori) [Auto | Running] -- C:\Program Files (x86)\PureLeads\plsapp.exe -- (plsapp)
SRV - [2014/01/23 18:12:50 | 000,024,352 | ---- | M] (sendori) [Auto | Start_Pending] -- C:\Program Files (x86)\PureLeads\PureLeads.Service.exe -- (PlsvcV2)
SRV - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService)
SRV - [2013/08/14 15:19:24 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/09/27 10:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/17 12:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/10/23 11:00:56 | 000,454,168 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2013/10/09 01:31:54 | 000,489,568 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2013/07/17 02:02:04 | 007,717,984 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2013/01/27 08:35:46 | 000,127,384 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/08/13 06:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/30 12:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {96E44610-527E-4900-8145-49370B34A28F}
IE:64bit: - HKLM\..\SearchScopes\{96E44610-527E-4900-8145-49370B34A28F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{9C91DE74-9191-4202-862D-807C47706800}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{96E44610-527E-4900-8145-49370B34A28F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{9C91DE74-9191-4202-862D-807C47706800}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2418376
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10042&barid={3F634DF0-A702-11E2-8FD4-002354F99EB2}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT33147 ... 9819&SSPV=
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.conduit.com/Results.aspx? ... 7739819&q={searchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{76798B12-AE0C-4108-8737-A53950CC1A1E}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =586383&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll File not found
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX [2013/04/16 20:59:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\2.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox [2013/04/16 20:59:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/02/19 12:13:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014/02/19 12:13:38 | 000,000,000 | ---D | M]

[2013/04/16 20:58:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Conduit Search (Enabled)
CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx? ... 7739819&q={searchTerms}&SSPV=
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://search.conduit.com/?ctid=CT33147 ... 9819&SSPV=
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Surf Canyon = C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjagnifjocnddgeknajocbkkhlgibem\5.2.2_0\
CHR - Extension: YouTube = C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google Search = C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: HDvid Codec = C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli\2.1_0\
CHR - Extension: Google Wallet = C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (The weDownload Manager) - {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho64.dll (weDownload)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension64.dll ()
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (The weDownload Manager) - {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho.dll (weDownload)
O2 - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (EnhanceTronic) - {f530d5e8-9d18-4cba-b7cc-95944f9ebe3d} - C:\Program Files (x86)\EnhanceTronic\EnhanceTronicBHO.dll (EnhanceTronic)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe ()
O4 - HKLM..\Run: [PureLeads Tray] C:\Program Files (x86)\PureLeads\PureLeadsTray.exe (PureLeads)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [NextLive] C:\Users\Nathan\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\plsapp64.dll (Sendori)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\plsapp.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\plsapp.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\plsapp.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\plsapp.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\plsapp.dll (Sendori)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_51)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_51)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4091BD3D-4A59-48F8-8FA7-C0E933889BDD}: DhcpNameServer = 75.75.76.76 75.75.75.75
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/24 11:23:27 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/24 11:17:00 | 000,000,000 | ---D | C] -- C:\RegBackup
[2014/02/24 11:10:10 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\VirtualStore
[2014/02/24 10:51:11 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2014/02/24 10:51:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2014/02/23 21:15:08 | 000,000,000 | ---D | C] -- C:\Users\Nathan\Documents\Games for Windows - LIVE Demos
[2014/02/23 21:10:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2014/02/23 21:08:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2014/02/23 21:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2014/02/23 21:07:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2014/02/23 13:09:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Nathan\Desktop\OTL.exe
[2014/02/23 13:02:12 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014/02/22 12:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2014/02/22 12:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2014/02/21 20:51:05 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\HP Support Assistant
[2014/02/21 20:50:08 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\HpUpdate
[2014/02/20 06:07:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/02/20 04:29:16 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Apple Computer
[2014/02/20 01:37:01 | 000,000,000 | ---D | C] -- C:\Users\Nathan\Documents\dvd
[2014/02/20 01:28:09 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\DVD Flick
[2014/02/20 01:28:06 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\ImgBurn
[2014/02/19 21:57:51 | 000,439,296 | ---- | C] (Sendori) -- C:\Windows\SysNative\plsapp64.dll
[2014/02/19 21:57:49 | 000,354,592 | ---- | C] (Sendori) -- C:\Windows\SysWow64\plsapp.dll
[2014/02/19 21:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\PureLeads
[2014/02/19 21:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PureLeads
[2014/02/19 21:55:12 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\OpenCandy
[2014/02/19 21:55:08 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2014/02/19 21:55:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2014/02/19 21:39:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick
[2014/02/19 21:39:29 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\ssubtmr6.dll
[2014/02/19 21:39:29 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\Windows\SysWow64\trayicon_handler.ocx
[2014/02/19 21:39:29 | 000,028,672 | ---- | C] (-) -- C:\Windows\SysWow64\mousewheel.ocx
[2014/02/19 21:39:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Flick
[2014/02/19 21:11:30 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Nathan\AppData\Roaming\pcouffin.sys
[2014/02/19 21:11:30 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Vso
[2014/02/19 21:11:30 | 000,000,000 | ---D | C] -- C:\Users\Nathan\Documents\PcSetup
[2014/02/19 21:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\VSO
[2014/02/19 21:11:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VSO
[2014/02/19 15:44:07 | 007,717,984 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2014/02/19 15:44:02 | 000,489,568 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2014/02/19 15:44:02 | 000,090,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2014/02/19 15:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2014/02/19 15:37:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint
[2014/02/19 15:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2014/02/19 13:34:34 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Search Protection
[2014/02/19 13:33:45 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\BitTorrent
[2014/02/19 13:32:24 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2014/02/19 13:31:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The weDownload Manager
[2014/02/19 12:24:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/02/19 12:24:43 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2014/02/19 12:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/02/19 12:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/02/19 12:14:11 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\RealNetworks
[2014/02/19 12:14:04 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Real
[2014/02/19 12:13:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2014/02/19 12:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2014/02/19 12:13:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2014/02/19 12:13:04 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2014/02/19 12:12:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2014/02/19 12:12:37 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Real
[2014/02/19 12:12:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/02/19 12:11:54 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Google
[2014/02/19 12:11:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/02/19 12:11:10 | 000,000,000 | ---D | C] -- C:\Users\Nathan\.android
[2014/02/19 12:11:09 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\cache
[2014/02/19 12:11:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2014/02/19 12:11:06 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\newnext.me
[2014/02/19 12:11:06 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\genienext
[2014/02/19 12:11:05 | 000,000,000 | ---D | C] -- C:\Users\Nathan\Documents\Mobogenie
[2014/02/19 12:11:05 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Mobogenie
[2014/02/19 12:11:01 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
[2014/02/19 12:10:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobogenie
[2014/02/19 12:10:47 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\MovieMode
[2014/02/19 12:10:40 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Programs
[2014/02/19 12:10:07 | 000,000,000 | ---D | C] -- C:\ProgramData\MovieMode
[2014/02/19 12:09:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EnhanceTronic
[2014/02/19 11:29:47 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Apple
[2014/02/19 11:23:12 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Macromedia
[2014/02/17 20:37:40 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\ElevatedDiagnostics
[2014/02/17 20:33:56 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\iWin
[2014/02/17 20:01:32 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Adobe
[2014/02/17 20:00:53 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\WildTangent
[2014/02/17 19:22:32 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\.minecraft
[2014/02/17 19:22:02 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Hewlett-Packard
[2014/02/17 19:22:01 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Hewlett-Packard
[2014/02/17 19:21:59 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Zemana
[2014/02/17 19:21:59 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\ID Vault
[2014/02/17 19:21:59 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Apple Computer
[2014/02/17 19:21:51 | 000,000,000 | R--D | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/02/17 19:21:51 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Searches
[2014/02/17 19:21:51 | 000,000,000 | R--D | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/02/17 19:21:51 | 000,000,000 | -H-D | C] -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/02/17 19:21:49 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\dll-files.com
[2014/02/17 19:21:42 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Identities
[2014/02/17 19:21:40 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Contacts
[2014/02/17 19:21:35 | 000,000,000 | --SD | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Videos
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Saved Games
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Pictures
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Music
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Links
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Favorites
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Downloads
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Documents
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\Desktop
[2014/02/17 19:21:35 | 000,000,000 | R--D | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\AppData\Local\Temporary Internet Files
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Templates
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Start Menu
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\SendTo
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Recent
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\PrintHood
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\NetHood
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Documents\My Videos
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Documents\My Pictures
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Documents\My Music
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\My Documents
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Local Settings
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\AppData\Local\History
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Cookies
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\Application Data
[2014/02/17 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Nathan\AppData\Local\Application Data
[2014/02/17 19:21:35 | 000,000,000 | -H-D | C] -- C:\Users\Nathan\AppData
[2014/02/17 19:21:35 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Temp
[2014/02/17 19:21:35 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Microsoft
[2014/02/17 19:21:35 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Media Center Programs

