Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

slow running computer

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

slow running computer

Unread postby c62ip64 » April 27th, 2014, 12:23 pm

My computer, including internet, is running slowly. I'm including the DDS logs.

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16545 BrowserJavaVersion: 10.5.1
Run by Tom at 12:10:05 on 2014-04-27
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2045.864 [GMT -4:00]
.
AV: Webroot SecureAnywhere *Enabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}
SP: Webroot SecureAnywhere *Enabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Windows\system32\CTsvcCDA.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com/?pc=Z039&form=ZGAPHP
mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&cli ... bd=5070523
uProxyOverride = <local>;*.local
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn5\yt.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Updater For Verizon Toolbar: {96673559-e653-4cdc-8923-f89347a952c0} - c:\program files\verizontb\auxi\verizonAu.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - c:\program files\webroot\wrdata\pkg\vistax86\wrflt.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
BHO: Verizon Toolbar: {f8d96645-337c-419b-8792-b6c126145811} - c:\program files\verizontb\verizonDx.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn2\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn5\yt.dll
TB: Verizon Toolbar: {f8d96645-337c-419b-8792-b6c126145811} - c:\program files\verizontb\verizonDx.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [YSearchProtection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [Google Update] "c:\users\tom\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [VolPanel] "c:\program files\creative\sbaudigy\volume panel\VolPanlu.exe" /r
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [Verizon_McciTrayApp] "c:\program files\verizon\McciTrayApp.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Garmin Lifetime Updater] c:\program files\garmin\lifetime updater\GarminLifetime.exe /StartMinimized
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [WRSVC] "c:\program files\webroot\WRSA.exe" -ul
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
uPolicies-Explorer: NoViewOnDrive = dword:0
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: DisableLocalMachineRun = dword:0
uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
uPolicies-Explorer: DisableCurrentUserRun = dword:0
uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
uPolicies-Explorer: NoFile = dword:0
uPolicies-Explorer: HideClock = dword:0
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoWindowsUpdate = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
uPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\pokerstars.net\PokerStarsUpdate.exe
Trusted Zone: turbotax.com
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{837B7C71-5871-45E6-B5A6-A4CCD5A82203} : DHCPNameServer = 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
mASetup: ccc-core-static - msiexec /fums {65E6362A-B878-4A7B-86DA-D16F8DBD75C7} /qb
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\tom\appdata\roaming\mozilla\firefox\profiles\odvrni0d.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://entertainment.verizon.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z039&form=ZGAADF&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin.dll
FF - plugin: c:\program files\common files\motive\npMotive.dll
FF - plugin: c:\program files\geocomply\gc-browser-plugin-client-c\2.1.4.2\npgc-browser-plugin-client-c.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\0\NP_wtapp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\tom\appdata\local\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_13_0_0_182.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2009-09-01 19:57; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
============= SERVICES / DRIVERS ===============
.
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2014-3-30 107256]
R0 WRkrn;WRkrn;c:\windows\system32\drivers\WRkrn.sys [2012-4-1 118240]
R1 RapportCerberus_59849;RapportCerberus_59849;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\baseline\RapportCerberus32_59849.sys [2013-10-31 340432]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2014-3-30 156024]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2014-3-30 228888]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-19 21504]
R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\verizon\iha_messagecenter\bin\Verizon_IHAMessageCenter.exe [2011-12-12 350792]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2014-3-30 1444120]
R2 WRSVC;WRSVC;c:\program files\webroot\WRSA.exe [2012-7-10 766040]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2012-7-10 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\microsoft sql server\mssql10_50.mssqlserver\mssql\binn\fdlauncher.exe [2010-4-3 28512]
S3 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\microsoft sql server\msrs10_50.mssqlserver\reporting services\reportserver\bin\ReportingServicesService.exe [2011-4-24 1177952]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2010-4-3 44896]
S4 RsFx0150;RsFx0150 Driver;c:\windows\system32\drivers\RsFx0150.sys [2010-4-3 240608]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2014-04-27 14:40:52 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{d67e16d4-3a52-4b4c-a15e-c22f0b998bed}\offreg.dll
2014-04-27 14:37:57 -------- d-----w- c:\users\tom\appdata\local\{58AD6799-A049-40E1-8C9A-EFE5DA486C28}
2014-04-27 14:17:07 8050496 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{d67e16d4-3a52-4b4c-a15e-c22f0b998bed}\mpengine.dll
2014-04-22 22:46:28 -------- d-----w- c:\users\tom\appdata\local\{004DF6EF-1782-497F-83A4-7B9415F20D35}
2014-04-19 03:30:36 -------- d-----w- c:\windows\Migration
2014-04-19 03:09:59 -------- d-----w- c:\users\tom\appdata\local\{0952AEC8-2F9D-42A8-ADEF-E88A038C47B4}
2014-04-16 00:06:17 -------- d-----w- c:\users\tom\appdata\local\{A256382A-E660-4AD5-9527-09BCB80CDABB}
2014-04-03 21:53:30 -------- d-----w- c:\users\tom\appdata\local\{042815AB-49C6-48BF-880E-0FBF39982315}
2014-03-31 00:30:22 107256 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2014-03-29 20:27:02 -------- d-----w- c:\program files\iPod
2014-03-29 20:27:00 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-29 20:27:00 -------- d-----w- c:\program files\iTunes
2014-03-29 20:21:24 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin5.dll
2014-03-29 20:21:24 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin4.dll
2014-03-29 20:21:24 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin3.dll
2014-03-29 20:21:24 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin2.dll
2014-03-29 20:21:24 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin.dll
2014-03-29 20:21:24 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2014-03-29 20:21:24 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2014-03-29 20:21:24 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2014-03-29 20:21:24 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2014-03-29 20:21:24 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
.
==================== Find3M ====================
.
2014-04-13 16:51:37 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-13 16:51:37 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-13 16:35:49 154248 ----a-w- c:\windows\system32\WRusr.dll
2014-04-13 16:35:49 118240 ----a-w- c:\windows\system32\drivers\WRkrn.sys
2014-03-31 13:35:10 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-03-07 23:12:00 1806848 ----a-w- c:\windows\system32\jscript9.dll
2014-03-07 23:02:19 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-07 23:02:07 1129472 ----a-w- c:\windows\system32\wininet.dll
2014-03-07 22:57:17 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-07 22:56:03 421376 ----a-w- c:\windows\system32\vbscript.dll
2014-03-07 22:52:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-02-07 10:38:44 2050560 ----a-w- c:\windows\system32\win32k.sys
2014-02-03 10:37:54 505344 ----a-w- c:\windows\system32\qedit.dll
2014-01-30 07:46:58 876032 ----a-w- c:\windows\system32\wer.dll
.
============= FINISH: 12:10:58.38 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 5/23/2007 11:22:45 AM
System Uptime: 4/27/2014 10:30:11 AM (2 hours ago)
.
Motherboard: Dell Inc. | | 0WG864
Processor: Intel(R) Core(TM)2 CPU 6420 @ 2.13GHz | Microprocessor | 2128/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 136.132 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.456 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1320: 3/21/2014 11:03:18 PM - Installed Rapport
RP1321: 3/21/2014 11:14:32 PM - Windows Update
RP1322: 3/28/2014 11:01:27 PM - Windows Update
RP1323: 3/29/2014 1:51:47 PM - Scheduled Checkpoint
RP1324: 4/1/2014 6:49:50 AM - Windows Update
RP1325: 4/1/2014 7:40:12 PM - Scheduled Checkpoint
RP1326: 4/6/2014 8:13:43 AM - Windows Update
RP1328: 4/10/2014 6:43:06 AM - Installed Rapport
RP1329: 4/12/2014 9:19:59 AM - Windows Update
RP1330: 4/12/2014 9:58:35 AM - Windows Update
RP1331: 4/15/2014 8:16:44 PM - Windows Update
RP1332: 4/18/2014 10:16:09 PM - Windows Update
RP1333: 4/18/2014 11:27:48 PM - Windows Update
RP1334: 4/20/2014 12:52:51 PM - Scheduled Checkpoint
RP1335: 4/22/2014 6:39:56 PM - Windows Update
RP1336: 4/27/2014 10:15:35 AM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 12 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader X (10.1.9)
Adobe Shockwave Player 11.6
AIM 7
Amazon MP3 Downloader 1.0.15
AnswerWorks 4.0 Runtime - English
AOL Install
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoStudio 5.5
ATI - Software Uninstall Utility
ATI Catalyst Control Center
Audit Support Center 1.0
Bing Bar
Bonjour
BorgataPoker
Call of Duty Dawnville Demo
Canon MP Navigator 3.0
Canon MP600
Canon MP600 User Registration
Canon My Printer
Canon Utilities Easy-PhotoPrint
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Localization Arabic
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Spanish
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help English
CCC Help French
CCC Help German
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Polish
CCC Help Portuguese
CCC Help Spanish
CCC Help Thai
CCleaner
Citrix Presentation Server Client
ClubUwin
ClubWPT
Conexant D850 PCI V.92 Modem
Corel Paint Shop Pro Photo XI
Corel Snapfire Plus
Creative MediaSource 5
D3DX10
Dell Games
Dell System Customization Wizard
DellSupport
Digital Line Detect
Dolphin Futures XPS Viewer version 1.1.0
Download Manager v1.8.0.1
Download Updater (AOL LLC)
FileHippo.com Update Checker
Games, Music, & Photos Launcher
Garmin Lifetime Updater
GDR 1617 for SQL Server 2008 R2 (KB2494088)
GeoComply Browser Plugin-C
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hoyle Casino 2007
IHA_MessageCenter
Intel(R) Matrix Storage Manager
Internet Service Offers Launcher
iTunes
Java 7 Update 51
Java Auto Updater
Java(TM) 6 Update 21
JavaFX 2.1.1
Junk Mail filter update
Malwarebytes Anti-Malware version 1.75.0.1300
Media Player Codec Pack 3.9.6
Mesh Runtime
Messenger Companion
MetaFrame Presentation Server Web Client for Win32
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft IntelliPoint 7.1
Microsoft IntelliType Pro 7.1
Microsoft Office 2003 Web Components
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Report Viewer Redistributable 2008 (KB971119)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Native Client
Microsoft SQL Server 2008 R2 Policies
Microsoft SQL Server 2008 R2 RsFx Driver
Microsoft SQL Server 2008 R2 Setup (English)
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Browser
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 (x86)
Microsoft Sync Services for ADO.NET v2.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Works
Mozilla Firefox 27.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NetWaiting
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Plan3D
PokerStars
PokerStars.net
Product Documentation Launcher
QuickTime 7
Rapport
Recuva
Rhapsody
Rhapsody MP3 Download Manager
RPS CRT
ScanSoft OmniPage SE 4.0
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878236) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2878237) 32-Bit Edition
Segoe UI
SigmaTel Audio
Skins
Sonic Activation Module
Sound Blaster Audigy ADVANCED MB
SQL Server 2008 R2 BI Development Studio
SQL Server 2008 R2 Common Files
SQL Server 2008 R2 Database Engine Services
SQL Server 2008 R2 Database Engine Shared
SQL Server 2008 R2 Full text search
SQL Server 2008 R2 Management Studio
SQL Server 2008 R2 Reporting Services
Sql Server Customer Experience Improvement Program
swMSM
Trusteer Endpoint Protection
TurboTax Premier 2007
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
URL Assistant
User's Guides
Verizon FiOS Activation
Verizon Help and Support Tool
Verizon Toolbar
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 0.9.2
Vz In-Home Agent
Vz In Home Agent
Webroot SecureAnywhere
WildTangent Games App (Dell Games)
Windows 7 Upgrade Advisor
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Yahoo! Install Manager
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
4/27/2014 10:04:48 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Lbd
4/27/2014 10:04:48 AM, Error: Service Control Manager [7000] - The SupportSoft Sprocket Service (dellsupportcenter) service failed to start due to the following error: The system cannot find the file specified.
4/27/2014 10:04:48 AM, Error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.
.
==== End Of File ===========================

Thanks for your anticipated help,
Tom
c62ip64
Regular Member
 
Posts: 19
Joined: April 27th, 2014, 12:13 pm
Advertisement
Register to Remove

Re: slow running computer

Unread postby pgmigg » April 28th, 2014, 10:09 am

Hello c62ip64,

Welcome to the forum! :)

I am pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: slow running computer

Unread postby pgmigg » April 28th, 2014, 11:50 pm

Hello c62ip64,

Step 1.
Create a System Restore Point
Because we are going to be making changes to your computer, it is advisable to create a new System Restore Point.
  1. Right-click on Computer and select Properties.
  2. In the left pane under Tasks please click System protection.
    If UAC prompts for an administrator password or approval, type the password or give your "permission to continue".
  3. Select System Protection, then choose Create.
  4. In the System Restore dialog box, type a description for the restore point and then click Create again.
    A window will pop up with "The Restore Point was created successfully" confirmation message.
  5. Click OK, then close the System Restore dialog.

If you have successfully created a System Restore Point, we can proceed.
If you have NOT successfully created a System Restore Point, do not go any further!
Please post back so we can determine why it was unsuccessful.


Step 2.
WARNING: Poker sites

BorgataPoker
Hoyle Casino 2007
PokerStars
PokerStars.net


Online Poker sites are well known for placing all manner of Internet parasites on their visitors' computers and continue to do so.
In a lot of cases, these Poker plugins are also getting installed without your asking for it.
This is how you can remove it/them if you decide to do so:

  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without the words 'Code: Select all' into the open text entry box:
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    BorgataPoker
    Hoyle Casino 2007
    PokerStars
    PokerStars.net

    NOTE: Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the programs.
  4. When the program(s) have been uninstalled, please close Control Panel.
  5. Reboot you computer.