========== Files - Modified Within 30 Days ==========

[2014/02/24 11:41:17 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/24 11:41:17 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/24 11:30:07 | 000,002,544 | ---- | M] () -- C:\Windows\tasks\The weDownload Manager-firefoxinstaller.job
[2014/02/24 11:30:07 | 000,001,594 | ---- | M] () -- C:\Windows\tasks\The weDownload Manager-updater.job
[2014/02/24 11:30:07 | 000,001,550 | ---- | M] () -- C:\Windows\tasks\The weDownload Manager-codedownloader.job
[2014/02/24 11:30:07 | 000,001,448 | ---- | M] () -- C:\Windows\tasks\The weDownload Manager-enabler.job
[2014/02/24 11:30:07 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/24 11:29:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/24 11:29:42 | 2214,043,648 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/24 11:27:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/24 11:21:19 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-BRAT-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2014/02/24 11:16:38 | 001,241,834 | ---- | M] () -- C:\Users\Nathan\Desktop\adwcleaner.exe
[2014/02/24 10:56:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/24 10:51:11 | 000,002,201 | ---- | M] () -- C:\Users\Nathan\Desktop\Tweaking.com - Registry Backup.lnk
[2014/02/23 13:09:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nathan\Desktop\OTL.exe
[2014/02/23 13:07:17 | 001,414,034 | ---- | M] () -- C:\Users\Nathan\Desktop\zoek.scr
[2014/02/23 13:07:13 | 001,414,034 | ---- | M] () -- C:\Users\Nathan\Desktop\zoek.com
[2014/02/23 12:58:50 | 001,284,608 | ---- | M] () -- C:\Users\Nathan\Desktop\zoek.exe
[2014/02/23 10:12:58 | 000,140,300 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2014/02/22 12:27:26 | 000,001,937 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/02/21 13:09:35 | 000,002,149 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/21 03:24:54 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/21 03:24:54 | 000,624,162 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/21 03:24:54 | 000,106,538 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/20 15:35:04 | 000,330,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/02/20 05:05:28 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/02/20 05:05:28 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/02/19 21:55:08 | 000,001,831 | ---- | M] () -- C:\Users\Nathan\Desktop\ImgBurn.lnk
[2014/02/19 21:39:32 | 000,001,880 | ---- | M] () -- C:\Users\Nathan\Desktop\DVD Flick.lnk
[2014/02/19 21:11:30 | 000,099,384 | ---- | M] () -- C:\Users\Nathan\AppData\Roaming\inst.exe
[2014/02/19 21:11:30 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\Nathan\AppData\Roaming\pcouffin.sys
[2014/02/19 21:11:30 | 000,007,859 | ---- | M] () -- C:\Users\Nathan\AppData\Roaming\pcouffin.cat
[2014/02/19 21:11:30 | 000,001,167 | ---- | M] () -- C:\Users\Nathan\AppData\Roaming\pcouffin.inf
[2014/02/19 21:11:27 | 000,001,186 | ---- | M] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\ConvertXToDVD 5.lnk
[2014/02/19 16:24:06 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2014/02/19 16:15:10 | 000,002,245 | ---- | M] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/02/19 15:39:37 | 000,417,513 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2014/02/19 15:38:54 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2014/02/19 13:34:30 | 000,000,876 | ---- | M] () -- C:\Users\Nathan\Desktop\BitTorrent.lnk
[2014/02/19 13:34:30 | 000,000,856 | ---- | M] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2014/02/19 13:32:02 | 000,002,430 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
[2014/02/19 13:31:15 | 000,002,660 | ---- | M] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - wildgames.lnk
[2014/02/19 12:25:20 | 000,000,032 | ---- | M] () -- C:\Users\Nathan\jagex_cl_runescape_LIVE.dat
[2014/02/19 12:13:42 | 000,001,230 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2014/02/19 12:13:04 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2014/02/19 12:11:01 | 000,000,985 | ---- | M] () -- C:\Users\Nathan\Desktop\Mobogenie.lnk
[2014/02/19 11:17:42 | 000,001,403 | ---- | M] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/02/17 18:33:07 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForLeigh.job
[2014/02/17 18:32:33 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2014/02/10 18:32:54 | 001,152,656 | ---- | M] () -- C:\Windows\SysWow64\MovieMode.48CA2AEFA22D.dll

========== Files Created - No Company Name ==========

[2014/02/24 11:21:19 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-BRAT-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2014/02/24 11:16:32 | 001,241,834 | ---- | C] () -- C:\Users\Nathan\Desktop\adwcleaner.exe
[2014/02/24 10:51:11 | 000,002,201 | ---- | C] () -- C:\Users\Nathan\Desktop\Tweaking.com - Registry Backup.lnk
[2014/02/23 12:58:33 | 001,284,608 | ---- | C] () -- C:\Users\Nathan\Desktop\zoek.exe
[2014/02/23 10:12:58 | 000,140,300 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2014/02/20 05:05:28 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/02/20 05:05:28 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/02/19 21:55:08 | 000,001,861 | ---- | C] () -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2014/02/19 21:55:08 | 000,001,831 | ---- | C] () -- C:\Users\Nathan\Desktop\ImgBurn.lnk
[2014/02/19 21:39:32 | 000,001,880 | ---- | C] () -- C:\Users\Nathan\Desktop\DVD Flick.lnk
[2014/02/19 21:11:30 | 000,099,384 | ---- | C] () -- C:\Users\Nathan\AppData\Roaming\inst.exe
[2014/02/19 21:11:30 | 000,007,859 | ---- | C] () -- C:\Users\Nathan\AppData\Roaming\pcouffin.cat
[2014/02/19 21:11:30 | 000,001,167 | ---- | C] () -- C:\Users\Nathan\AppData\Roaming\pcouffin.inf
[2014/02/19 21:11:27 | 000,001,186 | ---- | C] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\ConvertXToDVD 5.lnk
[2014/02/19 15:39:10 | 000,417,513 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2014/02/19 15:38:54 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2014/02/19 13:34:30 | 000,000,876 | ---- | C] () -- C:\Users\Nathan\Desktop\BitTorrent.lnk
[2014/02/19 13:34:30 | 000,000,856 | ---- | C] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2014/02/19 13:32:01 | 000,002,430 | ---- | C] () -- C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
[2014/02/19 13:31:44 | 000,001,594 | ---- | C] () -- C:\Windows\tasks\The weDownload Manager-updater.job
[2014/02/19 13:31:38 | 000,001,448 | ---- | C] () -- C:\Windows\tasks\The weDownload Manager-enabler.job
[2014/02/19 13:31:34 | 000,001,550 | ---- | C] () -- C:\Windows\tasks\The weDownload Manager-codedownloader.job
[2014/02/19 13:31:24 | 000,002,544 | ---- | C] () -- C:\Windows\tasks\The weDownload Manager-firefoxinstaller.job
[2014/02/19 13:31:14 | 000,002,660 | ---- | C] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - wildgames.lnk
[2014/02/19 12:25:20 | 000,000,032 | ---- | C] () -- C:\Users\Nathan\jagex_cl_runescape_LIVE.dat
[2014/02/19 12:24:41 | 000,001,937 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/02/19 12:13:42 | 000,001,230 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2014/02/19 12:12:33 | 000,002,245 | ---- | C] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/02/19 12:12:33 | 000,002,149 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/19 12:12:02 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/19 12:12:00 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/19 12:11:01 | 000,000,985 | ---- | C] () -- C:\Users\Nathan\Desktop\Mobogenie.lnk
[2014/02/19 11:17:42 | 000,001,403 | ---- | C] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/02/17 19:21:52 | 000,001,419 | ---- | C] () -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/02/17 19:21:35 | 000,000,290 | ---- | C] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/02/17 19:21:35 | 000,000,272 | ---- | C] () -- C:\Users\Nathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/02/17 18:32:33 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2014/02/17 08:23:48 | 001,414,034 | ---- | C] () -- C:\Users\Nathan\Desktop\zoek.scr
[2014/02/17 08:23:48 | 001,414,034 | ---- | C] () -- C:\Users\Nathan\Desktop\zoek.com
[2014/02/10 18:32:54 | 001,152,656 | ---- | C] () -- C:\Windows\SysWow64\MovieMode.48CA2AEFA22D.dll
[2013/09/02 01:32:19 | 000,000,023 | ---- | C] () -- C:\Windows\kodakpcd.ini
[2010/10/08 17:56:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/02/17 19:22:35 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\.minecraft
[2014/02/19 22:34:07 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\BitTorrent
[2014/02/17 19:21:49 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\dll-files.com
[2014/02/17 19:21:59 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\ID Vault
[2014/02/20 01:28:06 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\ImgBurn
[2014/02/17 20:33:56 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\iWin
[2014/02/24 11:30:37 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\newnext.me
[2014/02/19 21:55:12 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\OpenCandy
[2014/02/24 11:42:55 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\Search Protection
[2014/02/19 21:11:30 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\Vso
[2014/02/19 13:31:24 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\WildTangent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >
GeorgeGamer
Active Member
 
Posts: 12
Joined: February 21st, 2014, 2:39 pm

Re: Need help with computer.

Unread postby Cypher » February 24th, 2014, 1:34 pm

Hi,
adwcleaner I installed and when i run the scan it works but when i click clean it says not responding and does nothing

Ok lets see if we can get something to run, continue with the instructions below.

  • Right-click OTL.exe and select " Run as administrator " to run it.
  • Copy and Paste the following script into the Image textbox. Do not include the words Code: select all
  • (Click the select all button next to code to select the entire script).
    Code: Select all
    :otl
    PRC - [2014/02/19 12:11:30 | 000,775,872 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
    PRC - [2014/02/05 03:34:16 | 000,840,552 | ---- | M] (Spigot, Inc.) -- C:\Users\Nathan\AppData\Roaming\Search Protection\SearchProtection.exe
    PRC - [2013/02/28 12:37:14 | 000,188,760 | ---- | M] () -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
    SRV:64bit: - [2013/02/28 12:37:14 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {96E44610-527E-4900-8145-49370B34A28F}
    IE:64bit: - HKLM\..\SearchScopes\{9C91DE74-9191-4202-862D-807C47706800}: "URL" = http://www.ask.com/web?q= {searchTerms}&l=dis&o=uscqd
    IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
    IE - HKLM\..\SearchScopes\{9C91DE74-9191-4202-862D-807C47706800}: "URL" = http://www.ask.com/web?q= {searchTerms}&l=dis&o=uscqd
    IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q= {searchTerms}&SearchSource=4&ctid=CT2418376
    IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpacks.com/?src=6&q= {searchTerms}&st=12&crg=3.5000006.10042&barid={3F634DF0-A702-11E2-8FD4-002354F99EB2}
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT33147 ... 9819&SSPV=
    IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.conduit.com/Results.aspx? ... 7739819&q= {searchTerms}&SSPV=
    FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll File not found
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX [2013/04/16 20:59:26 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\2.bin
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox [2013/04/16 20:59:26 | 000,000,000 | ---D | M]
    CHR - default_search_provider: Conduit Search (Enabled)
    CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx? ... 7739819&q= {searchTerms}&SSPV=
    O2:64bit: - BHO: (The weDownload Manager) - {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho64.dll (weDownload)
    O2:64bit: - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension64.dll ()
    O2 - BHO: (The weDownload Manager) - {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho.dll (weDownload)
    O2 - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
    O2 - BHO: (EnhanceTronic) - {f530d5e8-9d18-4cba-b7cc-95944f9ebe3d} - C:\Program Files (x86)\EnhanceTronic\EnhanceTronicBHO.dll (EnhanceTronic)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe ()
    O4 - HKCU..\Run: [NextLive] C:\Users\Nathan\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
    [2014/02/22 12:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    [2014/02/19 13:34:34 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Search Protection
    [2014/02/19 13:33:45 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\BitTorrent
    [2014/02/19 12:24:43 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
    [2014/02/19 12:11:06 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\newnext.me
    [2014/02/19 12:11:05 | 000,000,000 | ---D | C] -- C:\Users\Nathan\Documents\Mobogenie
    [2014/02/19 12:11:05 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Local\Mobogenie
    [2014/02/19 12:11:01 | 000,000,000 | ---D | C] -- C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
    [2014/02/19 21:11:30 | 000,099,384 | ---- | M] () -- C:\Users\Nathan\AppData\Roaming\inst.exe
    [2014/02/19 13:34:30 | 000,000,876 | ---- | M] () -- C:\Users\Nathan\Desktop\BitTorrent.lnk
    [2014/02/19 12:11:01 | 000,000,985 | ---- | M] () -- C:\Users\Nathan\Desktop\Mobogenie.lnk
    [2014/02/19 22:34:07 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\BitTorrent
    [2014/02/24 11:30:37 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\newnext.me
    [2014/02/24 11:42:55 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\Search Protection
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720
    @Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1
    
    :files
    C:\Program Files (x86)\Mobogenie
    C:\Program Files (x86)\The weDownload Manager
    C:\Program Files (x86)\EnhanceTronic
    C:\Users\Nathan\AppData\Roaming\newnext.me
    ipconfig /flushdns /c
    
    :commands
    [emptytemp]
    
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Next.

Reboot your computer in Safe Mode with Networking.
  • If the computer is running, shut down Windows, and then turn off the power.
  • Wait 30 seconds, and then turn the computer on.
  • Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
  • Ensure that the Safe Mode with Networking option is selected.
  • Press Enter. The computer then begins to start in Safe mode.
  • Login on your usual account.

Now see if you can run AdwCleaner

  • Right click on adwcleaner.exe and select " Run as administrator " to run it.
  • Click on Scan.
  • When the scan has finished, uncheck any entries you don't want to remove, then click on Clean.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Logs/Information to Post in your Next Reply

  • OTL Fix log.
  • AdwCleaner log.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Need help with computer.

Unread postby GeorgeGamer » February 24th, 2014, 3:03 pm

Alright hey I wanted to say thanks for helping me out man. Alright I did as you asked, the notepad didnt open on its own after the adwcleaner but it is in the folder so i will copy and paste both the otl and the adwcleaner .txt




____________________________OTL_______________________________________

All processes killed
========== OTL ==========
No active process named DaemonProcess.exe was found!
Process SearchProtection.exe killed successfully!
Process ExtensionUpdaterService.exe killed successfully!
Service Updater By SweetPacks stopped successfully!
Service Updater By SweetPacks deleted successfully!
C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9C91DE74-9191-4202-862D-807C47706800}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C91DE74-9191-4202-862D-807C47706800}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9C91DE74-9191-4202-862D-807C47706800}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C91DE74-9191-4202-862D-807C47706800}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mywebsearch.com/Plugin\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}\ deleted successfully.
C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX\defaults\preferences folder moved successfully.
C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX\defaults folder moved successfully.
C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX\chrome\skin folder moved successfully.
C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX\chrome\locale\en-US folder moved successfully.
C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX\chrome\locale folder moved successfully.
C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX\chrome\content\resources folder moved successfully.
C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX\chrome\content\libraries folder moved successfully.
C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX\chrome\content folder moved successfully.
C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX\chrome folder moved successfully.
C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com deleted successfully.
File C:\Program Files (x86)\MyWebSearch\bar\2.bin not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}\ not found.
File C:\Program Files\Updater By SweetPacks\Firefox not found.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901174}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411901174}\ deleted successfully.
C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho64.dll moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}\ deleted successfully.
C:\Program Files\Updater By SweetPacks\Extension64.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901174}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411901174}\ deleted successfully.
C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}\ not found.
C:\Program Files\Updater By SweetPacks\Extension32.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f530d5e8-9d18-4cba-b7cc-95944f9ebe3d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f530d5e8-9d18-4cba-b7cc-95944f9ebe3d}\ deleted successfully.
C:\Program Files (x86)\EnhanceTronic\EnhanceTronicBHO.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon deleted successfully.
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive deleted successfully.
C:\Users\Nathan\AppData\Roaming\newnext.me\nengine.dll moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus folder moved successfully.
C:\Users\Nathan\AppData\Roaming\Search Protection folder moved successfully.
C:\Users\Nathan\AppData\Roaming\BitTorrent\updates folder moved successfully.
C:\Users\Nathan\AppData\Roaming\BitTorrent\share folder moved successfully.
C:\Users\Nathan\AppData\Roaming\BitTorrent\ie folder moved successfully.
C:\Users\Nathan\AppData\Roaming\BitTorrent\dlimagecache folder moved successfully.
C:\Users\Nathan\AppData\Roaming\BitTorrent\apps folder moved successfully.
C:\Users\Nathan\AppData\Roaming\BitTorrent folder moved successfully.
C:\ProgramData\McAfee Security Scan folder moved successfully.
C:\Users\Nathan\AppData\Roaming\newnext.me\cache folder moved successfully.
C:\Users\Nathan\AppData\Roaming\newnext.me folder moved successfully.
C:\Users\Nathan\Documents\Mobogenie folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\info\notice folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\info\download folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\info\connect folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\info folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\tab_switch folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\dialog folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\welcome folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\skin folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\pb folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\moduletemp folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\vedio folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\ui folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\subject folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\message folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\image folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\driver folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\download folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\contact folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\app folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\lib folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\interface folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\vietna folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\thai folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\spanish folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\russian folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\portuguese folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\poland folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\italian folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\indonesian folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\english folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\chinese folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\arabic folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_ folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_square folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_rounded folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\facebook folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\default folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_square folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_rounded folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\photo folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\iframe folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\thai folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\russian folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\poland folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\italian folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\english folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_ folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\skin\skin2 folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\skin\skin1 folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\skin\default folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\skin folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\page folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\libraries folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\doT-master\test folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\doT-master\examples\views folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\doT-master\examples folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\doT-master\bin folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\doT-master\benchmarks\templating folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\doT-master\benchmarks folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\doT-master folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\css folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\sqldrivers folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\phonon_backend folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\log folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\imageformats folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\NewVersion folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version\CacheVersion folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Version folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\driver folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Download\Video folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Download\Picture folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Download\Music folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Download\Apk folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Download folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\device folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\Data folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie\backup folder moved successfully.
C:\Users\Nathan\AppData\Local\Mobogenie folder moved successfully.
C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie folder moved successfully.
C:\Users\Nathan\AppData\Roaming\inst.exe moved successfully.
C:\Users\Nathan\Desktop\BitTorrent.lnk moved successfully.
C:\Users\Nathan\Desktop\Mobogenie.lnk moved successfully.
Folder C:\Users\Nathan\AppData\Roaming\BitTorrent\ not found.
Folder C:\Users\Nathan\AppData\Roaming\newnext.me\ not found.
Folder C:\Users\Nathan\AppData\Roaming\Search Protection\ not found.
ADS C:\ProgramData\Temp:373E1720 deleted successfully.
ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
========== FILES ==========
C:\Program Files (x86)\Mobogenie\templates\web\js_static\info\notice folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_static\info\download folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_static\info\connect folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_static\info folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_static\iframe\tab_switch folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_static\iframe folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_static\dialog folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_static folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\welcome folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\util folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\tpls folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\skin folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\pb folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\moduletemp folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\module\vedio folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\module\ui folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\module\subject folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\module\message folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\module\image folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\module\driver folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\module\download folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\module\contact folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\module\app folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\module folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\lib folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\interface folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\i18n\vietna folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\i18n\thai folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\i18n\spanish folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\i18n\russian folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\i18n\portuguese folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\i18n\poland folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\i18n\italian folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\i18n\indonesian folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\i18n\english folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\i18n\chinese folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\i18n\arabic folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_\i18n folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\js_ folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\light_square folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\light_rounded folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\facebook folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\default folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\dark_square folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\dark_rounded folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\images\photo folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\images\debug folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\images folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\iframe folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\htmlTemp folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\dialog\js_\i18n\vietna folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\dialog\js_\i18n\thai folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\dialog\js_\i18n\spanish folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\dialog\js_\i18n\russian folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\dialog\js_\i18n\portuguese folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\dialog\js_\i18n\poland folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\dialog\js_\i18n\italian folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\dialog\js_\i18n\indonesian folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\dialog\js_\i18n\english folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\dialog\js_\i18n\chinese folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\dialog\js_\i18n\arabic folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\dialog\js_\i18n folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\dialog\js_ folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\dialog\images folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\dialog folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web\css folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\web folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\skin\skin2 folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\skin\skin1 folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\skin\default folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\skin folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\page folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\javascript\libraries folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\javascript\doT-master\test folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\javascript\doT-master\examples\views folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\javascript\doT-master\examples folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\javascript\doT-master\bin folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\javascript\doT-master\benchmarks\templating folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\javascript\doT-master\benchmarks folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\javascript\doT-master folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\javascript folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates\css folder moved successfully.
C:\Program Files (x86)\Mobogenie\templates folder moved successfully.
C:\Program Files (x86)\Mobogenie\sqldrivers folder moved successfully.
C:\Program Files (x86)\Mobogenie\phonon_backend folder moved successfully.
C:\Program Files (x86)\Mobogenie\log folder moved successfully.
C:\Program Files (x86)\Mobogenie\imageformats folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mobogenie scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\The weDownload Manager scheduled to be moved on reboot.
C:\Program Files (x86)\EnhanceTronic\bin\plugins folder moved successfully.
C:\Program Files (x86)\EnhanceTronic\bin folder moved successfully.
C:\Program Files (x86)\EnhanceTronic folder moved successfully.
File\Folder C:\Users\Nathan\AppData\Roaming\newnext.me not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Nathan\Desktop\cmd.bat deleted successfully.
C:\Users\Nathan\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 127537 bytes
->Temporary Internet Files folder emptied: 66639 bytes
->Java cache emptied: 0 bytes