Step 3.
Remove Program(s)
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without the words 'Code: Select all' into the open text entry box:
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    Bing Bar
    Java 7 Update 51
    Java Auto Updater
    Java(TM) 6 Update 21
    JavaFX 2.1.1
    Verizon Toolbar
    Yahoo! Search Protection
    Yahoo! Software Update
    Yahoo! Toolbar
  4. Take extra care in answering questions posed by any Uninstaller.
  5. When the program(s) have been uninstalled, please close Control Panel.
  6. Reboot you computer.

Step 4.
TDSSKiller - Scan only
Please download the TDSSKiller.exe by Kaspersky and save it to your Desktop. <-Important!!!
  1. Right click on TDSSKiller.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
    If TDSSKiller does not run, please rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. zarodinu.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Please select Skip instead of Cure (default).
  5. Then click Continue, then Close and then Close again.
  6. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory (usually Local Disk C:).
  7. Copy and paste the contents of that file in your next reply.

Step 5.
OTL - Download
Please download OTL.exe by Old Timer and save it to your Desktop.

OTL Scan
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the boxes labeled:
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  4. Click on Run Scan at the top left hand corner.
  5. When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  6. Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt log file
  3. Contents of a OTL.txt log file
  4. Contents of a Extras.txt log file
  5. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: slow running computer

Unread postby c62ip64 » April 29th, 2014, 11:24 am

System restore point was created

Programs were removed. I had to remove them trough the control panel. Start Search could not find appwiz.cpl.

Not sure what happened the first time I downloaded TDSSKiller. It seems I was redirected to another site, Webroot flagged what I downloaded as malware and removed it. I got to the correct site the second time I downloaded the program. There were no malicious found when I ran the scan.

The following is the OTL scan:

OTL logfile created on: 4/29/2014 10:57:55 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tom\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.04 Gb Available Physical Memory | 51.93% Memory free
4.23 Gb Paging File | 2.77 Gb Available in Paging File | 65.46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 138.09 Gb Free Space | 61.98% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.46 Gb Free Space | 54.56% Space Free | Partition Type: NTFS

Computer Name: FAMILY-PC | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/04/29 10:36:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
PRC - [2014/04/14 00:00:58 | 002,484,504 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2014/04/14 00:00:58 | 001,444,120 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2014/04/13 12:35:10 | 000,766,040 | ---- | M] (Webroot) -- C:\Program Files\Webroot\WRSA.exe
PRC - [2013/12/18 14:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/11/17 11:44:38 | 001,765,744 | ---- | M] (NDS Technologies) -- C:\Users\Tom\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
PRC - [2013/11/17 11:44:36 | 007,877,480 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
PRC - [2013/09/13 18:24:32 | 000,350,792 | ---- | M] (Verizon) -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
PRC - [2011/10/03 09:14:06 | 001,409,384 | ---- | M] (Garmin) -- C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe
PRC - [2010/03/17 16:55:42 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/05/23 11:28:48 | 000,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2007/02/08 01:16:24 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
PRC - [2006/11/27 09:14:52 | 000,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
PRC - [2006/11/12 02:19:46 | 000,446,976 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2006/09/29 12:39:20 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/09/29 12:38:50 | 000,081,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe


========== Modules (No Company Name) ==========

MOD - [2014/04/27 10:51:28 | 001,091,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\0bedc417d3c5dcb1c9a5f15dd733c556\System.ServiceModel.Web.ni.dll
MOD - [2014/04/27 10:51:19 | 019,693,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll
MOD - [2014/04/27 10:50:59 | 000,530,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\d7a1bbd56dc15a29c2450b177f9468d7\System.Net.Http.ni.dll
MOD - [2014/04/27 10:50:52 | 002,997,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll
MOD - [2014/04/27 10:50:39 | 000,399,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll
MOD - [2014/04/27 10:50:00 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014/04/27 10:49:57 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\0d3cb1df8b6af32cebdc6e2cc4948c69\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014/04/27 10:49:56 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
MOD - [2014/04/22 18:56:52 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014/04/22 18:56:33 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014/04/22 18:56:27 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014/04/22 18:56:13 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014/04/22 18:56:11 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
MOD - [2014/04/22 18:56:10 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
MOD - [2014/04/22 18:56:09 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
MOD - [2014/04/22 18:56:06 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014/04/22 18:55:54 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014/04/22 18:55:50 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014/04/22 18:55:41 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014/04/22 18:55:39 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014/04/22 18:55:32 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014/04/22 18:55:30 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014/04/22 18:55:04 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/03/23 17:04:20 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2014/02/13 16:27:36 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d17ceca243fabda73eefb21d9bd072df\System.Configuration.ni.dll
MOD - [2014/02/13 16:27:30 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\02c0c31b20715dbd4f0777bf47b4bf46\Accessibility.ni.dll
MOD - [2014/02/13 14:28:41 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f87e71868aedbc6c4e8fe7160d17c4ab\System.Xml.ni.dll
MOD - [2014/02/13 14:28:19 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2b605fc7deda872727d1ed37710420e\System.Windows.Forms.ni.dll
MOD - [2014/02/13 14:28:07 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8e6265a54260bddfc05951e764f5bc48\System.Drawing.ni.dll
MOD - [2014/02/13 14:25:47 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\957628d9dd7b3bf370a56dca7835a997\System.ni.dll
MOD - [2014/02/13 14:24:56 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll
MOD - [2014/02/06 01:52:52 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/06 01:52:32 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/02/03 14:21:51 | 001,125,592 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
MOD - [2013/11/17 11:45:22 | 000,091,976 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\z.dll
MOD - [2013/11/17 11:45:18 | 000,332,128 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\ndsLogStore.dll
MOD - [2013/11/17 11:45:16 | 001,403,224 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\libxml2-2.dll
MOD - [2013/11/17 11:45:06 | 000,689,000 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
MOD - [2013/11/17 11:44:44 | 007,554,400 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\gsttspplugin.dll
MOD - [2013/11/17 11:44:36 | 007,877,480 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
MOD - [2013/11/17 11:44:32 | 003,094,880 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\DrmSingleton.dll
MOD - [2013/11/17 11:44:30 | 002,157,928 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\DiscoveryManager.dll
MOD - [2011/11/24 00:05:40 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2007/04/04 08:54:34 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2006/11/20 13:29:10 | 000,101,376 | ---- | M] () -- C:\Windows\System32\APOMngr.dll
MOD - [2006/11/13 10:07:34 | 000,066,560 | ---- | M] () -- C:\Windows\System32\CmdRtr.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter -- (sprtsvc_dellsupportcenter)
SRV - [2014/04/29 09:37:17 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/18 22:58:30 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/14 00:00:58 | 001,444,120 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2014/04/13 12:35:10 | 000,766,040 | ---- | M] (Webroot) [Auto | Running] -- C:\Program Files\Webroot\WRSA.exe -- (WRSVC)
SRV - [2013/12/18 14:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/13 18:24:32 | 000,350,792 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2008/07/29 14:10:46 | 003,201,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon90)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/23 11:28:48 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2006/11/07 13:27:02 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/09/29 12:38:50 | 000,081,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\npf.sys -- (NPF)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\bcmwlhigh6.sys -- (BCMH43XX)
DRV - [2014/04/29 10:49:35 | 000,118,240 | ---- | M] (Webroot) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\lKYSdJnp.sys -- (lKYSdJnp)
DRV - [2014/04/14 00:01:06 | 000,228,888 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2014/04/14 00:01:06 | 000,156,024 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2014/04/14 00:01:06 | 000,107,256 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2014/04/13 12:35:49 | 000,118,240 | ---- | M] (Webroot) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\WRkrn.sys -- (WRkrn)
DRV - [2013/10/31 20:40:10 | 000,340,432 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys -- (RapportCerberus_59849)
DRV - [2011/12/06 19:38:23 | 000,111,872 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2010/04/03 12:02:54 | 000,240,608 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0150.sys -- (RsFx0150)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/11/05 16:35:25 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2008/11/19 14:22:36 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2008/01/19 00:25:05 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/04/04 08:54:32 | 002,313,216 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007/02/08 01:16:26 | 000,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2006/10/18 14:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/17 15:43:52 | 000,007,424 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Program Files\DellSupport\Drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/08/04 20:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/06/24 17:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005/05/26 10:01:36 | 000,038,144 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2005/05/26 10:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cli ... bd=5070523
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>



IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=Z039&form=ZGAPHP
IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..\SearchScopes,DefaultScope = {76E9350E-0392-9C19-F83A-99BC015260AF}
IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS
IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..\SearchScopes\{76E9350E-0392-9C19-F83A-99BC015260AF}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z039&form=ZGAIDF
IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-tyc8
IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.comcast.net/news/"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Tom\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tom\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tom\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\geocomply.com/gc_browser_plugin_client_c: C:\Program Files\GeoComply\gc-browser-plugin-client-c\2.1.4.2\npgc-browser-plugin-client-c.dll (GeoComply)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Tom\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webrootsecure@webroot.com: C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2014/03/09 10:44:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/04/18 22:58:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/04/18 22:58:22 | 000,000,000 | ---D | M]

[2008/08/27 21:35:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Extensions
[2007/06/01 23:28:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\jvcjvj1p.default\extensions
[2014/04/29 10:12:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\odvrni0d.default\extensions
[2010/04/28 09:28:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\odvrni0d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2014/04/18 22:17:01 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\odvrni0d.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2014/04/29 10:09:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/04/18 22:58:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/04/18 22:58:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/03/24 08:41:42 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www22.verizon.com/Foryourhome/My ... Login.aspx
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Tom\AppData\Local\Google\Chrome\Application\34.0.1847.116\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Tom\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Tom\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Verizon Servicepoint (Enabled) = C:\Program Files\Verizon\VSP\nprpspa.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~1\mcafee\msc\npmcsn~1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Google Wallet = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2012/08/04 09:06:07 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Webroot Filtering Extension) - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ECenter] c:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [WRSVC] C:\Program Files\Webroot\WRSA.exe (Webroot)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000..\Run: [PCShowServer] C:\Users\Tom\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)
O4 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{837B7C71-5871-45E6-B5A6-A4CCD5A82203}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O30 - LSA: Security Packages - (pku2u) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/09/21 15:29:16 | 000,021,628 | ---- | M] () - D:\auto_v2a_image[1].jpg -- [ NTFS ]
O33 - MountPoints2\{b2f3f85c-1051-11dc-aed0-0019d172d1fe}\Shell - "" = AutoRun
O33 - MountPoints2\{b2f3f85c-1051-11dc-aed0-0019d172d1fe}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/04/29 10:51:34 | 004,164,448 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tom\Desktop\tdsskiller.exe
[2014/04/29 10:49:35 | 000,118,240 | ---- | C] (Webroot) -- C:\Windows\System32\drivers\lKYSdJnp.sys
[2014/04/29 10:36:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2014/04/29 08:15:45 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\{F74D871C-A920-4318-91A5-846A8C410BA5}
[2014/04/27 14:59:17 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\DIRECTV Player
[2014/04/27 10:37:57 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\{58AD6799-A049-40E1-8C9A-EFE5DA486C28}
[2014/04/22 18:46:28 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\{004DF6EF-1782-497F-83A4-7B9415F20D35}
[2014/04/18 23:30:36 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/04/18 23:09:59 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\{0952AEC8-2F9D-42A8-ADEF-E88A038C47B4}
[2014/04/18 22:58:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/04/15 20:06:17 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\{A256382A-E660-4AD5-9527-09BCB80CDABB}
[2014/04/14 00:01:06 | 000,107,256 | ---- | C] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2014/04/12 10:06:52 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/04/12 10:06:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/04/12 10:06:49 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/04/12 10:06:49 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/04/12 10:06:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/04/12 10:06:47 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/04/12 10:06:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/04/12 10:06:44 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/04/03 17:53:30 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\{042815AB-49C6-48BF-880E-0FBF39982315}

========== Files - Modified Within 30 Days ==========

[2014/04/29 11:02:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{62A93A7C-B9D5-4553-A562-97492E6A1F25}.job
[2014/04/29 10:51:34 | 004,164,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tom\Desktop\tdsskiller.exe
[2014/04/29 10:50:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/29 10:49:35 | 000,118,240 | ---- | M] (Webroot) -- C:\Windows\System32\drivers\lKYSdJnp.sys
[2014/04/29 10:37:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/29 10:36:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2014/04/29 10:31:37 | 000,003,952 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/29 10:31:37 | 000,003,952 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/29 10:14:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/29 10:07:06 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1571669636-96613985-1446841813-1000UA.job
[2014/04/29 09:37:16 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/04/29 09:37:16 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/04/29 08:32:40 | 000,722,164 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/04/29 08:32:40 | 000,148,886 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/04/29 08:11:51 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/18 22:11:14 | 000,000,426 | ---- | M] () -- C:\AVScanner.ini
[2014/04/14 00:01:06 | 000,107,256 | ---- | M] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2014/04/13 12:47:57 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1571669636-96613985-1446841813-1000Core1cc02b7290d2d2b.job
[2014/04/13 12:35:49 | 000,154,248 | ---- | M] (Webroot) -- C:\Windows\System32\WRusr.dll
[2014/04/13 12:35:49 | 000,118,240 | ---- | M] (Webroot) -- C:\Windows\System32\drivers\WRkrn.sys
[2014/04/13 12:34:13 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2014/04/13 12:34:12 | 000,000,438 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2014/04/12 11:08:49 | 000,002,075 | ---- | M] () -- C:\Users\Tom\Desktop\Google Chrome.lnk
[2014/03/31 09:35:10 | 000,231,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