User: hedev
->Temp folder emptied: 43164427 bytes

User: Leigh
->Temp folder emptied: 474516205 bytes
->Temporary Internet Files folder emptied: 123279500 bytes
->Java cache emptied: 59722755 bytes
->Google Chrome cache emptied: 321272989 bytes
->Apple Safari cache emptied: 5836800 bytes
->Flash cache emptied: 1779 bytes

User: Nathan
->Temp folder emptied: 82271722 bytes
->Temporary Internet Files folder emptied: 59684627 bytes
->Java cache emptied: 1590867 bytes
->Google Chrome cache emptied: 501547563 bytes
->Flash cache emptied: 1199 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 281829341 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43299833 bytes
RecycleBin emptied: 73128394 bytes

Total Files Cleaned = 1,975.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02242014_134225

Files\Folders moved on Reboot...
C:\Program Files (x86)\Mobogenie folder moved successfully.
C:\Program Files (x86)\The weDownload Manager folder moved successfully.
C:\Users\Nathan\AppData\Local\Temp\~nsu.tmp\Au_.exe moved successfully.
C:\Users\Nathan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Nathan\AppData\Local\Temp\~DF9D99D6E55F8BE669.TMP moved successfully.
C:\Users\Nathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\plsapp.log scheduled to be moved on reboot.
C:\Windows\temp\ZLT06c2b.TMP moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


____________________adwcleaner______________

# AdwCleaner v3.019 - Report created 24/02/2014 at 13:56:39
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Nathan - BRAT
# Running from : C:\Users\Nathan\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\Users\Leigh\Desktop\HDVidCodec.lnk
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\PC Optimizer Pro Updates
File Found : C:\Windows\Tasks\PC Optimizer Pro Updates.job
Folder Found : C:\Users\Leigh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjagnifjocnddgeknajocbkkhlgibem
Folder Found : C:\Users\Leigh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Folder Found : C:\Users\Leigh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Found : C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjagnifjocnddgeknajocbkkhlgibem
Folder Found : C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Folder Found C:\Program Files (x86)\1ClickDownload
Folder Found C:\Program Files (x86)\comcasttb
Folder Found C:\Program Files (x86)\Free Offers from Freeze.com
Folder Found C:\Program Files (x86)\HDvidCodec.com
Folder Found C:\Program Files (x86)\xfin_portal
Folder Found C:\Program Files (x86)\Yontoo
Folder Found C:\Program Files\Updater By SweetPacks
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\PC Optimizer Pro
Folder Found C:\ProgramData\Tarma Installer
Folder Found C:\ProgramData\WeCareReminder
Folder Found C:\Users\Leigh\AppData\Local\Conduit
Folder Found C:\Users\Leigh\AppData\Local\Mobogenie
Folder Found C:\Users\Leigh\AppData\Local\SavingsApp
Folder Found C:\Users\Leigh\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\Users\Leigh\AppData\LocalLow\BabylonToolbar
Folder Found C:\Users\Leigh\AppData\LocalLow\comcasttb
Folder Found C:\Users\Leigh\AppData\LocalLow\FunWebProducts
Folder Found C:\Users\Leigh\AppData\LocalLow\MyWebSearch
Folder Found C:\Users\Leigh\AppData\Roaming\Babylon
Folder Found C:\Users\Leigh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Folder Found C:\Users\Leigh\AppData\Roaming\Yontoo
Folder Found C:\Users\Nathan\AppData\Local\genienext
Folder Found C:\Users\Nathan\AppData\Local\Mobogenie
Folder Found C:\Users\Nathan\AppData\Roaming\iWin
Folder Found C:\Users\Nathan\AppData\Roaming\OpenCandy
Folder Found C:\Windows\SysWOW64\AI_RecycleBin

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\DynConIE
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Key Found : HKCU\Software\WEDLMNGR
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\WEDLMNGR
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\5ced68fbd35ef42
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422902274}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0049074.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0049074.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0049074.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0049074.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455905574}
Key Found : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466906674}
Key Found : HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2418376
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444904474}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{68DE31F7-43FF-4EE2-B88B-10665016970D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bcjagnifjocnddgeknajocbkkhlgibem
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1791C1B5-FFD0-4D4B-ABCD-7A7DF6EAA89C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SavingsApp_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SavingsApp_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Found : HKLM\Software\Updater By Sweetpacks
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422902274}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455905574}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466906674}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Key Found : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16798


-\\ Google Chrome v33.0.1750.117

[ File : C:\Users\Leigh\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword
Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword
Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword
Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword
Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword
Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword
Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword
Found : icon_url
Found : search_url
Found : suggest_url
Found : keyword

[ File : C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : search_url
Found : keyword
Found : homepage
Found : search_url
Found : homepage
Found : search_url

*************************

AdwCleaner[R0].txt - [22470 octets] - [24/02/2014 11:23:38]
AdwCleaner[R1].txt - [22529 octets] - [24/02/2014 11:32:45]
AdwCleaner[R2].txt - [17583 octets] - [24/02/2014 13:55:40]
AdwCleaner[R3].txt - [17346 octets] - [24/02/2014 13:56:39]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [17407 octets] ##########
GeorgeGamer
Active Member
 
Posts: 12
Joined: February 21st, 2014, 2:39 pm

Re: Need help with computer.

Unread postby Cypher » February 25th, 2014, 6:44 am

Hi,
I wanted to say thanks for helping me out man.

You're most welcome :)
Ok now we are getting somewhere.

Image Please download Junkware Removal Tool and save it to your desktop.
  • Shut down your protection software as shown in This topic now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, Seven, Eight, right-mouse click it and select Run as Administrator.
  • If you have trouble running this tool, try running it in safe mode.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Please post the contents of JRT.txt into your next reply.

Next.

Please download SystemLook from the link below and save it to your Desktop.

For 64 bit Systems

  • Right-click SystemLook.exe and select " Run as administrator " to run it.
  • Copy and paste the content of the following codebox into the main textfield: Do not include the words Code: select all
  • (Click the select all button next to the codebox to select the entire script).
    Code: Select all
    :filefind
    *MyWebSearch*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    *babylon*
    *SweetPacks*
    
    :folderfind
    *MyWebSearch*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    *babylon*
    *SweetPacks*
    
    :Regfind
    Bandoo
    Searchnu
    Searchqu
    iLivid
    whitesmoke
    datamngr
    MyWebSearch
    trolltech
    babylon
    SweetPacks
    
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

Logs/Information to Post in your Next Reply

  • JRT.txt
  • SystemLook.txt.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Need help with computer.

Unread postby GeorgeGamer » February 25th, 2014, 9:32 pm

Here is what u requested



___________________JRT.txt_______________


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Nathan on Tue 02/25/2014 at 19:11:55.18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] antispywareservice
Successfully deleted: [Service] antispywareservice



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\New Windows\Allow\\*.crossrider.com



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetim_urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\dynconie
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\updater by sweetpacks
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltahlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltahlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\savingsapp_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\savingsapp_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1clickdownload
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0049074.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0049074.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0049074.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0049074.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422902274}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550455905574}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466906674}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440444904474}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422902274}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550455905574}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466906674}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444904474}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0049074.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0049074.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0049074.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0049074.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2418376
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550455905574}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466906674}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440444904474}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550455905574}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466906674}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444904474}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASMANCS



~~~ Files

Successfully deleted: [File] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebay.lnk"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\pc optimizer pro"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\wecarereminder"
Successfully deleted: [Folder] "C:\Users\Nathan\AppData\Roaming\dll-files.com"
Successfully deleted: [Folder] "C:\Users\Nathan\AppData\Roaming\iwin"
Successfully deleted: [Folder] "C:\Users\Nathan\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Program Files (x86)\comcasttb"
Successfully deleted: [Folder] "C:\Program Files (x86)\free offers from freeze.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/25/2014 at 19:23:25.48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~















_______________Systemlook.text________________


SystemLook 04.09.10 by jpshortstuff
Log created at 20:25 on 25/02/2014 by Nathan
Administrator - Elevation successful

========== filefind ==========

Searching for "*MyWebSearch*"
No files found.

Searching for "*Bandoo*"
No files found.

Searching for "*Searchnu*"
No files found.

Searching for "*Searchqu*"
No files found.

Searching for "*iLivid*"
No files found.

Searching for "*whitesmoke*"
No files found.

Searching for "*datamngr*"
C:\Users\Nathan\AppData\Local\Temp\jrt\datamngr_del.reg --a---- 386 bytes [18:44 25/02/2014] [03:41 22/08/2013] 95F42A3D43416D3BB978F174C83F494C

Searching for "*trolltech*"
No files found.

Searching for "*babylon*"
No files found.

Searching for "*SweetPacks*"
C:\Users\Nathan\AppData\Local\Microsoft\Internet Explorer\DOMStore\C6323G6C\start.sweetpacks[1].xml --a---- 122 bytes [03:16 20/02/2014] [03:16 20/02/2014] E32B4C06E028B9D6485AA40AB024797B

========== folderfind ==========

Searching for "*MyWebSearch*"
C:\Users\Leigh\AppData\LocalLow\MyWebSearch d------ [20:52 21/08/2010]

Searching for "*Bandoo*"
No folders found.

Searching for "*Searchnu*"
No folders found.

Searching for "*Searchqu*"
No folders found.

Searching for "*iLivid*"
No folders found.

Searching for "*whitesmoke*"
No folders found.

Searching for "*datamngr*"
No folders found.

Searching for "*trolltech*"
No folders found.

Searching for "*babylon*"
C:\Users\Leigh\AppData\LocalLow\BabylonToolbar d------ [01:34 29/05/2012]
C:\Users\Leigh\AppData\LocalLow\BabylonToolbar\BabylonToolbar d------ [01:34 29/05/2012]
C:\Users\Leigh\AppData\Roaming\Babylon d------ [15:51 20/05/2012]

Searching for "*SweetPacks*"
C:\Program Files\Updater By SweetPacks d------ [01:59 17/04/2013]
C:\_OTL\MovedFiles\02242014_134225\C_Program Files\Updater By SweetPacks d------ [18:42 24/02/2014]

========== Regfind ==========

Searching for "Bandoo"
No data found.

Searching for "Searchnu"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\The weDownload Manager\Plugins\91]
"JavaScript"="
//------------------ PLUGIN monetizationLoader.js START ------------------
(function(i){if(!appAPI.isBackground&&appAPI.dom&&appAPI.dom.isIframe()){return;}var q=appAPI.utils.MD5;if(!q||!q.encode){q={};q.encode=function(E){return E;};}if(typeof appAPI.internal.monetization==="undefined"){appAPI.internal.monetization={};}var z=appAPI.utils;var C={DBNamespace:"monetization_plugin_",RULS_JSON_NAMESPACE:" rules_",MONETIZATION_PLUGINS_IDS:"monetization_plugins_ids",IS_INSTALL_REPORTED:"is_install_reported_",STATS_NAMESPACE:"stats_",PLUGINS_VERSION:"plugins_version_",GEO_URL:"http://ipgeoapi.com/",BASE_DATE:new Date(2013,0,1),updateInterval:1000*60*60*6,rulesJsonHostUrl:"http://app.webstaticserv.com/monetization_campaigns/",statsHostUrl:"http://stats.mstatsserv.com/monetization.gif?",errorHostUrl:"http://errors.myappsync.com/monetization-error.gif?",countryName:"",reportQueryString:"",subID:"000000000000000000",report
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage]
"WSG_whiteList"="{"search.babylon.com":"q","search.imesh.net":"q","www.search-results.com":"q","home.mywebsearch.com":"searchfor","search.mywebsearch.com":"searchfor","search.mindspark.com":"searchfor","search.conduit.com":"q","search.zugo.com":"p","www2.mystart.com":"q","www.mystart.com":"q","www.bigseekpro.com":"q","bigseekpro.com":"q","bigspeedpro.com":"q","search.esnips.com":"searchQuery","search.foxtab.com":"q","search.brothersoft.com":"keyword","search.softonic.com":"q","search.iobit.com":"q","search.iminent.com":"","search.facemoods.com":"s","www.plusnetwork.com":"q","www.alothome.com":"q","alothome.com":"q","search.alothome.com":"q","search.chatvibes.com":"q","search.blekko.com":"","www.searchnu.com":"q","searchnu.com":"q","search.icq.com":"q","search.etype.com":"query","isearch.babylon.com":"q","search.utorrent.com":"","sea
[HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\AppDataLow\Software\The weDownload Manager\Plugins\91]
"JavaScript"="
//------------------ PLUGIN monetizationLoader.js START ------------------
(function(i){if(!appAPI.isBackground&&appAPI.dom&&appAPI.dom.isIframe()){return;}var q=appAPI.utils.MD5;if(!q||!q.encode){q={};q.encode=function(E){return E;};}if(typeof appAPI.internal.monetization==="undefined"){appAPI.internal.monetization={};}var z=appAPI.utils;var C={DBNamespace:"monetization_plugin_",RULS_JSON_NAMESPACE:" rules_",MONETIZATION_PLUGINS_IDS:"monetization_plugins_ids",IS_INSTALL_REPORTED:"is_install_reported_",STATS_NAMESPACE:"stats_",PLUGINS_VERSION:"plugins_version_",GEO_URL:"http://ipgeoapi.com/",BASE_DATE:new Date(2013,0,1),updateInterval:1000*60*60*6,rulesJsonHostUrl:"http://app.webstaticserv.com/monetization_campaigns/",statsHostUrl:"http://stats.mstatsserv.com/monetization.gif?",errorHostUrl:"http://errors.myappsync.com/monetization-error.gif?",countryName:"",reportQueryStrin
[HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage]
"WSG_whiteList"="{"search.babylon.com":"q","search.imesh.net":"q","www.search-results.com":"q","home.mywebsearch.com":"searchfor","search.mywebsearch.com":"searchfor","search.mindspark.com":"searchfor","search.conduit.com":"q","search.zugo.com":"p","www2.mystart.com":"q","www.mystart.com":"q","www.bigseekpro.com":"q","bigseekpro.com":"q","bigspeedpro.com":"q","search.esnips.com":"searchQuery","search.foxtab.com":"q","search.brothersoft.com":"keyword","search.softonic.com":"q","search.iobit.com":"q","search.iminent.com":"","search.facemoods.com":"s","www.plusnetwork.com":"q","www.alothome.com":"q","alothome.com":"q","search.alothome.com":"q","search.chatvibes.com":"q","search.blekko.com":"","www.searchnu.com":"q","searchnu.com":"q","search.icq.com":"q","search.etype.com":"query","isearch.babylon.

Searching for "Searchqu"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage]
"WSG_whiteList"="{"search.babylon.com":"q","search.imesh.net":"q","www.search-results.com":"q","home.mywebsearch.com":"searchfor","search.mywebsearch.com":"searchfor","search.mindspark.com":"searchfor","search.conduit.com":"q","search.zugo.com":"p","www2.mystart.com":"q","www.mystart.com":"q","www.bigseekpro.com":"q","bigseekpro.com":"q","bigspeedpro.com":"q","search.esnips.com":"searchQuery","search.foxtab.com":"q","search.brothersoft.com":"keyword","search.softonic.com":"q","search.iobit.com":"q","search.iminent.com":"","search.facemoods.com":"s","www.plusnetwork.com":"q","www.alothome.com":"q","alothome.com":"q","search.alothome.com":"q","search.chatvibes.com":"q","search.blekko.com":"","www.searchnu.com":"q","searchnu.com":"q","search.icq.com":"q","search.etype.com":"query","isearch.babylon.com":"q","search.utorrent.com":"","sea
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage]
"WSG_whiteList"="{"search.babylon.com":"q","search.imesh.net":"q","www.search-results.com":"q","home.mywebsearch.com":"searchfor","search.mywebsearch.com":"searchfor","search.mindspark.com":"searchfor","search.conduit.com":"q","search.zugo.com":"p","www2.mystart.com":"q","www.mystart.com":"q","www.bigseekpro.com":"q","bigseekpro.com":"q","bigspeedpro.com":"q","search.esnips.com":"searchQuery","search.foxtab.com":"q","search.brothersoft.com":"keyword","search.softonic.com":"q","search.iobit.com":"q","search.iminent.com":"","search.facemoods.com":"s","www.plusnetwork.com":"q","www.alothome.com":"q","alothome.com":"q","search.alothome.com":"q","search.chatvibes.com":"q","search.blekko.com":"","www.searchnu.com":"q","searchnu.com":"q","search.icq.com":"q","search.etype.com":"query","isearch.babylon.

Searching for "iLivid"
No data found.

Searching for "whitesmoke"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage]