========== Files Created - No Company Name ==========

[2014/04/18 22:37:49 | 000,000,426 | ---- | C] () -- C:\AVScanner.ini
[2010/10/25 11:08:02 | 019,657,194 | ---- | C] () -- C:\ProgramData\vlc-1.1.4-win32.exe
[2010/02/15 16:32:51 | 000,000,040 | ---- | C] () -- C:\Users\Tom\dlmgr_.pro
[2009/12/03 15:26:36 | 000,000,680 | ---- | C] () -- C:\Users\Tom\AppData\Local\d3d9caps.dat
[2009/07/08 20:19:26 | 000,000,004 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\BF28D8
[2009/07/08 20:19:25 | 000,870,128 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\mcs.rma
[2007/06/10 13:39:45 | 000,000,000 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\wklnhst.dat
[2007/05/28 04:08:35 | 000,127,488 | ---- | C] () -- C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %SystemRoot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008/03/05 22:48:37 | 000,000,000 | ---D | M] -- C:\Users\Cathy\AppData\Roaming\acccore
[2011/10/20 17:01:32 | 000,000,000 | ---D | M] -- C:\Users\Cathy\AppData\Roaming\Garmin
[2011/04/14 06:37:00 | 000,000,000 | ---D | M] -- C:\Users\Cathy\AppData\Roaming\Trusteer
[2008/03/02 19:24:56 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\acccore
[2011/12/10 01:33:13 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Amazon
[2014/02/16 16:42:51 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Canon
[2014/02/22 00:38:47 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\cef-cache
[2011/10/16 18:09:45 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Garmin
[2007/08/05 19:58:00 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\GetRightToGo
[2010/02/18 15:37:07 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\IBM
[2007/06/07 18:48:02 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\ICAClient
[2011/03/06 16:21:54 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\PCDr
[2011/10/29 12:12:05 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\RegistryKeys
[2009/07/13 18:55:34 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\SanDisk
[2009/12/23 16:32:10 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\ScanSoft
[2011/10/29 12:12:05 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Speeding Up My PC
[2013/04/02 13:10:30 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\TechWizard
[2007/06/10 13:39:45 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Template
[2014/02/22 00:38:36 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\theBorgata
[2011/04/12 19:54:59 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Trusteer
[2011/12/17 00:36:48 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\WildTangent
[2010/10/21 11:21:41 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 959 bytes -> C:\ProgramData\TEMP:5575A4B0
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:63238B95

< End of report >
c62ip64
Regular Member
 
Posts: 19
Joined: April 27th, 2014, 12:13 pm

Re: slow running computer

Unread postby c62ip64 » April 29th, 2014, 11:25 am

Here is the Extras log:

OTL Extras logfile created on: 4/29/2014 10:57:55 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tom\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.04 Gb Available Physical Memory | 51.93% Memory free
4.23 Gb Paging File | 2.77 Gb Available in Paging File | 65.46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 138.09 Gb Free Space | 61.98% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.46 Gb Free Space | 54.56% Space Free | Partition Type: NTFS

Computer Name: FAMILY-PC | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-19\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-20\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"AntivirusOverride" = 0
"UacDisableNotify" = 0
"AntiSpywareDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{541AB2F4-7FE6-45B8-9A80-F65B073D0EB3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B3934286-6972-4742-9B2F-2C866AE04803}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{DB8D02CB-4B01-41D3-A227-B1D639501223}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E7A7DAFA-C120-4B60-8F79-95C3E7E91E67}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{EC697544-AE10-490E-B146-388BDE16FB86}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F68B9E9D-FABF-4CF9-8C00-72D2ECA3B67C}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{049F2EB6-9AE6-49CB-8F23-7AB40D6953AF}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{086F4B17-C024-46DF-AC94-5BA494B59C5C}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{0E4E5D9D-F151-455E-80BB-5B5BFC9F9880}" = protocol=6 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"{26EA7B21-0D51-4016-981A-68FF04FD7085}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{27DBD01D-1A43-403B-AEF2-E0E7FD5CFF37}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{34EA25EE-89A0-4230-980F-4F569C51C743}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{400A6069-8285-4065-AF92-5A8B9722927C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{4763DEEA-8DBE-4D0E-8575-BCA9AE8B038C}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{609C0F25-17A5-438A-BF97-5644D55D14B6}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{693F5C9C-C508-4A8F-8D33-1480DB44DF07}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{6B7EA470-17A1-4EB1-8FFD-29F2157EE630}" = protocol=6 | dir=in | app=c:\program files\turbotax\premier 2007\32bit\ttax.exe |
"{8609B317-3317-4E79-A301-2A2D02E59D91}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{8F2F72CB-7F14-41D2-813B-FA03DB9713D5}" = protocol=17 | dir=in | app=c:\program files\turbotax\premier 2007\32bit\ttax.exe |
"{ABD3D5CB-C409-40E8-85EE-753AF87FA92F}" = protocol=17 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"{AE06BA98-E342-468B-841D-C49678A395A6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C65D8148-2AD3-49CC-BEEE-958AAC23BCB1}" = protocol=6 | dir=in | app=c:\program files\turbotax\premier 2007\32bit\updatemgr.exe |
"{D8DB7B18-F2CB-4854-AEEB-82EC02AC674A}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{DBABB97A-C860-4963-B8E8-9E2012BE85C7}" = protocol=17 | dir=in | app=c:\program files\turbotax\premier 2007\32bit\updatemgr.exe |
"{DEE23214-204A-426D-A912-4BBE3D05285E}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{EDDFF9A2-7729-432D-ABC0-AFA991EE39A2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F7A9A22B-DDDA-4485-9142-EAB42C246E58}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{C394C73E-4783-4DBF-8E9D-00F3DFA9824F}G:\techwizard.exe" = protocol=6 | dir=in | app=g:\techwizard.exe |
"TCP Query User{E375D6A2-BB87-4C67-A8B3-F5CA95380D12}C:\users\tom\appdata\local\directv player\ndspcshowserver.exe" = protocol=6 | dir=in | app=c:\users\tom\appdata\local\directv player\ndspcshowserver.exe |
"TCP Query User{ECE265A9-3141-4A7A-B791-137FBB709FAC}G:\techwizard.exe" = protocol=6 | dir=in | app=g:\techwizard.exe |
"UDP Query User{1241C715-81DF-4D61-82BB-9FB409BCD432}C:\users\tom\appdata\local\directv player\ndspcshowserver.exe" = protocol=17 | dir=in | app=c:\users\tom\appdata\local\directv player\ndspcshowserver.exe |
"UDP Query User{80491291-7A33-4155-B0AA-18E13732CC83}G:\techwizard.exe" = protocol=17 | dir=in | app=g:\techwizard.exe |
"UDP Query User{E8F98BEE-258C-421D-BDF6-035380FAC930}G:\techwizard.exe" = protocol=17 | dir=in | app=g:\techwizard.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{020617D7-2F72-4D02-BF59-A5CBC1761177}" = SQL Server 2008 R2 Management Studio
"{046755CA-F677-4B7F-AF9A-6AB295A02A30}" = Microsoft SQL Server 2008 R2 Native Client
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06A7EA72-0F00-4D53-A81C-A5D925711141}" = SQL Server 2008 R2 Full text search
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DE20748-45A5-6CD9-610E-F881A34E7342}" = Catalyst Control Center Localization Arabic
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600" = Canon MP600
"{11E94FDB-C895-45F1-B756-1C9B8C36C8F1}" = Microsoft IntelliType Pro 7.1
"{121475F5-2598-4574-8801-8F6B3D6A99BB}" = SQL Server 2008 R2 Management Studio
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{143203CB-9E09-4D9D-91F1-D000EC6E1F87}" = SQL Server 2008 R2 BI Development Studio
"{15CC10AB-4266-210D-E2D2-03089C25A028}" = CCC Help English
"{1603C7DC-358B-97AF-B451-B2DDAC734117}" = Catalyst Control Center Localization French
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D47FA1-0440-48D3-A7E0-DA09537FF471}" = Apple Mobile Device Support
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{214030BC-490D-57D4-2547-D0D4ECC851A5}" = Catalyst Control Center Localization Japanese
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install
"{23F70562-02F4-4805-ACF5-6E52BAD167C2}" = SQL Server 2008 R2 Reporting Services
"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety
"{258749E2-3A46-42B1-9A01-BF977AA06FAC}" = RPS CRT
"{2746B4DE-A2EE-4B33-A7CE-B33BAD5EF6FE}" = Vz In Home Agent
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B98E4C3-AABC-9594-3219-A6EB60006C2C}" = Catalyst Control Center Graphics Full Existing
"{2BF7DF19-F716-4986-AD4A-3AF6ACFEEE14}" = SQL Server 2008 R2 BI Development Studio
"{2C698DB8-0D99-5A27-DA3D-A3414FC5DBA7}" = Catalyst Control Center Graphics Light
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}" = iTunes
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{31DBBB49-CAC2-984A-64CA-A88102056E10}" = CCC Help German
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{412FECA2-836F-3DF6-A302-924CEC5B4DE2}" = CCC Help Spanish
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4613D63D-52C3-4BC5-BB65-622A801997E2}" = Plan3D
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{46ACAEB5-365A-74BB-D405-980EA4FE3545}" = CCC Help Japanese
"{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}" = Microsoft SQL Server VSS Writer
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{49E98741-B7A4-4A44-A536-6AFCA23106FE}" = SQL Server 2008 R2 Reporting Services
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AAB7E8F-1C71-E364-458F-5A6797670157}" = Catalyst Control Center Graphics Full New
"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}" = IHA_MessageCenter
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = SQL Server 2008 R2 Database Engine Services
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65E6362A-B878-4A7B-86DA-D16F8DBD75C7}" = ccc-core-static
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69EB5C18-1222-41F1-8C75-69B5F55F4321}" = Garmin Lifetime Updater
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6DD45BD7-DB28-E59F-8239-CF6816AE1FA4}" = Skins
"{7057ABC2-EFF3-4E43-9806-8BCB6EEA9FE6}" = Microsoft IntelliPoint 7.1
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell" = WildTangent Games App (Dell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75480068-162F-4D6B-B38E-76606A4E5320}_is1" = Dolphin Futures XPS Viewer version 1.1.0
"{76866BE3-B2C7-40BB-B267-927792AED0C3}" = Microsoft SQL Server 2008 R2 Setup (English)
"{76C73966-AED3-5ACB-B438-B47E9B1FB2E3}" = CCC Help Chinese Standard
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{794F49F0-2A44-EE74-62FE-22FD68953A25}" = ccc-utility
"{7ADE3A47-B425-45E9-8FF6-11BE2B775645}" = Corel Snapfire Plus
"{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{7CD5F286-FF0A-E638-8143-0E258E3C17E2}" = CCC Help Thai
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program
"{93A1B09E-BAFA-4628-A5B6-921CB026955A}" = Corel Paint Shop Pro Photo XI
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98698CC8-F4C4-A0A7-F521-8547DDD1BB6B}" = Catalyst Control Center Localization Chinese Standard
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a1bb9be6-729f-4049-a36a-aad335c86c01}" = DIRECTV Player
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A3D44AD8-D3C9-45E4-B861-3B653C6EF620}" = Rhapsody MP3 Download Manager
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.9)
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}" = Citrix Presentation Server Client
"{B38BD46F-7280-49C7-8AC0-099F96B01EFD}" = GeoComply Browser Plugin-C
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 Database Engine Services
"{B651AD20-D522-2D6F-3AC7-A5F625FCB283}" = Catalyst Control Center Core Implementation
"{BA0C9AAF-1327-3F06-B49C-349B4BE8F740}" = Microsoft Visual Studio 2008 Shell (integrated mode) - ENU
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{BFFD3331-0B0B-4703-947B-264C4315DEFB}_is1" = Download Manager v1.8.0.1
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C3E2D64C-1B8E-D142-A76F-DEAC02AFF4FA}" = CCC Help Polish
"{C5145CD4-4F74-C986-F86B-F57F3995C59B}" = Catalyst Control Center Localization Arabic
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C89B00A2-B72A-4935-96FC-38796E9554EC}" = Microsoft Sync Services for ADO.NET v2.0 (x86)
"{C8D524C0-FBD2-C4F0-2446-912EABA681E0}" = CCC Help Portuguese
"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files
"{CCF7F09E-A1C5-7D81-437D-B2DC347CC52E}" = Catalyst Control Center Localization Spanish
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEEE47BB-4AB7-9AEB-2212-ECC6D05DDC74}" = Catalyst Control Center Localization Italian
"{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}" = Microsoft SQL Server 2008 R2 Policies
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D71B45B0-70B5-12BA-4ACF-2CEC94FE8A06}" = CCC Help Korean
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}" = Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7744050-4D6F-1280-5331-2EA048B51E94}" = Catalyst Control Center Localization Arabic
"{ECA80341-4BFB-172D-EC5D-64FD8DD41F5A}" = Catalyst Control Center Localization German
"{ECBEB9C6-CC47-70F7-E939-1E20E3BEEC8F}" = Catalyst Control Center Localization Korean
"{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 Database Engine Shared
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4FA8AC4-6B6A-CAA6-8E44-FC64227CC4F7}" = CCC Help Italian
"{F6412237-45F7-B34B-0803-4D77E2D39D0C}" = Catalyst Control Center Localization Chinese Traditional
"{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 Common Files
"{FD01FEBF-376F-F125-09F8-E94B04D21E77}" = CCC Help French
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF001690-A829-9DFD-9EF6-DA285783C49C}" = CCC Help Chinese Traditional
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AIM_7" = AIM 7
"All ATI Software" = ATI - Software Uninstall Utility
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.15
"Audit Support Center" = Audit Support Center 1.0
"Call of Duty Dawnville Demo" = Call of Duty Dawnville Demo
"Canon MP600 User Registration" = Canon MP600 User Registration
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"ClubUwin" = ClubUwin
"ClubWPT" = ClubWPT
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Digital Editions" = Adobe Digital Editions
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"FileHippo.com" = FileHippo.com Update Checker
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Media Player - Codec Pack" = Media Player Codec Pack 3.9.6
"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Report Viewer Redistributable 2008 (KB971119)" = Microsoft Report Viewer Redistributable 2008 SP1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2
"Mozilla Firefox 28.0 (x86 en-US)" = Mozilla Firefox 28.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator 3.0" = Canon MP Navigator 3.0
"NVIDIA Drivers" = NVIDIA Drivers
"Rapport_msi" = Trusteer Endpoint Protection
"Recuva" = Recuva
"Rhapsody" = Rhapsody
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"TurboTax Premier 2007" = TurboTax Premier 2007
"Verizon FiOS Activation_is1" = Verizon FiOS Activation
"Verizon Help and Support" = Verizon Help and Support Tool
"VLC media player" = VLC media player 0.9.2
"VzInHomeAgent" = Vz In-Home Agent
"WildTangent dell Master Uninstall" = Dell Games
"WinLiveSuite" = Windows Live Essentials
"WRUNINST" = Webroot SecureAnywhere
"Yahoo! Messenger" = Yahoo! Messenger
"YInstHelper" = Yahoo! Install Manager