"WSG_whiteList"="{"search.babylon.com":"q","search.imesh.net":"q","www.search-results.com":"q","home.mywebsearch.com":"searchfor","search.mywebsearch.com":"searchfor","search.mindspark.com":"searchfor","search.conduit.com":"q","search.zugo.com":"p","www2.mystart.com":"q","www.mystart.com":"q","www.bigseekpro.com":"q","bigseekpro.com":"q","bigspeedpro.com":"q","search.esnips.com":"searchQuery","search.foxtab.com":"q","search.brothersoft.com":"keyword","search.softonic.com":"q","search.iobit.com":"q","search.iminent.com":"","search.facemoods.com":"s","www.plusnetwork.com":"q","www.alothome.com":"q","alothome.com":"q","search.alothome.com":"q","search.chatvibes.com":"q","search.blekko.com":"","www.searchnu.com":"q","searchnu.com":"q","search.icq.com":"q","search.etype.com":"query","isearch.babylon.com":"q","search.utorrent.com":"","sea
[HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage]
"WSG_whiteList"="{"search.babylon.com":"q","search.imesh.net":"q","www.search-results.com":"q","home.mywebsearch.com":"searchfor","search.mywebsearch.com":"searchfor","search.mindspark.com":"searchfor","search.conduit.com":"q","search.zugo.com":"p","www2.mystart.com":"q","www.mystart.com":"q","www.bigseekpro.com":"q","bigseekpro.com":"q","bigspeedpro.com":"q","search.esnips.com":"searchQuery","search.foxtab.com":"q","search.brothersoft.com":"keyword","search.softonic.com":"q","search.iobit.com":"q","search.iminent.com":"","search.facemoods.com":"s","www.plusnetwork.com":"q","www.alothome.com":"q","alothome.com":"q","search.alothome.com":"q","search.chatvibes.com":"q","search.blekko.com":"","www.searchnu.com":"q","searchnu.com":"q","search.icq.com":"q","search.etype.com":"query","isearch.babylon.

Searching for "datamngr"
No data found.

Searching for "MyWebSearch"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\The weDownload Manager\Plugins\91]
"JavaScript"="
//------------------ PLUGIN monetizationLoader.js START ------------------
(function(i){if(!appAPI.isBackground&&appAPI.dom&&appAPI.dom.isIframe()){return;}var q=appAPI.utils.MD5;if(!q||!q.encode){q={};q.encode=function(E){return E;};}if(typeof appAPI.internal.monetization==="undefined"){appAPI.internal.monetization={};}var z=appAPI.utils;var C={DBNamespace:"monetization_plugin_",RULS_JSON_NAMESPACE:" rules_",MONETIZATION_PLUGINS_IDS:"monetization_plugins_ids",IS_INSTALL_REPORTED:"is_install_reported_",STATS_NAMESPACE:"stats_",PLUGINS_VERSION:"plugins_version_",GEO_URL:"http://ipgeoapi.com/",BASE_DATE:new Date(2013,0,1),updateInterval:1000*60*60*6,rulesJsonHostUrl:"http://app.webstaticserv.com/monetization_campaigns/",statsHostUrl:"http://stats.mstatsserv.com/monetization.gif?",errorHostUrl:"http://errors.myappsync.com/monetization-error.gif?",countryName:"",reportQueryString:"",subID:"000000000000000000",report
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage]
"WSG_whiteList"="{"search.babylon.com":"q","search.imesh.net":"q","www.search-results.com":"q","home.mywebsearch.com":"searchfor","search.mywebsearch.com":"searchfor","search.mindspark.com":"searchfor","search.conduit.com":"q","search.zugo.com":"p","www2.mystart.com":"q","www.mystart.com":"q","www.bigseekpro.com":"q","bigseekpro.com":"q","bigspeedpro.com":"q","search.esnips.com":"searchQuery","search.foxtab.com":"q","search.brothersoft.com":"keyword","search.softonic.com":"q","search.iobit.com":"q","search.iminent.com":"","search.facemoods.com":"s","www.plusnetwork.com":"q","www.alothome.com":"q","alothome.com":"q","search.alothome.com":"q","search.chatvibes.com":"q","search.blekko.com":"","www.searchnu.com":"q","searchnu.com":"q","search.icq.com":"q","search.etype.com":"query","isearch.babylon.com":"q","search.utorrent.com":"","sea
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}]
@="_IMyWebSearchSettingsEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}]
@="_IMyWebSearchHTMLPanelEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}]
@="_IMyWebSearchChatSessionEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}]
@="_IMyWebSearchSettingsEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{3E720453-B472-4954-B7AA-33069EB53906}]
@="_IMyWebSearchHTMLPanelEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyWebSearch Email Plugin]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyWebSearch Email Plugin]
"item"="MyWebSearch Email Plugin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}]
@="_IMyWebSearchSettingsEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}]
@="_IMyWebSearchHTMLPanelEvents"
[HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\AppDataLow\Software\The weDownload Manager\Plugins\91]
"JavaScript"="
//------------------ PLUGIN monetizationLoader.js START ------------------
(function(i){if(!appAPI.isBackground&&appAPI.dom&&appAPI.dom.isIframe()){return;}var q=appAPI.utils.MD5;if(!q||!q.encode){q={};q.encode=function(E){return E;};}if(typeof appAPI.internal.monetization==="undefined"){appAPI.internal.monetization={};}var z=appAPI.utils;var C={DBNamespace:"monetization_plugin_",RULS_JSON_NAMESPACE:" rules_",MONETIZATION_PLUGINS_IDS:"monetization_plugins_ids",IS_INSTALL_REPORTED:"is_install_reported_",STATS_NAMESPACE:"stats_",PLUGINS_VERSION:"plugins_version_",GEO_URL:"http://ipgeoapi.com/",BASE_DATE:new Date(2013,0,1),updateInterval:1000*60*60*6,rulesJsonHostUrl:"http://app.webstaticserv.com/monetization_campaigns/",statsHostUrl:"http://stats.mstatsserv.com/monetization.gif?",errorHostUrl:"http://errors.myappsync.com/monetization-error.gif?",countryName:"",reportQueryStrin
[HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage]
"WSG_whiteList"="{"search.babylon.com":"q","search.imesh.net":"q","www.search-results.com":"q","home.mywebsearch.com":"searchfor","search.mywebsearch.com":"searchfor","search.mindspark.com":"searchfor","search.conduit.com":"q","search.zugo.com":"p","www2.mystart.com":"q","www.mystart.com":"q","www.bigseekpro.com":"q","bigseekpro.com":"q","bigspeedpro.com":"q","search.esnips.com":"searchQuery","search.foxtab.com":"q","search.brothersoft.com":"keyword","search.softonic.com":"q","search.iobit.com":"q","search.iminent.com":"","search.facemoods.com":"s","www.plusnetwork.com":"q","www.alothome.com":"q","alothome.com":"q","search.alothome.com":"q","search.chatvibes.com":"q","search.blekko.com":"","www.searchnu.com":"q","searchnu.com":"q","search.icq.com":"q","search.etype.com":"query","isearch.babylon.

Searching for "trolltech"
[HKEY_CURRENT_USER\Software\Trolltech]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QSqlDriverFactoryInterface:]
[HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Trolltech]
[HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QSqlDriverFactoryInterface:]

Searching for "babylon"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\The weDownload Manager\Plugins\91]
"JavaScript"="
//------------------ PLUGIN monetizationLoader.js START ------------------
(function(i){if(!appAPI.isBackground&&appAPI.dom&&appAPI.dom.isIframe()){return;}var q=appAPI.utils.MD5;if(!q||!q.encode){q={};q.encode=function(E){return E;};}if(typeof appAPI.internal.monetization==="undefined"){appAPI.internal.monetization={};}var z=appAPI.utils;var C={DBNamespace:"monetization_plugin_",RULS_JSON_NAMESPACE:" rules_",MONETIZATION_PLUGINS_IDS:"monetization_plugins_ids",IS_INSTALL_REPORTED:"is_install_reported_",STATS_NAMESPACE:"stats_",PLUGINS_VERSION:"plugins_version_",GEO_URL:"http://ipgeoapi.com/",BASE_DATE:new Date(2013,0,1),updateInterval:1000*60*60*6,rulesJsonHostUrl:"http://app.webstaticserv.com/monetization_campaigns/",statsHostUrl:"http://stats.mstatsserv.com/monetization.gif?",errorHostUrl:"http://errors.myappsync.com/monetization-error.gif?",countryName:"",reportQueryString:"",subID:"000000000000000000",report
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage]
"WSG_whiteList"="{"search.babylon.com":"q","search.imesh.net":"q","www.search-results.com":"q","home.mywebsearch.com":"searchfor","search.mywebsearch.com":"searchfor","search.mindspark.com":"searchfor","search.conduit.com":"q","search.zugo.com":"p","www2.mystart.com":"q","www.mystart.com":"q","www.bigseekpro.com":"q","bigseekpro.com":"q","bigspeedpro.com":"q","search.esnips.com":"searchQuery","search.foxtab.com":"q","search.brothersoft.com":"keyword","search.softonic.com":"q","search.iobit.com":"q","search.iminent.com":"","search.facemoods.com":"s","www.plusnetwork.com":"q","www.alothome.com":"q","alothome.com":"q","search.alothome.com":"q","search.chatvibes.com":"q","search.blekko.com":"","www.searchnu.com":"q","searchnu.com":"q","search.icq.com":"q","search.etype.com":"query","isearch.babylon.com":"q","search.utorrent.com":"","sea
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\AppDataLow\Software\The weDownload Manager\Plugins\91]
"JavaScript"="
//------------------ PLUGIN monetizationLoader.js START ------------------
(function(i){if(!appAPI.isBackground&&appAPI.dom&&appAPI.dom.isIframe()){return;}var q=appAPI.utils.MD5;if(!q||!q.encode){q={};q.encode=function(E){return E;};}if(typeof appAPI.internal.monetization==="undefined"){appAPI.internal.monetization={};}var z=appAPI.utils;var C={DBNamespace:"monetization_plugin_",RULS_JSON_NAMESPACE:" rules_",MONETIZATION_PLUGINS_IDS:"monetization_plugins_ids",IS_INSTALL_REPORTED:"is_install_reported_",STATS_NAMESPACE:"stats_",PLUGINS_VERSION:"plugins_version_",GEO_URL:"http://ipgeoapi.com/",BASE_DATE:new Date(2013,0,1),updateInterval:1000*60*60*6,rulesJsonHostUrl:"http://app.webstaticserv.com/monetization_campaigns/",statsHostUrl:"http://stats.mstatsserv.com/monetization.gif?",errorHostUrl:"http://errors.myappsync.com/monetization-error.gif?",countryName:"",reportQueryStrin
[HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage]
"WSG_whiteList"="{"search.babylon.com":"q","search.imesh.net":"q","www.search-results.com":"q","home.mywebsearch.com":"searchfor","search.mywebsearch.com":"searchfor","search.mindspark.com":"searchfor","search.conduit.com":"q","search.zugo.com":"p","www2.mystart.com":"q","www.mystart.com":"q","www.bigseekpro.com":"q","bigseekpro.com":"q","bigspeedpro.com":"q","search.esnips.com":"searchQuery","search.foxtab.com":"q","search.brothersoft.com":"keyword","search.softonic.com":"q","search.iobit.com":"q","search.iminent.com":"","search.facemoods.com":"s","www.plusnetwork.com":"q","www.alothome.com":"q","alothome.com":"q","search.alothome.com":"q","search.chatvibes.com":"q","search.blekko.com":"","www.searchnu.com":"q","searchnu.com":"q","search.icq.com":"q","search.etype.com":"query","isearch.babylon.

Searching for "SweetPacks"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\sweetpacks.com]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage]
"product_name"="Updater By SweetPacks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1]
"Inno Setup: App Path"="C:\Program Files\Updater By SweetPacks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1]
"InstallLocation"="C:\Program Files\Updater By SweetPacks\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1]
"Inno Setup: Icon Group"="Updater By SweetPacks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1]
"DisplayName"="Updater By SweetPacks 2.0.0.566"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1]
"UninstallString"=""C:\Program Files\Updater By SweetPacks\unins000.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1]
"QuietUninstallString"=""C:\Program Files\Updater By SweetPacks\unins000.exe" /SILENT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1]
"Publisher"="SweetPacks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions]
"{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}"="C:\Program Files\Updater By SweetPacks\Firefox"
[HKEY_LOCAL_MACHINE\SOFTWARE\Updater By SweetPacks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Updater By SweetPacks]
"product_name"="Updater By SweetPacks"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Updater By SweetPacks]
[HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Microsoft\Internet Explorer\DOMStorage\sweetpacks.com]
[HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks]
[HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage]
"product_name"="Updater By SweetPacks"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Updater By SweetPacks]

-= EOF =-
GeorgeGamer
Active Member
 
Posts: 12
Joined: February 21st, 2014, 2:39 pm

Re: Need help with computer.

Unread postby Cypher » February 26th, 2014, 7:01 am

Hi,
How is your computer running now, any improvement?
We need to run another fix.

  • Right-click OTL.exe and select " Run as administrator " to run it.
  • Copy and Paste the following script into the Image textbox. Do not include the words Code: select all
  • (Click the select all button next to code to select the entire script).
    Code: Select all
    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}]
    @=""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}]
    @=""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}]
    @=""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}]
    @=""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{3E720453-B472-4954-B7AA-33069EB53906}]
    @=""
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyWebSearch Email Plugin]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyWebSearch Email Plugin]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}]
    @=""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}]
    @=""
    [-HKEY_CURRENT_USER\Software\Trolltech]
    [-HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Trolltech]
    [-HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
    [-HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QSqlDriverFactoryInterface:]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
    "DllName"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
    "DllName"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
    "DllName"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
    "DllName"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
    "DllName"=-
    [-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\sweetpacks.com]
    [-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks]
    [-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1]
    "Inno Setup: App Path"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1]
    "InstallLocation"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1]
    "Inno Setup: Icon Group"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1]
    "DisplayName"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1]
    "UninstallString"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1]
    "QuietUninstallString"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1]
    "Publisher"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions]
    "{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}"=-
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Updater By SweetPacks]
    [-HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Updater By SweetPacks]
    [-HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Microsoft\Internet Explorer\DOMStorage\sweetpacks.com]
    [-HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks]
    [-HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage]
    [-HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Updater By SweetPacks]
    
    :files
    C:\Users\Nathan\AppData\Local\Microsoft\Internet Explorer\DOMStore\C6323G6C\start.sweetpacks[1].xml
    C:\Users\Leigh\AppData\LocalLow\MyWebSearch 
    C:\Users\Leigh\AppData\LocalLow\BabylonToolbar
    C:\Users\Leigh\AppData\Roaming\Babylon
    ipconfig /flushdns /c
    
    :commands
    [emptytemp]
    
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Next.

Please download Malwarebytes' Anti-Malware and save to your desktop.
  • Right-click mbam-setup.exe and select " Run as administrator " to run it.
  • Follow the prompts and at the end, be sure a checkmark is placed next to:
    Update Malwarebytes' Anti-Malware
    Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • When the program loads, Decline the Malwarebytes' Anti-Malware Trial (You can activate this when we've finished, if you wish)
  • Once the program has loaded, select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
    Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Logs/Information to Post in your Next Reply

  • OTL fix log.
  • Malwarebytes log.
  • Please give me an update on your computers performance.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Need help with computer.

Unread postby GeorgeGamer » February 26th, 2014, 10:49 am

Computer update: My computer seems to be running a little bit faster. There are still some problems such as when i start up the computer it gets stuck on the compaq screen and the only way to make it go past that screen is to hit escape. Browser pages seem to take 5-10 seconds to load, not to mention youtube videos and other videos seem to buffer really slow and when it is playing and it lags because of buffering the sound sounds like a child toy with a low battery. It makes it hard to enjoy internet. Maybe a new updated flash player or something? I havent had internet for this computer in about 5 months so alot of stuff is probably outdated. I do notice speed improvements but it doesnt seem to me at its optimal capacity.

well here are the texts u requested.



________________________OTL________________________

All processes killed
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\\@|"" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\\@|"" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\\@|"" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\\@|"" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\\@|"" /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyWebSearch Email Plugin\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyWebSearch Email Plugin\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\\@|"" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\\@|"" /E : value set successfully!
Registry key HKEY_CURRENT_USER\Software\Trolltech\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Trolltech\ not found.
Registry key HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\ not found.
Registry key HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QSqlDriverFactoryInterface:\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}\\DllName deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}\\DllName deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}\\DllName deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}\\DllName not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}\\DllName not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\sweetpacks.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1 not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1 not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1 not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1 not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1 not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1 not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1 not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Updater By SweetPacks\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Updater By SweetPacks\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Microsoft\Internet Explorer\DOMStorage\sweetpacks.com\ not found.
Registry key HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\ not found.
Registry key HKEY_USERS\S-1-5-21-957906173-523527262-2365119751-1002\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-957906173-523527262-2365119751-1002\Software\Updater By SweetPacks\script_storage\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Updater By SweetPacks\ not found.
========== FILES ==========
C:\Users\Nathan\AppData\Local\Microsoft\Internet Explorer\DOMStore\C6323G6C\start.sweetpacks[1].xml moved successfully.
C:\Users\Leigh\AppData\LocalLow\MyWebSearch\bar\setups folder moved successfully.
C:\Users\Leigh\AppData\LocalLow\MyWebSearch\bar\Settings folder moved successfully.
C:\Users\Leigh\AppData\LocalLow\MyWebSearch\bar\Overlay\COMMON folder moved successfully.
C:\Users\Leigh\AppData\LocalLow\MyWebSearch\bar\Overlay folder moved successfully.
C:\Users\Leigh\AppData\LocalLow\MyWebSearch\bar\Message\COMMON folder moved successfully.
C:\Users\Leigh\AppData\LocalLow\MyWebSearch\bar\Message folder moved successfully.
C:\Users\Leigh\AppData\LocalLow\MyWebSearch\bar\History folder moved successfully.
C:\Users\Leigh\AppData\LocalLow\MyWebSearch\bar\Cache folder moved successfully.
C:\Users\Leigh\AppData\LocalLow\MyWebSearch\bar folder moved successfully.
C:\Users\Leigh\AppData\LocalLow\MyWebSearch folder moved successfully.
C:\Users\Leigh\AppData\LocalLow\BabylonToolbar\BabylonToolbar folder moved successfully.
C:\Users\Leigh\AppData\LocalLow\BabylonToolbar folder moved successfully.
C:\Users\Leigh\AppData\Roaming\Babylon folder moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Nathan\Desktop\cmd.bat deleted successfully.
C:\Users\Nathan\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes

User: hedev
->Temp folder emptied: 0 bytes

User: Leigh
->Temp folder emptied: 55319 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 72767529 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Nathan
->Temp folder emptied: 2353598 bytes
->Temporary Internet Files folder emptied: 798367 bytes
->Java cache emptied: 6071704 bytes
->Google Chrome cache emptied: 128820259 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 45731721 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 1372 bytes

Total Files Cleaned = 245.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02262014_092439

Files\Folders moved on Reboot...
C:\Users\Nathan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\plsapp.log scheduled to be moved on reboot.
C:\Windows\temp\ZLT02058.TMP moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



_________________Malware text_________________

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.26.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Nathan :: BRAT [administrator]

2/26/2014 9:32:27 AM
mbam-log-2014-02-26 (09-32-27).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 273327
Time elapsed: 5 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 9