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4/18/2014 11:34:49 PM | Computer Name = Family-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 4/20/2014 1:01:27 PM | Computer Name = Family-PC | Source = EventSystem | ID = 4621
Description =

Error - 4/27/2014 10:37:35 AM | Computer Name = Family-PC | Source = ESENT | ID = 484
Description = wlmail (1868) WindowsLiveMail0: An attempt to remove the folder "C:\Users\Tom\AppData\Local\Microsoft\Windows
Live Mail\Backup\old" failed with system error 145 (0x00000091): "The directory
is not empty. ". The remove folder operation will fail with error -1022 (0xfffffc02).

Error - 4/27/2014 10:37:35 AM | Computer Name = Family-PC | Source = ESENT | ID = 215
Description = wlmail (1868) WindowsLiveMail0: The backup has been stopped because
it was halted by the client or the connection with the client failed.

Error - 4/27/2014 12:25:07 PM | Computer Name = Family-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 4/27/2014 12:25:07 PM | Computer Name = Family-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1061

Error - 4/27/2014 12:25:07 PM | Computer Name = Family-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1061

Error - 4/27/2014 3:15:00 PM | Computer Name = Family-PC | Source = EventSystem | ID = 4621
Description =

Error - 4/29/2014 8:09:31 AM | Computer Name = Family-PC | Source = VSS | ID = 8194
Description =

Error - 4/29/2014 8:15:13 AM | Computer Name = Family-PC | Source = ESENT | ID = 484
Description = wlmail (4356) WindowsLiveMail0: An attempt to remove the folder "C:\Users\Tom\AppData\Local\Microsoft\Windows
Live Mail\Backup\old" failed with system error 145 (0x00000091): "The directory
is not empty. ". The remove folder operation will fail with error -1022 (0xfffffc02).

Error - 4/29/2014 8:15:13 AM | Computer Name = Family-PC | Source = ESENT | ID = 215
Description = wlmail (4356) WindowsLiveMail0: The backup has been stopped because
it was halted by the client or the connection with the client failed.

[ Media Center Events ]
Error - 6/9/2009 6:44:50 PM | Computer Name = Family-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/16/2010 9:32:17 PM | Computer Name = Family-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/1/2010 9:32:35 PM | Computer Name = Family-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ OSession Events ]
Error - 11/3/2008 7:25:40 PM | Computer Name = Family-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 29
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/16/2011 7:12:54 PM | Computer Name = Family-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 4/22/2014 6:38:27 PM | Computer Name = Family-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 4/27/2014 10:04:48 AM | Computer Name = Family-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/27/2014 10:04:48 AM | Computer Name = Family-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/27/2014 10:04:48 AM | Computer Name = Family-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 4/27/2014 1:53:22 PM | Computer Name = Family-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 4/29/2014 8:09:42 AM | Computer Name = Family-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/29/2014 8:09:42 AM | Computer Name = Family-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/29/2014 8:09:42 AM | Computer Name = Family-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 4/29/2014 8:16:18 AM | Computer Name = Family-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 4/29/2014 8:16:44 AM | Computer Name = Family-PC | Source = DCOM | ID = 10010
Description =


< End of report >
c62ip64
Regular Member
 
Posts: 19
Joined: April 27th, 2014, 12:13 pm

Re: slow running computer

Unread postby pgmigg » April 30th, 2014, 10:54 am

Hello c62ip64,

Good job! :D Sorry for delay. Let continue...

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Highlight and copy the following entries: into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [createrestorepoint]
    
    :OTL
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q= {searchTerms}&FORM=IE8SRC
    IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q= {searchTerms}&src=IE-SearchBox&Form=IE8SRC
    IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q= {searchTerms}&src=IE-SearchBox&Form=IE8SRC
    IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=Z039&form=ZGAPHP 
    IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=WLETDF& ... LEM&q= {searchTerms}&src=IE-SearchBox
    IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..\SearchScopes\{76E9350E-0392-9C19-F83A-99BC015260AF}: "URL" = http://www.bing.com/search?q= {searchTerms}&pc=Z039&form=ZGAIDF
    IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p= {searchTerms}&fr=chr-tyc8
    [2014/04/18 22:17:01 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\odvrni0d.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~1\mcafee\msc\npmcsn~1.dll
    [2011/03/24 08:41:42 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
    CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
    CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
    CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~1\mcafee\msc\npmcsn~1.dll
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O4 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
    O7 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
    O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe File not found
    [2014/02/22 00:38:47 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\cef-cache
    [2011/10/29 12:12:05 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Speeding Up My PC
    [2014/02/22 00:38:36 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\theBorgata
    
    :Files
    @C:\ProgramData\TEMP:5575A4B0
    @C:\ProgramData\TEMP:63238B95
    ipconfig /flushdns /c
    
    :Commands
    [emptytemp]
    [emptyflash]
    [emptyjava]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Copy the contents of that file and post it in your next reply. The log can also be found, based on the date/time it was created, as C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log

Step 2.
Image Junkware Removal Tool
  1. Please download Junkware Removal Tool and save JRT.exe to your Desktop.
  2. Shut down your protection software as shown in This topic now to avoid potential conflicts.
  3. Right click on JRT.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  4. Please be patient as this can take a while to complete depending on your system's specifications.
  5. On completion, a log file JRT.txt is saved to your desktop and will automatically open.
  6. Please post the contents of JRT.txt into your next reply.

Step 3.
AdwCleaner
Please download AdwCleaner by Xplode onto your desktop.
  1. Close all open programs and internet browsers.
  2. Right click on adwcleaner.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  3. Click on Scan. When the scan finishes, you'll see a message on the product window: "Pending. Please uncheck elements you don't want to remove."
  4. Press the Clean button.
  5. A log file C:\AdwCleaner[Sn].txt will automatically open. ([Sn] n = number of run)
  6. Please post the content of the C:\AdwCleaner[Sn].txt log file in your next reply.

Step 4.
SystemLook
Please download SystemLook.exe by jpshortstuff and save it to your Desktop.
Alternate download site.
  1. Right click on SystemLook.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
    If you receive an "Open file - security warning"... asking "Do you want to run this file?", press the Run button.
  2. Highlight and copy the following entries: into SystemLook's main text entry window.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :filefind
    *AskToolbar*
    *Ask.com*
    *Bandoo*
    *Babylon*
    *borgata*
    *Cheat*
    *Conduit*
    *Coupons*
    *Enigma*
    *searchab*
    *Fun4IM*
    *Funmoods*
    *Hoyle*
    *iLivid*
    *IObit*
    *Iminent*
    *Poker*
    *Realms*
    *Searchqu*
    *Searchnu*
    *Slick*
    *smartbar*
    *Somoto*
    *Sweet*
    *Tarma*
    *trolltech*
    *Vafmusic2*
    *vshare*
    *whitesmoke*
    *Yontoo*
    
    :folderfind
    *AskToolbar*
    *Ask.com*
    *Babylon*
    *Bandoo*
    *borgata*
    *Cheat*
    *Conduit*
    *Coupons*
    *Enigma*
    *searchab*
    *smartbar*
    *Fun4IM*
    *Funmoods*
    *Hoyle*
    *iLivid*
    *IObit*
    *Iminent*
    *Poker*
    *Realms*
    *Searchqu*
    *Searchnu*
    *Slick*
    *smartbar*
    *Somoto*
    *Sweet*
    *Tarma*
    *trolltech*
    *Vafmusic2*
    *vshare*
    *whitesmoke*
    *Yontoo*
    
    :Regfind
    AskToolbar
    Ask.com
    Babylon
    Bandoo
    borgata
    Cheat
    Conduit
    Coupons
    Enigma
    searchab
    Fun4IM
    Funmoods
    Hoyle
    iLivid
    IObit
    Iminent
    Poker
    Realms
    Searchqu
    Searchnu
    Slick
    smartbar
    Somoto
    Sweetpack
    Tarma
    trolltech
    Vafmusic2
    vshare
    whitesmoke
    Yontoo
    
  3. Press the Look button to start the scan. The scan will take a while so please be patient...
    When finished, a Notepad window will open with the results of the scan.
    A file will be created (on your Desktop) with the results of the scan, named SystemLook.txt
  4. Please post the contents of the SystemLook.txt file in your next reply.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log log file after OTL FixScript run
  3. Contents of the JRT.txt log file
  4. Contents of the AdwCleaner[Sn].txt log file
  5. Contents of the SystemLook.txt log file
  6. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: slow running computer

Unread postby c62ip64 » May 3rd, 2014, 10:06 am

I had a problem running the OTL script. I received a message that 'OTL has stopped working'. There was no log file created. Here is the JRT log file. I'll send the others in separate posts.

Thanks again for your help,
Tom

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Tom on Fri 05/02/2014 at 23:55:14.81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dnu.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\zugo
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdate
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.facemoodshlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.facemoodshlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\viewpoint manager



~~~ Files

Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npdnu.dll"
Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npdnu.xpt"
Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npdnupdater2.dll"
Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npdnupdater2.xpt"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\viewpoint"
Successfully deleted: [Folder] "C:\Users\Tom\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Tom\appdata\locallow\facemoods.com"
Successfully deleted: [Folder] "C:\Program Files\Common Files\software update utility"
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{00010F58-CE5E-4F79-9E9F-37AD1C6BFC8A}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0001DE8B-4B89-43D3-A970-34D186ECF1C2}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{004DF6EF-1782-497F-83A4-7B9415F20D35}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{00C1CCD5-35F8-44B7-BFE2-DFF0DD63073A}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{00FD3D1D-DDA6-4E00-8917-BB01A157AEEA}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{01A4AD83-E94C-43DE-B3D1-F3B8742AA343}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{01D47153-753D-4E32-975D-EFDD94ACEA94}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{02C452FB-2ADF-4806-AEFE-DCA47A910399}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{02D90B42-0597-47DD-BF8C-4E3353F00A37}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{02E4F0E6-E283-4193-B3FF-0E5E23DBBE45}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{02F506FA-E28E-4F94-A7DF-E288A1364B51}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{042815AB-49C6-48BF-880E-0FBF39982315}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0559552E-D69C-4894-9E08-2702C427F639}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0652FE7E-95DC-4099-9D6D-3C04980AFC02}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{066D124B-7443-4620-9EE1-6DE1EB8E05E4}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{072E533B-E2F4-4528-86A5-A296E495165C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0759B2A5-AF7B-4C99-9FB7-3C874C347A12}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{07DC34B7-CD20-4240-8EA3-A5756EA24E0B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{08015D64-F5EC-42C4-9756-78E01CCF92D4}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0816A7F1-300C-4F0A-BA6E-22FBB665568E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{08A6E36F-D7FD-4438-B7DF-F516F1854F6E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{08D94BE9-6B34-4FC9-9BFB-99E98CEB0E4F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0952AEC8-2F9D-42A8-ADEF-E88A038C47B4}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0A97F289-C45E-47AD-91E0-48754F261868}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0C1179E3-67EE-492A-ACDE-F827E4CF3F3D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0C226CE4-0600-4FE6-94AA-B5A963CEE81A}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0C63D39B-6446-4382-8425-0FBD8CBE8284}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0D20C900-92ED-4178-8952-D30F2F1884FE}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0D24F2BE-21E4-407E-ABCF-3C88FA1D02D0}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0D30BBF7-D7C0-48A7-9DA8-89D5AF80F195}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0D7B84D0-5F4D-4FB5-98A4-3DE5A3BFB75C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0E6FA9B7-878B-48B9-BA54-24335536F07A}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0F3701E6-E253-40D1-9C4F-0C5A35905DA0}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0FA43951-D21E-4EBB-B4A0-3D0699FC5EF5}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0FC6611C-E733-4C35-B7FC-D76C9114DAD4}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{0FDDF6B5-BF58-40BD-AEA8-606E8571ECF9}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{100E9C3C-718C-4E00-9B88-78B8A0CF119A}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{110F2F62-6E84-45C6-8E4E-6DC428CCEF7F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{128E7365-76C2-4713-B25E-E3DDC2FD7828}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{12B6A0B1-CB34-4D47-80DF-DB4B67775E32}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{137A3DDB-800D-4ACC-B74D-6E37FCCF566B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{1547B1CD-A60C-41DA-8398-E51A8E0DD691}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{15CF7029-3D0C-4BD1-AE8F-0858C181B069}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{173C1D84-8B3F-4E0D-A438-614B5B8EC71C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{17E9C260-CF09-4545-A2A8-3CDF78BE1035}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{181BC4B9-DD20-4BEA-9282-CA102D3E9017}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{189F1E0F-3C43-4BB0-8FC6-F7AF5AFBA996}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{18B43C8C-4A0B-4D01-9E9E-84C2B0330945}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{1A8162EC-AD23-40E9-901E-E992AB1F6417}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{1B3EB4CA-E792-4536-9C4C-77AF82F93689}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{1B5CCEE9-2469-4055-ADAC-675422A1A910}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{1B5E47BB-99EE-4D28-BDE1-4E6994DF8BCB}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{1C16063B-504D-456E-9574-8D7AF30E6E5D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{1C16F432-35B4-446B-89E9-2B6A5ABFD6D4}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{1C4622D3-ABEF-4606-A967-A24C18EC1BA5}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{1CBC386C-CD9F-42AC-87C5-E8B6384F5E8D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{1D718ECC-B6E3-4D2A-9D54-B2450CDFB4D0}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{1EA19E6C-BF31-47D7-9CF4-184365E1C250}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{22A9ABBB-D67E-4F0C-A57D-1D50DE1BCEC7}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{2486DEE3-B9A8-41DE-88F6-59602150466F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{24AA80E4-F92F-486F-B69A-1826E9E1EDBE}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{2539392E-D9C9-499D-A316-368BD292770B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{26E9CDC9-3105-4A62-8500-4A027F949AD5}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{27CB1BB2-8FA8-4AED-BA45-710B4F695471}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{2A72D0AA-2798-4195-B294-711F21240CFF}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{2BCCA931-705B-4A9D-A47D-CB323FEBCF31}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{2D6A1855-50B3-43EC-B4A1-805695181BDF}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{2D9B83A9-8AA3-4AEA-81D5-A8D6B41E30D9}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{2EEF0B8D-66E7-43F1-8243-20DD8D0EBD7E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{2F6A2342-7FDE-4BD6-830B-F1119327103A}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{2FFFBCC3-A6F7-49EE-8E8B-658EE0254FFE}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{3007ADB2-EA83-41D2-9D17-1ACBA40506A5}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{3160E212-BD40-4B29-8659-3E4C5B0ECC9A}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{333DF0D8-5C3D-40B4-B9BB-2BA502F36F17}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{33A83451-6FA4-49EF-89A4-5FB0C7D1779C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{346F5371-486A-4ACB-8C02-A8DCFEBE973B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{35144288-B74E-4AC4-84A3-1C191C1A416B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{3615606D-9124-49A9-A74D-9E942084BDB4}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{36F51AD1-345B-4B6C-AE09-959B63AA2A8E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{37189528-FF9D-40B8-846C-265F86D44073}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{3772E904-6935-43D1-A169-FB7ED3604068}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{3793DC1D-D9A7-4007-8D1C-B027F709C8C6}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{389C48A2-B33D-40CF-B15D-6C371C8A7049}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{38B86926-37B1-49E5-A0C4-59376B72C385}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{3910871B-A21B-4B47-B407-0D3D176D520C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{39182505-F709-4CF2-8E3F-EE08E1B6FA86}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{39D61675-7BDE-4BC3-B5F5-2807A5C8818F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{3A6D5376-DEAE-4F69-B821-C2905C6D81FF}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{3A946D59-F108-45DD-9EA8-4E420C5DC590}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{3AFBC3A2-B1E8-47AE-A20D-DBDC68B5BEBC}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{3BACC7D1-3B3D-4674-9DA8-6ED74F279C95}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{3C497CC5-B4ED-4BA2-B4A4-EAF01EE2D4A1}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{3CCE0131-3993-4E51-905E-58CB4048DF07}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{3D478760-55F8-4DF3-9B2D-BA0EBBDAB94F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{3E094596-513E-4F32-8CCA-85ED9F275F1B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{403FA00B-C803-469F-ADF9-C5B1C0034874}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{40A7BB62-0204-4C93-9453-C81E1B4FAA83}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{4141B01F-8FDF-48A4-A4A5-D0473906AD2F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{414B512C-E4B7-410A-ACEF-715E33FA5FE5}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{41B75321-1DD3-44E9-8548-DCF86F955E29}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{41DA5046-AA53-4438-A318-590984359CF6}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{42EA4ADB-95FB-4BE3-B3EE-3353C9BDC314}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{430F3AEA-9B11-4CEF-8448-FACA266DD80E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{43730DE9-B1C8-4FDB-AB5F-5A879DEF9F77}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{4598D33A-033A-463D-8A0D-4E06FB5795DA}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{45D8790E-BEEF-4105-A69A-6234E2629D2D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{45F0BFDC-3051-443A-80B2-B84AA50B70ED}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{46557EF2-CF23-4A75-987B-630CC08153C9}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{47A80DFF-3AD7-46A7-BD16-6B9DC3365470}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{47ECB4A1-A490-4226-B1D0-A7B842FB4494}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{481D0305-CD84-4A60-A786-900EBB44591D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{49319858-A4F7-4FAA-B44C-9B46E04AA749}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{4938FDD2-D1BA-424E-AB13-182E4F0C0460}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{4AB3E075-A7CE-4D42-81D4-4782EBA7A070}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{4ACFE68A-5CBD-4094-9996-363D1BF4502E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{4B3CBBD5-44E2-4D12-9B8C-0F3ACE41B31E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{4D80898D-B050-4673-A0D0-D67C779C1EB7}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{4E251B93-C331-49B5-90E2-C12821928932}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{4F51145D-0485-4A90-97B2-262EF45B9093}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{4F8B3494-019B-40C1-AC6D-887911DE3903}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{507B7822-7D49-4D94-B8E8-7AE6FF425F59}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{5104F5B6-9B37-4B63-9615-383AE95AB6EF}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{51853F09-ABF0-446B-981E-E4026FC59563}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{5256289C-C453-49CD-A5CF-AB6E24F3E832}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{52FCA2C4-D550-4404-AAAA-089AAB47D78B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{541E935E-C9D5-4589-BDEB-6952DDEEB0AE}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{542FAC97-8472-4EC9-8D66-31107FAF827E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{54B0DB53-C3AF-4CC3-B479-9F5403EAC14C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{54C0493C-A528-4404-888F-F1E3AFCFAA29}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{55EA8C47-6C90-4691-91F9-E6E4D1FEDDBA}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{56BC8EFF-0912-4F95-9792-2DD20F09A3E0}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{57CE5648-435E-4CF4-A6FD-A69C00B22129}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{584168DE-DB4C-4C9A-962E-7ACE8675F25F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{584B297C-97F6-493A-82D9-AF30921D6BFF}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{58AD6799-A049-40E1-8C9A-EFE5DA486C28}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{5DFC2C44-E50A-4483-812A-94A7E0CC48C8}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{6018518B-99F0-4AEC-9351-06250390910E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{6223790E-2A82-4A5E-9592-724FCDEE3C56}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{623C4A50-14ED-4B40-ABC0-825FEEE9ED2C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{6268A492-EEE6-4EC4-92B4-32FC166AAD2E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{6367B582-82E8-4692-8039-CF733B1FF804}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{639EC6CE-890A-4A5F-BE97-AA8C411F051C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{6445D33D-F2C0-40F9-AC5F-A94006D19AB0}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{65A6E124-02BB-40B2-B4CD-001478CDFFBD}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{66223DE0-E74B-4122-9A3A-EC8BAC3CDC23}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{66989F0E-51AF-420C-9162-377AB9758B55}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{66D2BA08-95F4-4600-A116-AC60B79BFE78}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{68568865-6450-412D-B02E-94C590BF8B2C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{68B19D73-26F5-4DA9-A84E-1EE987DD71E1}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{68E8EE59-A4A4-436F-8FC1-D32BCC903458}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{69A9ABE2-C13F-49C9-AD03-37777262A2A2}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{69ED978F-ABA7-4472-AC2C-8A719F578E8F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{6A449642-B4EA-40A8-90E1-D370556EF453}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{6AC3DA76-9C1F-451E-8183-833811B64439}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{6CCFF461-6E4C-43A0-9770-48909FED1534}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{6D36538A-6F3D-4A18-9725-DF151273FE59}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{6E37FEC5-6BC6-4E35-8FA6-41D74A316933}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{6FC3072F-C221-4B88-AA21-67EE7A133667}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{703053B2-9887-4E34-8411-395E6FD86F76}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{707AF299-3F3E-4691-93BD-9DF2F9535C6D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{710E2130-BAB4-4078-AAC6-F7630C1CB2E9}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{7245B9B2-4EB1-40AF-919E-9E01DCE93596}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{72E1B033-1E3C-4846-ADE6-A024468E3FE9}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{73CA0304-3A5A-4DA8-86D7-A93A029C61C9}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{742098C9-077D-46B5-84BA-728787DFC47B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{746DA0A4-0BD3-4BA4-92D2-C82FC8F1DC8D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{75162A5A-7007-4594-AA12-18E40129930C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{756FA558-E6B8-42A7-B940-5DD0DFEE9844}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{75818DF9-3417-4A23-878E-12409DDD89ED}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{76DBBD1C-012B-4C77-B72C-D08FAAC79689}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{774636DC-9092-43D2-A7AF-B90207B3A0CC}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{77C3DF52-56ED-41AA-9B96-0D71EE28ED1C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{77F0EA93-F274-4A0C-A9DE-AADB4DF65BD1}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{78B5736C-8238-4584-8FAD-3D1354098765}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{78C54647-169F-499F-B405-FEB12C0F491E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{79408E07-5069-4CDA-877C-FFC34A7FA96E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{79D515EB-8C6A-43AE-AB4B-D6855397D6A9}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{7AA9078A-D183-4C1E-8053-0A2E18788FC4}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{7AB6948C-669F-45B2-9FF8-8CDBB8A674EB}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{7AE2E7ED-DDEE-4D6A-BCB2-427C1F8E1DD9}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{7B18F31A-52B9-42F9-9982-1E7D092A452E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{7B4F6FC1-3191-4F9B-9144-5D1EEBC835F1}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{7C57B21D-147F-4C6A-9286-201142A3F91B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{7E5ABA88-0A94-4424-9186-9822A8DDAF63}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{7EE7C671-6E64-44C9-99A9-BF0B4C35F871}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{7EF46C3C-47A6-4393-B08C-4FFD231EB4BA}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{7F0DAE15-122F-4CF2-BB79-BF878C2F3BA4}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{80A2CBF0-C12A-491C-8503-4A0F91A98F24}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{80F5CC0D-3DD1-44C2-B83B-12CE14F9AD4F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{81207397-13D9-4E63-AECC-776ED48946FB}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{82897D5E-159F-4D3F-9066-468B7D25C899}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{830AAC15-3ADC-4FFF-ADE3-33263F267147}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{8383B3E5-1033-456D-AAAE-D42EAFB269D6}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{845E61A7-E740-4337-9FFF-D9257E726057}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{850FC2DB-7BFC-4D30-93D8-F728537EE927}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{854DC6BD-8AF1-4EE9-BDC0-AF6DAD7D279C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{85C26224-9FF5-4463-859F-D24C2580B3E6}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{85EC3029-14E0-40BE-AD3F-DE11D981AD9C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{86524BB3-4AC5-47D0-9033-054F8540B5BD}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{869C8B37-846C-433E-9ABD-B1710383CA0E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{8762A867-E07B-4EF0-9302-1DBB779560F5}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{87F66053-62D4-4055-B4E7-D8CCC6107EA0}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{88A0EC23-BB1B-42D6-848E-DFF497A9E3DA}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{89244CD7-D597-4A47-AE3E-77C1D808786D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{8928D717-BE18-467E-B350-0DB366903572}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{8950E0F8-0FF4-4C66-B4EB-0858ED4A3F0B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{89941F81-B1B7-4883-B8A8-655862EB455E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{899448FF-1F96-429C-A699-F9E473DB4ADB}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{89E173E8-0917-4D45-AC85-D51873D981E7}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{8A2A54F9-0C6D-48BD-9CCA-B978F1CA1526}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{8A38EAB8-7AC1-4A7C-B886-771024C9CE60}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{8B9EEFA9-D4AA-408B-AE76-6BB502139383}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{8BA20BD7-C842-4018-A21D-3341F19128C3}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{8C8C5061-8717-4FC3-A5E9-9D51742E1CA7}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{8CBA9132-5FEA-4412-B9AA-4DA169BF9FEF}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{8D5EDCAC-D5D1-40FF-99EA-7A2F35F51C12}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{8DF1298E-C6D8-44F0-823F-055C88286CFC}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{8F188FDE-ED4C-42F5-AF88-289FA0CB95CB}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{8F9545FE-7BBF-4C84-9605-9A16B71914E1}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{8FC1C01F-C3FE-484D-83A8-EF369A59251C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{924F783A-9F6E-415F-B533-F2D2194E5BBF}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{9559547B-C6AB-45E0-9167-13A8802ED82E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{95864462-57F9-443F-A972-AC5733F4F153}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{968C0EA3-C171-4721-A086-AD7B75F762D5}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{96CD36DF-7E23-4753-9240-CBD2BB0B6717}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{96D83A99-91AA-4881-9ED4-111006600859}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{96DF48C0-72DA-4A82-AB10-C5B158B96B6F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{973F7B72-9DD7-437A-9377-8C5A8AF12DC3}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{97C57AF5-2DE7-4910-91DA-8C5857AF293D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{97ED83FA-369C-4191-9F9D-3757F2B8D7AC}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{99B2244F-04F3-4013-8173-7006A4884693}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{9B0B7554-F5BA-4AF0-9918-50CE7BE7C357}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{9B65D538-9E28-4686-842E-E9947031825A}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{9BFE85FE-3CDC-4B5B-AE5F-4B09D6F08BF3}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{9C49190D-7205-47B4-9435-FF9D599D26EB}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{9C92E5B5-E7D5-44FF-99D1-C1F7C5D47C82}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{9C9D9194-37D6-4D46-BA48-F6DE9E40BBC7}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{9CBF4F40-7B38-4518-811D-39F8F227B3B3}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{9CD512FF-3F0B-4605-A92A-28DEB651432C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{9CFB22E6-AABB-425C-B897-5DB7CA8AE94D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{9D2BA883-1537-403F-B059-CE1BE7319772}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{9D531CDB-63F9-4147-8FE7-82CD8C358B63}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{9DCCEEC8-C4AE-4BD9-A3A5-713B350D506C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{9EA1F3D6-97E7-40A3-A6C4-3A39685D0564}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{9EF2F23A-7917-423C-BB32-4253636F0510}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A05B6858-8ACD-42C7-A6EF-CCD4FE8C794A}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A13110CA-7B0F-40F0-82EB-5ECD4A6DE86F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A256382A-E660-4AD5-9527-09BCB80CDABB}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A36A1F52-64C8-4823-82B6-FAD6FB00475D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A3CCD319-DCFA-4542-A81E-7E7979B60F5E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A414A870-6098-4976-B543-CC0D8251F2B8}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A47FFBB0-1F4F-4812-82C9-88BDDE609EE7}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A4CC2496-9EEB-45E0-9A80-160D6242A7A6}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A55595C3-BCDE-478C-B8F2-921F1EC4FBC2}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A6675328-B69C-4CB8-A809-2DD9F355F3F6}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A6FF3B11-7D67-4CCD-8FA3-46566DD1DF8D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A7172247-97C0-489D-953A-B2DEE66AD422}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A7291243-3710-41A2-A687-9B4C53C9187C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A7BFB2A2-8D91-4CA8-B80F-8AABCE7E189D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A7C956E7-32E1-4FAE-96B9-A4E16FFB1DEF}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A8D44489-E4F8-4E52-AB4D-69C2AD9A179E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A93BC9F0-B3E7-420C-B14E-628B96E782CF}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{A9DEFE3A-B0B1-419E-B95B-E4188C5016B1}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{AB033669-D853-45C2-A55A-E3E411CD8D02}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{AB53781C-3E7A-4078-BB6F-35788F5C4D19}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{AC6DE238-CDFD-433D-86D5-F0E9A79D8F98}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{AD07B2A5-A3E3-4411-9BE8-137A1445E99E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{AD4BE71C-E8A3-4531-943C-AB7D7108B305}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{ADAE86AF-7EE4-435C-9363-032BE10D98F1}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{AE16EC9E-D0DC-434C-B311-97E6E73BDD83}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{AEA904A6-33DD-425C-BD4C-2768E5048B98}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{AEE08E77-2968-4D11-BA4B-E43972696FA9}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{AEE6AFD5-642C-453D-AF0B-EC15B267FE32}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{AF6D13E9-D444-476D-B106-CCDDE5FC7ECB}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{AFED9540-8709-4877-8D6E-2A0059E49325}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B0251BE3-954D-4F5E-AAB0-9828EC05B7C1}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B0DE9AB3-C13B-4433-BF42-3AC067CB0BA4}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B1765EC0-8BE4-4BCE-B743-810E67083155}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B1AD66C0-CE7F-4DE5-A089-7E757E3AC411}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B31FB079-C371-423A-ACF8-7C4E04FF8105}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B3F1B962-4A43-4840-8EAC-657E153678FF}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B487F3A0-5D2C-4349-92B6-04F56B3289F3}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B55B1B39-F059-445D-99FE-298BBE82C423}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B613381F-7075-41F8-8FAB-3A8BFD0FA286}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B6184E86-A08A-409F-B697-55E0C00C40FC}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B62F4FBB-3227-4F62-A599-B6E0A390C269}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B6B8B532-A6B7-41F1-93C9-A3C3E2400530}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B6D36522-C188-4FE0-89B2-B3AD95EA6D6D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B71B9E5D-93BE-40D4-AE5F-5DD3EE38CF85}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B7920F1B-74AD-40CC-93BD-BBFF53843AE6}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B7D044F4-CBA0-4BB1-862F-955CD4F361F1}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B801379F-59BB-4051-86DB-4169FC009717}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B956ED31-317A-429F-ADE8-DB2A679C4D75}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B9D7E457-C999-4F43-A299-D6EC99C2E75A}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{B9ECF709-F67F-4D86-A36E-2F163D1B7C94}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{BA05D16E-A789-4452-B974-37163DB06C79}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{BAA3A884-F302-4C6A-9887-6042679875B3}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{BC2B717B-921C-415F-8FF2-FE8D29025C26}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{BC765DFB-F616-424E-80C7-7C9E0C58F70B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{BC7FE022-27EE-4341-803C-CCFDF170CC0E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{BE77B13A-D7B3-4242-A7A2-766083DB72C2}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{BF5DFEB2-DE74-422B-A697-674CBCB751DC}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{BFC923F7-2A45-413A-91D5-7B0FDABCA978}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C15B5F1B-9C4B-4C39-8046-BEBC82F069A7}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C1B85F29-7AA1-4E4E-8851-C2BA69D3E3EB}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C1CFB2E9-A487-48C3-A333-6DA02A202F60}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C2915820-3936-4378-B8C4-F559D7794176}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C3066914-1203-4FD1-A152-8DA641E1537F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C30BF98A-1A24-4E74-8860-5E82B9F8440E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C369C0E2-031A-4D73-A875-C928B718E61B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C3A8A8E7-D8E6-437D-9AEE-C54603429C90}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C41523E9-F601-4AE5-856B-56518DE2016B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C440C590-0727-4E1B-9195-EFEADE7C09F0}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C4CC9CEE-82F9-453E-93E4-1314BF2F271C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C5D00E55-6E2F-493F-9C97-9C7AA39A1169}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C696ED5F-E909-4B11-93F9-642922272C29}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C69B6D92-C568-404A-82D9-4A77209B2D60}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C6F5BDAE-792A-48E6-87F7-7BCAE631607B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C76A2FCF-8300-41E9-959F-087A2399DE6F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C795E98B-267B-4800-AEB0-06E84D97DE24}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C8569396-2B6C-4DBF-9977-8A37394C3AE4}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C873A63B-84FC-4EEC-9BA4-C96D1AF3EABB}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C96F0138-3470-45C8-9A1F-A83BD245EFB6}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{C9B4CF3F-4D29-4979-8694-B6FF0D04B458}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{CA46AC4B-71D7-49AD-ADD4-5D4A1845BD8D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{CB01B8C1-2D0F-45E6-BCCD-C8FEB6FA36E6}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{CB7059A9-D0B6-4EDB-9895-3560EB0EBA33}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{CB7659D3-81C9-478B-B44F-C72B9CBA9132}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{CBA51B0E-B3C5-444F-9E5C-F3C5D0ED9F69}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{CDF2AF3A-9967-42EB-8555-320F0D233653}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{CE1DA8D4-E4A8-4587-8073-6567B6072A16}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{CEF7BC98-ABC6-4D36-9698-C16E7F0FC912}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{CF4F0FED-4DB6-4F94-B5AA-E1EE31994A7D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{CF7D6C2A-AB3E-466D-A61F-789ED64E428D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{CF9D1890-0D30-4B4F-86CC-89AF8F7D686E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{CF9DB304-9114-45A2-AB0A-C65CF7C541E8}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{CFF44504-50BD-43C3-B1B1-C51A63931DE6}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D058F494-D106-4517-BF76-86D61CA33C4C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D154DAA6-22BA-4155-AE63-B482A065A4BA}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D15C6C61-C677-44C7-8513-D33E6B7D59F0}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D1B92D80-128C-44F4-A99E-4439ACB838E4}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D2D5D4F3-4462-4BFE-94E7-1E0F8B362DBD}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D333D571-CDA2-444D-876C-E32879260D4D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D440B205-4E97-4B11-BF35-E2E148D33050}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D512B72C-1B37-417B-9E13-C869085C7C1D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D567C228-A6CB-4BFF-906F-E750EA51D0CE}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D5B12EA7-AD46-4506-AB4C-E4ECC22A4DB8}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D640A07D-8215-4119-B2AB-4819BDE586C5}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D72C1667-AAAD-459C-BA06-EB984BDA8552}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D73ADBFC-7D44-4AD7-8DBF-206D1ABB60B4}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D7BA015F-9CD5-4FCB-99C7-397EA956355B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D82D98D1-2E37-4029-9BF4-97C343E8F769}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{D8D18927-FE4D-47EB-9C1D-56A8869CDF44}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{DA68E5D8-8688-4E0B-8554-DB0F8A4059B4}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{DB3125D5-DD44-409C-BB27-8B1C59F7EE4F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{DB4D3DB5-36D9-4C9C-A66B-BCDF316C6D17}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{DBA16B72-5E6D-4030-9683-0A3FDADB6204}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{DBF79C14-503E-443D-BC60-5B22DBCF5579}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{DC179F70-3DBA-4A02-871C-38DA7B3237FF}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{DDB9917D-D4FC-4D52-B624-175B2C0ABFC4}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{DE05F91D-3F7A-494A-92C5-19BC4E0C72B7}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{DE0FB36B-C39A-426E-A5E4-9B95DB93CCFD}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{DF01108D-3F6E-4CB1-A139-CC8E00F14D91}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{DF14227B-8DF9-43DA-B9A7-60594FB5D5CC}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{DFCBFA24-A4B6-49EB-8B16-98BE7C80ED1F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{DFE22AAF-9106-407C-BF12-E5CC2B31A8E2}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E04213E7-DF6A-4DA4-90B1-FE8A7F03A9A2}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E0CE3D9E-4DFA-484F-A5F5-512ACF9783C8}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E1B49392-6E72-4749-9E79-11C723258D9D}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E30630D2-336E-4965-8691-9393250CB7F9}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E315B72F-FCD6-406C-942C-C8428BD57E62}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E32E7B08-FDD1-4E6E-99F9-F7DCF051791C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E4DFB9BD-D242-40E3-B1E9-A4ED055B7743}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E5025132-A164-4ACD-84D8-2B5EF6BF5990}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E52DF804-E47C-4A94-B60E-DEE7195E272E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E52E06FE-C519-4BD6-9094-52B87161E7E8}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E5724344-3517-4BC7-8D51-16B6FEC4603E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E5778B7E-43F7-4FE1-9E93-5C13D6EE0C42}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E592D7BD-E352-4AFA-959A-C40E3331DFD0}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E61CC3A8-0B4D-4680-AE43-4E34B5B7BC96}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E77929B7-20B3-4BC0-ABB3-939C40B87DF3}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E7CF86FB-32C6-4F0B-A8F9-A9A5C777B9EA}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E8B4890D-33BA-4BAA-967D-72EF6EE86652}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{E8B5D57F-F0A9-46FF-A83C-6291031E4611}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{EAEA6ACA-0B0A-4354-AD83-1654645649F4}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{EAF3EA26-4C70-44D4-9DDB-D571A820C2E9}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{EC0CFA03-32CB-474F-A344-B780BFF4229B}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{EE905120-C256-4FE5-932D-64700548D15C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{EF22146D-10BB-4154-917C-84D766B706A6}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{EF7B939A-F1FE-4E15-B181-60994828571E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{EF982A24-5851-4413-8EEC-2733B7E074CC}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{EFAE5C1A-B0DA-48D1-88FB-05F96FAE2565}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F0223203-86CC-49D9-97E8-28482399899C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F0356E23-96A7-4E33-AC70-0A48A862D2C2}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F04925D0-CF5E-47CD-9331-47299CB42198}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F1825464-8FF2-4DC3-8332-F5D4A6E67DF7}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F294B081-F7A9-4367-8055-DB6E5660739A}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F2C58E9B-7505-4CD5-B593-53077B1A9647}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F2DC7F65-C25C-4197-9EA9-105DF3A9D13F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F3AAB474-25CB-40D5-9D2C-9A3B8E290AF3}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F3F02CCA-D2F0-418F-8F40-A25CF3DF5A91}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F43990D4-8102-470B-94BA-428F852CDB0E}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F56E5B7F-14EE-412A-8AC6-47573762D784}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F59D4611-AA9F-446B-B4D5-8DD7152D98AD}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F7113759-AE4E-4D51-8B6D-93598EA1A33A}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F7333E5C-1ADF-4F85-8F45-F87994FB35A6}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F74D871C-A920-4318-91A5-846A8C410BA5}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F754668B-A004-4E80-8C24-9E199A087959}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F845E68A-6EB6-44CD-AA4A-86ACC4BC0692}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{F8AA55C3-CAE3-46C5-9BEA-D149009F1529}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{FB78B330-0331-48A3-B954-A9D5E8504A07}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{FBDFDF1D-B94C-4B2A-ABC3-1ABF1B338038}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{FC375E45-35F8-483D-B8AE-D3EF20D73E8C}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{FCA2131E-17FD-460E-B8C2-6848579AB9BA}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{FCFFF7E8-BC5F-4F48-B69A-73DC3CC64BBD}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{FD2216A5-99ED-4D59-981E-3DB2A26C3A0F}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{FE152AB7-03C4-4ACE-AE65-786066FD4433}
Successfully deleted: [Empty Folder] C:\Users\Tom\appdata\local\{FF118DA3-CE59-45C3-887C-8A4DF6263345}



~~~ FireFox

Successfully deleted: [File] C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\odvrni0d.default\user.js
Successfully deleted: [File] C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\odvrni0d.default\searchplugins\bing-zugo.xml
Successfully deleted the following from C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\odvrni0d.default\prefs.js

user_pref("extensions.facemoods.aflt", "_#gppc");
user_pref("extensions.facemoods.firstRun", false);
user_pref("extensions.facemoods.lastActv", "10");
user_pref("extensions.searchtoolbar@zugo.com.install-event-fired", true);
user_pref("oldKeyword", "hxxp://search.aol.com/aolcom/search?query=");
user_pref("verizon.toolbar.buttons_label", ",,Web Search,,,,,,,,,,,,,,,");
user_pref("verizon.toolbar.search.label", "Web Search");
Emptied folder: C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\odvrni0d.default\minidumps [103 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 05/03/2014 at 0:02:58.95
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
c62ip64
Regular Member
 
Posts: 19
Joined: April 27th, 2014, 12:13 pm

Re: slow running computer

Unread postby c62ip64 » May 3rd, 2014, 10:08 am

# AdwCleaner v3.205 - Report created 03/05/2014 at 00:07:31
# Updated 28/04/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Tom - FAMILY-PC
# Running from : C:\Users\Tom\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Cathy\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Cathy\AppData\LocalLow\verizontb

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F8D96645-337C-419B-8792-B6C126145811}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8D96645-337C-419B-8792-B6C126145811}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F8D96645-337C-419B-8792-B6C126145811}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16545


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\Cathy\AppData\Roaming\Mozilla\Firefox\Profiles\jedr8jnv.default\prefs.js ]


[ File : C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\jvcjvj1p.default\prefs.js ]


[ File : C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\odvrni0d.default\prefs.js ]

Line Deleted : user_pref("aol_toolbar.strbundle.msg", "AOL Toolbar");

-\\ Google Chrome v

[ File : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://start.facemoods.com/?a=gppc&f=4&q={searchTerms}
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [3699 octets] - [03/05/2014 00:05:35]
AdwCleaner[S0].txt - [3682 octets] - [03/05/2014 00:07:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3742 octets] ##########
c62ip64
Regular Member
 
Posts: 19
Joined: April 27th, 2014, 12:13 pm

Re: slow running computer

Unread postby c62ip64 » May 3rd, 2014, 10:08 am

SystemLook 30.07.11 by jpshortstuff
Log created at 00:14 on 03/05/2014 by Tom
Administrator - Elevation successful

========== filefind ==========

Searching for "*AskToolbar*"
No files found.

Searching for "*Ask.com*"
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ask.com_0.localstorage --a---- 5120 bytes [22:17 18/03/2014] [22:17 18/03/2014] 89AB1AC4855A6A3456176FCF726B9F0B
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ask.com_0.localstorage-journal --a---- 3608 bytes [22:17 18/03/2014] [22:17 18/03/2014] AF32E409A4B5A9EB54D9BDEB09686947

Searching for "*Bandoo*"
No files found.

Searching for "*Babylon*"
No files found.

Searching for "*borgata*"
C:\Users\Tom\Downloads\BorgataPokerSetup.exe --a---- 769936 bytes [04:35 22/02/2014] [04:35 22/02/2014] CC140D61BFFB6867BFFFD4449D817E86
C:\_OTL\MovedFiles\05012014_184655\C_Users\Tom\AppData\Roaming\cef-cache\theBorgata\BorgataPoker\Local Storage\https_account.borgatapoker.com_0.localstorage --a---- 3072 bytes [04:39 22/02/2014] [05:01 22/02/2014] D58462CBA3BAF344DEFC075D4EE2EE8F
C:\_OTL\MovedFiles\05012014_184655\C_Users\Tom\AppData\Roaming\cef-cache\theBorgata\BorgataPoker\Local Storage\https_pokerapps.borgatapoker.com_0.localstorage --a---- 3072 bytes [05:09 22/02/2014] [05:09 22/02/2014] F4256E8DBEFBEB15EDE8C8F34AFF418B

Searching for "*Cheat*"
C:\Users\Tom\Music\SonicTap\For The Record- The First 10 Years\Now I Lay Me Down To Cheat.mp3 --a---- 6613064 bytes [03:32 24/09/2011] [03:32 24/09/2011] 6373F755B1CD9A91F8EBB16E4906B388

Searching for "*Conduit*"
C:\Program Files\Common Files\Apple\Mobile Device Support\iSyncConduit.dll --a---- 1322368 bytes [20:50 12/02/2014] [20:50 12/02/2014] 5A2B082A760722E08042E3892D07690E

Searching for "*Coupons*"
No files found.

Searching for "*Enigma*"
No files found.

Searching for "*searchab*"
No files found.

Searching for "*Fun4IM*"
No files found.

Searching for "*Funmoods*"
No files found.

Searching for "*Hoyle*"
C:\Users\Tom\Documents\HoyleCasino.xlsx --a---- 10281 bytes [15:28 09/03/2008] [00:50 01/04/2009] C8CE5B9760CE0C68EFE7E12D94A5DD6D

Searching for "*iLivid*"
No files found.

Searching for "*IObit*"
No files found.

Searching for "*Iminent*"
No files found.

Searching for "*Poker*"
C:\PokerStars.log.0 --a---- 84062 bytes [04:00 27/10/2007] [04:32 27/10/2007] A0C2A323769FE1664798473AC79169FA
C:\Program Files\PokerStars\PokerStarsOnlineUpdate.exe --a---- 656728 bytes [03:15 13/07/2008] [23:16 20/10/2009] 0C701110E86E619A94BF63902EA5FA39
C:\Program Files\PokerStars\PokerStarsUpdate.log.0 --a---- 4941 bytes [16:58 16/06/2007] [02:14 09/08/2008] 17F7065DFA349EF17943178793FD45C4
C:\Program Files\PokerStars\PokerStarsUpdate.log.1 --a---- 2189 bytes [16:58 16/06/2007] [03:19 28/07/2008] 8D6C4FDCCC7D3A40772BD0ED07349F6E
C:\Program Files\PokerStars\backup\PokerStars.exe --a---- 6493016 bytes [16:07 15/05/2011] [23:57 03/06/2011] 95FC56624DABE8DEE154914DF6D26D42
C:\Program Files\PokerStars\backup\PokerStars.ini --a---- 1442 bytes [23:16 12/06/2011] [16:07 15/05/2011] 01E72780B396AA64125D664BDC4F3591
C:\Program Files\PokerStars.NET\PokerStarsBr.exe --a---- 210240 bytes [02:51 10/08/2013] [02:42 15/03/2014] BB830510C551B790781FA45B9ECA753E
C:\Users\Cathy\AppData\Local\PokerStars\PokerStars.log.0 --a---- 19739 bytes [00:30 20/08/2009] [03:39 26/02/2011] 372E58AC334F65CAFCFBA683EC15552C
C:\Users\Cathy\AppData\Local\PokerStars\PokerStars.log.1 --a---- 201207 bytes [00:30 20/08/2009] [04:53 15/11/2009] C5003E1B01A1B4B8C4720505D1304753
C:\Users\Cathy\AppData\Local\PokerStars\PokerStarsUpdate.log.0 --a---- 2649 bytes [00:29 20/08/2009] [03:34 26/02/2011] EBDB55F1ABE632E21ABAF73A5DAB63B1
C:\Users\Cathy\AppData\Local\PokerStars\PokerStarsUpdate.log.1 --a---- 2436 bytes [00:29 20/08/2009] [03:53 15/11/2009] EA65962174927828C0EEA6B94553AF29
C:\Users\Cathy\AppData\Local\PokerStars\PokerStarsUpdateE.log.0 --a---- 13480 bytes [03:34 26/02/2011] [03:35 26/02/2011] 14CCEB62BDD301D6BD442B6CE70B68B8
C:\Users\Tom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XHKGZUF\btn-pokerplaynow[1].jpg --a---- 4150 bytes [15:22 09/03/2014] [15:22 09/03/2014] 2E91543B83E3E068DB1F77D09996AD81
C:\Users\Tom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XHKGZUF\hdr-poker[1].htm --a---- 380 bytes [18:56 22/02/2014] [18:56 22/02/2014] C1FF385448327C0CC480A30647453BC2
C:\Users\Tom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XHKGZUF\learn_more_poker[1].jpg --a---- 3445 bytes [00:12 16/04/2014] [00:12 16/04/2014] B57C9E40D99A7E9DBAFAE52BFEE8F015
C:\Users\Tom\AppData\Local\PokerStars\PokerStars.log.0 --a---- 182069 bytes [16:58 16/06/2007] [00:01 13/06/2011] 2350C3D655527E861E7B07AA6DFA3C24
C:\Users\Tom\AppData\Local\PokerStars\PokerStars.log.1 --a---- 19871 bytes [16:58 16/06/2007] [00:00 04/06/2011] 66E267657AF372C039203A210EF04930
C:\Users\Tom\AppData\Local\PokerStars\PokerStarsOnlineUpdate.log.0 --a---- 10350 bytes [02:05 18/10/2008] [02:06 18/10/2008] 4B04711D8431ADEEED09CF350027F4F4
C:\Users\Tom\AppData\Local\PokerStars\PokerStarsUpdate.log.0 --a---- 2467 bytes [02:14 09/08/2008] [20:01 18/02/2012] EC79FEAE8C03B936B0087117A7B1435C
C:\Users\Tom\AppData\Local\PokerStars\PokerStarsUpdate.log.1 --a---- 807 bytes [02:14 09/08/2008] [18:15 23/12/2011] 55159C4AE9C15AF1ADD95E77E036F016
C:\Users\Tom\AppData\Local\PokerStars\PokerStarsUpdateE.log.0 --a---- 21474 bytes [02:32 16/08/2008] [23:16 12/06/2011] CAF6A5F2BA6325CD4FF839F06E9FC6D0
C:\Users\Tom\AppData\Local\PokerStars\PokerStarsUpdateE.log.1 --a---- 4125 bytes [02:32 16/08/2008] [23:57 03/06/2011] C25FFDFEA0DF9CDF16E5D213D443D97B
C:\Users\Tom\Downloads\BorgataPokerSetup.exe --a---- 769936 bytes [04:35 22/02/2014] [04:35 22/02/2014] CC140D61BFFB6867BFFFD4449D817E86
C:\_OTL\MovedFiles\05012014_184655\C_Users\Tom\AppData\Roaming\cef-cache\theBorgata\BorgataPoker\Local Storage\https_account.borgatapoker.com_0.localstorage --a---- 3072 bytes [04:39 22/02/2014] [05:01 22/02/2014] D58462CBA3BAF344DEFC075D4EE2EE8F
C:\_OTL\MovedFiles\05012014_184655\C_Users\Tom\AppData\Roaming\cef-cache\theBorgata\BorgataPoker\Local Storage\https_pokerapps.borgatapoker.com_0.localstorage --a---- 3072 bytes [05:09 22/02/2014] [05:09 22/02/2014] F4256E8DBEFBEB15EDE8C8F34AFF418B

Searching for "*Realms*"
No files found.

Searching for "*Searchqu*"
No files found.

Searching for "*Searchnu*"
No files found.

Searching for "*Slick*"
C:\Program Files\PokerStars\Themes\preview\slick-chair.jpg --a---- 34478 bytes [01:26 11/12/2008] [03:28 01/05/2010] 569C1F4373F05C482243B65E0FB8299C
C:\Program Files\PokerStars\Themes\preview\slick.jpg --a---- 32467 bytes [01:26 11/12/2008] [03:28 01/05/2010] 180CE3486C7C5BFC2DF8B6890B297319
C:\Program Files\PokerStars\Themes\preview\slickdark-chair.jpg --a---- 30282 bytes [03:29 01/05/2010] [03:28 01/05/2010] 44F27D072479E849FC8E36B464E2141D
C:\Program Files\PokerStars\Themes\preview\slickdark.jpg --a---- 34068 bytes [03:29 01/05/2010] [03:28 01/05/2010] 978CF070A0EC105EE3D464A5A11983A4

Searching for "*smartbar*"
No files found.

Searching for "*Somoto*"
No files found.

Searching for "*Sweet*"
C:\Program Files\Dell Games\Chuzzle Deluxe\sounds\Speaks\SweetRelief.ogg --a---- 11914 bytes [23:27 04/04/2005] [23:27 04/04/2005] E4DAB1B8F38D80EC6CE59C90D727BA73
C:\Users\Public\Documents\recipes\2013_12_26\SWEET POTATO GRATIN.pdf --a---- 998537 bytes [19:00 29/12/2013] [16:57 26/12/2013] 8C5EF19AA0072E583680F426E6563A0F
C:\Users\Tom\Pictures\MP Navigator\2013_12_26\SWEET POTATO GRATIN.pdf --a---- 998537 bytes [16:57 26/12/2013] [16:57 26/12/2013] 8C5EF19AA0072E583680F426E6563A0F

Searching for "*Tarma*"
No files found.

Searching for "*trolltech*"
No files found.

Searching for "*Vafmusic2*"
No files found.

Searching for "*vshare*"
No files found.

Searching for "*whitesmoke*"
No files found.

Searching for "*Yontoo*"
C:\Program Files\Corel\Corel Paint Shop Pro Photo XI\Presets\Preset_CrayonTool_ Normal.PspScript --a---- 962 bytes [15:00 04/08/2006] [15:00 04/08/2006] 36B916F691CB1C4740EEA97672DC91DE
C:\Program Files\Corel\Corel Paint Shop Pro Photo XI\Presets\Preset_CrayonTool_Chisel tip fine.PspScript --a---- 957 bytes [15:00 04/08/2006] [15:00 04/08/2006] 8A88404102953646D865ABD0F92AD02F
C:\Program Files\Corel\Corel Paint Shop Pro Photo XI\Presets\Preset_CrayonTool_Chisel tip large.PspScript --a---- 959 bytes [15:00 04/08/2006] [15:00 04/08/2006] FD9A86CCE40BE5E934EF592D9214C5D3
C:\Program Files\Corel\Corel Paint Shop Pro Photo XI\Presets\Preset_CrayonTool_Chisel tip medium.PspScript --a---- 958 bytes [15:00 04/08/2006] [15:00 04/08/2006] 958D564CF803A32CD4E18AB4FB1C1A16
C:\Program Files\Corel\Corel Paint Shop Pro Photo XI\Presets\Preset_CrayonTool_Round tip fine.PspScript --a---- 961 bytes [15:00 04/08/2006] [15:00 04/08/2006] E23C47D8954FA44319F17A5D2CE67FF7
C:\Program Files\Corel\Corel Paint Shop Pro Photo XI\Presets\Preset_CrayonTool_Round tip large.PspScript --a---- 963 bytes [15:00 04/08/2006] [15:00 04/08/2006] 7326E91B70B65C91DE6ACF741D5C7BDE
C:\Program Files\Corel\Corel Paint Shop Pro Photo XI\Presets\Preset_CrayonTool_Round tip medium.PspScript --a---- 962 bytes [15:00 04/08/2006] [15:00 04/08/2006] 36B916F691CB1C4740EEA97672DC91DE
C:\Program Files\Corel\Corel Paint Shop Pro Photo XI\Presets\Preset_CrayonTool_Square tip fine.PspScript --a---- 960 bytes [15:00 04/08/2006] [15:00 04/08/2006] F9D7DFE9ECBF1CC9240DDAB0EF3015B9
C:\Program Files\Corel\Corel Paint Shop Pro Photo XI\Presets\Preset_CrayonTool_Square tip large.PspScript --a---- 963 bytes [15:00 04/08/2006] [15:00 04/08/2006] 0E6DEBF631486FC065065F96CEB02DD8
C:\Program Files\Corel\Corel Paint Shop Pro Photo XI\Presets\Preset_CrayonTool_Square tip medium.PspScript --a---- 961 bytes [15:00 04/08/2006] [15:00 04/08/2006] 3DA93D89A737C4A05C0F3E270B643B03

========== folderfind ==========

Searching for "*AskToolbar*"
No folders found.

Searching for "*Ask.com*"
No folders found.

Searching for "*Babylon*"
No folders found.

Searching for "*Bandoo*"
No folders found.

Searching for "*borgata*"
C:\Programs\theBorgata d------ [04:36 22/02/2014]
C:\Programs\theBorgata\BorgataPoker d------ [04:37 22/02/2014]
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\poker.theborgata.com d------ [04:36 22/02/2014]
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\macromedia.com\support\flashplayer\sys\#poker.theborgata.com d------ [04:36 22/02/2014]
C:\_OTL\MovedFiles\05012014_184655\C_Users\Tom\AppData\Roaming\theBorgata d------ [04:38 22/02/2014]
C:\_OTL\MovedFiles\05012014_184655\C_Users\Tom\AppData\Roaming\cef-cache\theBorgata d------ [04:38 22/02/2014]
C:\_OTL\MovedFiles\05012014_184655\C_Users\Tom\AppData\Roaming\cef-cache\theBorgata\BorgataPoker d------ [04:38 22/02/2014]
C:\_OTL\MovedFiles\05012014_184655\C_Users\Tom\AppData\Roaming\theBorgata\BorgataPoker d------ [04:38 22/02/2014]

Searching for "*Cheat*"
C:\Users\Tom\.eclipse\ibm.data.studio_7.5.0_2143028601\configuration\org.eclipse.osgi\bundles\696\1\.cp\cheatsheets d------ [19:37 18/02/2010]
C:\Users\Tom\.eclipse\ibm.data.studio_7.5.0_2143028601\configuration\org.eclipse.osgi\bundles\799\1\.cp\cheatsheets d------ [19:37 18/02/2010]

Searching for "*Conduit*"
No folders found.

Searching for "*Coupons*"
No folders found.

Searching for "*Enigma*"
No folders found.

Searching for "*searchab*"
No folders found.

Searching for "*smartbar*"
No folders found.

Searching for "*Fun4IM*"
No folders found.

Searching for "*Funmoods*"
No folders found.

Searching for "*Hoyle*"
C:\Users\Cathy\AppData\Local\VirtualStore\Program Files\Encore\Hoyle Casino 2007 d------ [23:58 05/08/2007]
C:\Users\Tom\AppData\Local\VirtualStore\Program Files\Encore\Hoyle Casino 2007 d------ [23:58 05/08/2007]

Searching for "*iLivid*"
No folders found.

Searching for "*IObit*"
No folders found.

Searching for "*Iminent*"
No folders found.

Searching for "*Poker*"
C:\Program Files\PokerStars d------ [16:58 16/06/2007]
C:\Program Files\PokerStars.NET d------ [18:44 10/12/2011]
C:\Programs\theBorgata\BorgataPoker d------ [04:37 22/02/2014]
C:\Users\Cathy\AppData\Local\PokerStars d------ [00:29 20/08/2009]
C:\Users\Tom\AppData\Local\PokerStars d------ [00:39 11/03/2008]
C:\Users\Tom\AppData\Local\PokerStars.NET d------ [18:44 10/12/2011]
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\poker.theborgata.com d------ [04:36 22/02/2014]
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\macromedia.com\support\flashplayer\sys\#poker.theborgata.com d------ [04:36 22/02/2014]
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\poker.theborgata.com\content\dam\poker d------ [04:36 22/02/2014]
C:\_OTL\MovedFiles\05012014_184655\C_Users\Tom\AppData\Roaming\cef-cache\theBorgata\BorgataPoker d------ [04:38 22/02/2014]
C:\_OTL\MovedFiles\05012014_184655\C_Users\Tom\AppData\Roaming\theBorgata\BorgataPoker d------ [04:38 22/02/2014]

Searching for "*Realms*"
No folders found.

Searching for "*Searchqu*"
No folders found.

Searching for "*Searchnu*"
No folders found.

Searching for "*Slick*"
No folders found.

Searching for "*smartbar*"
No folders found.

Searching for "*Somoto*"
No folders found.

Searching for "*Sweet*"
No folders found.

Searching for "*Tarma*"
No folders found.

Searching for "*trolltech*"
No folders found.

Searching for "*Vafmusic2*"
No folders found.

Searching for "*vshare*"
No folders found.

Searching for "*whitesmoke*"
No folders found.

Searching for "*Yontoo*"
No folders found.

========== Regfind ==========

Searching for "AskToolbar"
No data found.

Searching for "Ask.com"
[HKEY_CURRENT_USER\Software\Microsoft\MSN\Toolbar\Shared\Obsidian\AutoFill]
"Local"="www.nytimes.com 1
email 16
zip 13
new.aol.com 1
zip 13
desiredsn 3
zip or postal code 13
actionform.zipcode 13
zipcode 13
first name 5
actionform.firstname 5
firstname 5
last name 7
actionform.lastname 7
lastname 7
zip or
postal code 13
actionform.zipcode 13
zipcode 13
day phone 17
actionform.dayphone 17
dayphone 17
www.amazon.com 1
email 16
emailcheck 16
enteraddressfullname 4
username 4
enteraddressaddressline1 9
enteraddressaddressline2 10
enteraddresscity 11
enteraddressstateorregion 12
zip 13
phone number 17
enteraddressphonenumber 17
wiki.answers.com 1
email address 16
wpemail 16
email 16
r.espn.go.com 1
cellareacode 20
cellprefix 21
cellnumber 22
twitter.com 1
user[name] 4
www.ticketmaster.com 1
first
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Task]
"PreviewDetails"="prop:*System.DueDate;*System.Task.CompletionStatus;*System.Task.Owner;*System.Keywords"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\MAPI/IPM.Task]
"PreviewDetails"="prop:*System.DueDate;*System.Task.CompletionStatus;*System.Task.Owner;*System.Keywords"
[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\MSN\Toolbar\Shared\Obsidian\AutoFill]
"Local"="www.nytimes.com 1
email 16
zip 13
new.aol.com 1
zip 13
desiredsn 3
zip or postal code 13
actionform.zipcode 13
zipcode 13
first name 5
actionform.firstname 5
firstname 5
last name 7
actionform.lastname 7
lastname 7
zip or
postal code 13
actionform.zipcode 13
zipcode 13
day phone 17
actionform.dayphone 17
dayphone 17
www.amazon.com 1
email 16
emailcheck 16
enteraddressfullname 4
username 4
enteraddressaddressline1 9
enteraddressaddressline2 10
enteraddresscity 11
enteraddressstateorregion 12
zip 13
phone number 17
enteraddressphonenumber 17
wiki.answers.com 1
email address 16
wpemail 16
email 16
r.espn.go.com 1
cellareacode 20
cellprefix 21
cellnumber 22
twitter.com 1
user[name]

Searching for "Babylon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"

Searching for "Bandoo"
No data found.

Searching for "borgata"
[HKEY_CURRENT_USER\Software\Microsoft\IntelliType Pro\AppSpecific\Borgata.exe]
[HKEY_CURRENT_USER\Software\Microsoft\IntelliType Pro\AppSpecific\Borgata.exe]
"Path"="C:\Programs\theBorgata\Borgata.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\69ff0602_0]
@="{0.0.0.00000000}.{86f92cb4-1de0-4304-bcfd-7844016a4447}|\Device\HarddiskVolume3\Users\Tom\Downloads\BorgataPoker_Installer\SmartInstaller.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c75cabc6_0]
@="{0.0.0.00000000}.{86f92cb4-1de0-4304-bcfd-7844016a4447}|\Device\HarddiskVolume3\Programs\theBorgata\Borgata.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Windows Live Mail\PerPassportSettings\0\Junk Mail\Safe Senders List\00000001]
"Exception"="borgatapoker@boydgaming.net"
[HKEY_CURRENT_USER\Software\theBorgata]
[HKEY_CURRENT_USER\Software\theBorgata\BorgataPoker]
[HKEY_CURRENT_USER\Software\Classes\launcher-borgatapoker]
[HKEY_CURRENT_USER\Software\Classes\launcher-borgatapoker\shell\open\command]
@=""C:\Programs\theBorgata\Borgata.exe" %1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\Borgata.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\WRData\Journal]
"14421"="filename=C:\\Users\\Tom\\Downloads\\BorgataPokerSetup.exe,md5=CC140D61BFFB6867BFFFD4449D817E86,timestamp=1393043772"
[HKEY_LOCAL_MACHINE\SOFTWARE\WRData\Journal]
"14423"="filename=C:\\Users\\Tom\\Downloads\\BorgataPoker_Installer\\SmartInstaller.exe,md5=73F70370AD5336572CBB3999DB943D8D,timestamp=1393043780"
[HKEY_LOCAL_MACHINE\SOFTWARE\WRData\Journal]
"14425"="filename=C:\\Programs\\theBorgata\\Borgata.exe,md5=AD060C2421706503F8C1DE6426766589,timestamp=1393043909"
[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\IntelliType Pro\AppSpecific\Borgata.exe]
[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\IntelliType Pro\AppSpecific\Borgata.exe]
"Path"="C:\Programs\theBorgata\Borgata.exe"
[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\69ff0602_0]
@="{0.0.0.00000000}.{86f92cb4-1de0-4304-bcfd-7844016a4447}|\Device\HarddiskVolume3\Users\Tom\Downloads\BorgataPoker_Installer\SmartInstaller.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c75cabc6_0]
@="{0.0.0.00000000}.{86f92cb4-1de0-4304-bcfd-7844016a4447}|\Device\HarddiskVolume3\Programs\theBorgata\Borgata.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Windows Live Mail\PerPassportSettings\0\Junk Mail\Safe Senders List\00000001]
"Exception"="borgatapoker@boydgaming.net"
[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\theBorgata]
[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\theBorgata\BorgataPoker]
[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Classes\launcher-borgatapoker]
[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Classes\launcher-borgatapoker\shell\open\command]
@=""C:\Programs\theBorgata\Borgata.exe" %1"
[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000_Classes\launcher-borgatapoker]
[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000_Classes\launcher-borgatapoker\shell\open\command]
@=""C:\Programs\theBorgata\Borgata.exe" %1"

Searching for "Cheat"
c62ip64
Regular Member
 
Posts: 19
Joined: April 27th, 2014, 12:13 pm

Re: slow running computer

Unread postby c62ip64 » May 3rd, 2014, 10:09 am

I have also noticed an improvement in response times.
c62ip64
Regular Member
 
Posts: 19
Joined: April 27th, 2014, 12:13 pm

Re: slow running computer

Unread postby pgmigg » May 3rd, 2014, 12:19 pm

Hello c62ip64,

I have also noticed an improvement in response times.
Very good! :D But we are not finished yet. Let continue...
I had a problem running the OTL script. I received a message that 'OTL has stopped working'.
It is possible. I am going to divide big OTL Fix Scripts to few smaller.

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Highlight and copy the following entries: into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [createrestorepoint]
    
    :Files
    C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ask.com_0.localstorage
    