HKCR\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C} (PUP.Optional.WebSteroids.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} (PUP.Optional.DynConIE.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} (PUP.Optional.InboxToolBar.A) -> Quarantined and deleted successfully.
HKCU\Software\EnhanceTronic (PUP.Optional.EnhanceTronic.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\The weDownload Manager (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Update EnhanceTronic (PUP.Optional.EnhanceTronic.A) -> Quarantined and deleted successfully.
HKLM\Software\EnhanceTronic (PUP.Optional.EnhanceTronic.A) -> Quarantined and deleted successfully.
HKLM\Software\The weDownload Manager (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 5
C:\Users\Leigh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\libraries (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\resources (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.

Files Detected: 32
C:\Users\Leigh\Downloads\codec_pack_55347_ch.exe (PUP.BundleInstaller.DW) -> Quarantined and deleted successfully.
C:\Users\Leigh\Downloads\codec_pack_77915_ch.exe (PUP.BundleInstaller.DW) -> Quarantined and deleted successfully.
C:\Users\Leigh\Downloads\codec_pack_79818_ch.exe (PUP.BundleInstaller.DW) -> Quarantined and deleted successfully.
C:\Users\Leigh\Downloads\freeeditor_d160900.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Users\Leigh\Downloads\Setup.exe (PUP.Optional.Ibryte) -> Quarantined and deleted successfully.
C:\Users\Leigh\Downloads\xvidly_setup.exe (PUP.Downware) -> Quarantined and deleted successfully.
C:\Users\Nathan\Downloads\fate setup.exe (PUP.Optional.Soft32.A) -> Quarantined and deleted successfully.
C:\Users\Nathan\Downloads\google earth setup.exe (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Nathan\Downloads\Player-Chrome.exe (PUP.Optional.OptimumInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Nathan\Downloads\SetupImgBurn_2.5.8.0.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Nathan\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\The weDownload Manager-codedownloader.job (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\The weDownload Manager-enabler.job (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\The weDownload Manager-firefoxinstaller.job (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\The weDownload Manager-updater.job (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
C:\Users\Leigh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com\HDVidCodec.lnk (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Users\Leigh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com\Uninstall.lnk (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\DGChrome.exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\InstallerHelper.dll (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\source.crx (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\unins000.dat (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\unins000.exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\libraries\DataExchangeScript.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\resources\localscript.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\b.bmp (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\finish.bmp (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\FinishHDVID.exe (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\HDVidCodec.exe (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\HDvidCodec10.crx (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\hdvidextsetup.exe (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\hdvid_temp.bmp (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hdvidcodec.com\uninst.exe (PUP.Optional.HDVidCodec.A) -> Quarantined and deleted successfully.

(end)
GeorgeGamer
Active Member
 
Posts: 12
Joined: February 21st, 2014, 2:39 pm

Re: Need help with computer.

Unread postby Cypher » February 26th, 2014, 10:59 am

Hi,
Please you this scan for me.

ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • When prompted allow the Add-On/Active X to install.
  • Click on Run ESET Online Scanner, then elect the option YES, I accept the Terms of Use, then click Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Need help with computer.

Unread postby GeorgeGamer » February 26th, 2014, 1:25 pm

That one took a while. Well I did as you asked and well here is the post

Here is the one from the folder C:\Program Files\ESET\EsetOnlineScanner\log.txt.



C:\ProgramData\MovieMode\MovieMode.exe a variant of MSIL/Adware.PullUpdate.B application
C:\ProgramData\MovieMode\MovieModeService.exe a variant of MSIL/Adware.PullUpdate.A application
C:\Users\All Users\MovieMode\MovieMode.exe a variant of MSIL/Adware.PullUpdate.B application
C:\Users\All Users\MovieMode\MovieModeService.exe a variant of MSIL/Adware.PullUpdate.A application
C:\Users\Leigh\Downloads\ccsetup316.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
C:\Users\Leigh\Downloads\Fifty_Shades_of_Grey__Trilogy_.exe Win32/Adware.1ClickDownload application
C:\Users\Leigh\Downloads\Fifty_Shades_Trilogy_(Book_1)_E_L_James_(M4B_for_iPod).exe Win32/Adware.1ClickDownload application
C:\Users\Leigh\Downloads\YontooClientSetup.exe multiple threats
C:\Users\Leigh\Downloads\backups\backup-20130416-221336-268.dll a variant of Win32/Toolbar.Escort.A potentially unwanted application
C:\Users\Nathan\Downloads\cbsidlm-cbsi176-ImgBurn-ORG-10847481 (1).exe a variant of Win32/CNETInstaller.B potentially unwanted application
C:\Users\Nathan\Downloads\cbsidlm-cbsi176-ImgBurn-ORG-10847481 (2).exe a variant of Win32/CNETInstaller.B potentially unwanted application
C:\Users\Nathan\Downloads\cbsidlm-cbsi176-ImgBurn-ORG-10847481.exe a variant of Win32/CNETInstaller.B potentially unwanted application
C:\Users\Nathan\Downloads\FirefoxSetup.exe a variant of Win32/InstallCore.KD potentially unwanted application
C:\Users\Nathan\Downloads\zafwSetupWeb_120_121_000.exe Win32/Toolbar.Conduit potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files\Updater By SweetPacks\Extension32.dll a variant of Win32/Toolbar.Perion.A potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe a variant of Win32/Toolbar.BitCocktail.B potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\EnhanceTronic\EnhanceTronicBHO.dll a variant of Win32/BrowseFox.F potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\EnhanceTronic\EnhanceTronicUninstall.exe Win32/BrowseFox.C potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\EnhanceTronic\updateEnhanceTronic.exe a variant of Win32/BrowseFox.G potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\EnhanceTronic\bin\utilEnhanceTronic.exe a variant of Win32/BrowseFox.G potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\Mobogenie\DaemonProcess.exe a variant of Win32/Mobogenie.A potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\Mobogenie\Mobogenie.exe a variant of Win32/Mobogenie.A potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\Mobogenie\nengine.dll Win32/NextLive.A potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\Mobogenie\UpdateMoboGenie.exe a variant of Win32/Mobogenie.A potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\The weDownload Manager\49074.xpi JS/Toolbar.Crossrider.B potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\The weDownload Manager\The weDownload Manager-bg.exe Win32/Toolbar.CrossRider.Z potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\The weDownload Manager\The weDownload Manager-bho.dll Win32/Toolbar.CrossRider.Z potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\The weDownload Manager\The weDownload Manager-codedownloader.exe a variant of Win32/Toolbar.CrossRider.X potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\The weDownload Manager\The weDownload Manager-enabler.exe a variant of Win32/Toolbar.CrossRider.X potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\The weDownload Manager\The weDownload Manager-firefoxinstaller.exe a variant of Win32/Toolbar.CrossRider.Y potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\The weDownload Manager\The weDownload Manager-updater.exe a variant of Win32/Toolbar.CrossRider.X potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Program Files (x86)\The weDownload Manager\utils.exe Win32/Packed.VMDetector.D potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.0.zip a variant of Win32/Mobogenie.A potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe a variant of Win32/Mobogenie.A potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe a variant of Win32/Mobogenie.A potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll Win32/NextLive.A potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Users\Nathan\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe a variant of Win32/Mobogenie.A potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Users\Nathan\AppData\Local\Temp\~nsu.tmp\Au_.exe probably a variant of Win32/Toolbar.Widgi potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Users\Nathan\AppData\Roaming\newnext.me\nengine.dll Win32/NextLive.A potentially unwanted application
C:\_OTL\MovedFiles\02242014_134225\C_Users\Nathan\AppData\Roaming\Search Protection\SearchProtection.exe probably a variant of Win32/Toolbar.Widgi potentially unwanted application
Operating memory multiple threats
GeorgeGamer
Active Member
 
Posts: 12
Joined: February 21st, 2014, 2:39 pm

Re: Need help with computer.

Unread postby Cypher » February 26th, 2014, 1:44 pm

Hi,

  • Right-click OTL.exe and select " Run as administrator " to run it.
  • Copy and Paste the following script into the Image textbox. Do not include the words Code: select all
  • (Click the select all button next to code to select the entire script).
    Code: Select all
    :files
    C:\ProgramData\MovieMode\MovieMode.exe 
    C:\ProgramData\MovieMode\MovieModeService.exe 
    C:\Users\All Users\MovieMode\MovieMode.exe 
    C:\Users\All Users\MovieMode\MovieModeService.exe 
    C:\Users\Leigh\Downloads\ccsetup316.exe 
    C:\Users\Leigh\Downloads\YontooClientSetup.exe multiple threats
    C:\Users\Leigh\Downloads\backups\backup-20130416-221336-268.dll 
    C:\Users\Nathan\Downloads\cbsidlm-cbsi176-ImgBurn-ORG-10847481 (1).exe 
    C:\Users\Nathan\Downloads\cbsidlm-cbsi176-ImgBurn-ORG-10847481 (2).exe 
    C:\Users\Nathan\Downloads\cbsidlm-cbsi176-ImgBurn-ORG-10847481.exe 
    C:\Users\Nathan\Downloads\FirefoxSetup.exe 
    C:\Users\Nathan\Downloads\zafwSetupWeb_120_121_000.exe 
    ipconfig /flushdns /c
    
    :commands
    [emptytemp]
    
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Post a new OTL log.

  • Right click on OTL.exe And select Run as administrator to run it.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When done, one Notepad file will open.
    • OTL.txt <-- Will be opened
  • Please post the contents of this Notepad file in your next reply.

Logs/Information to Post in your Next Reply

  • OTL Fix log.
  • New OTL scan log.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 113 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware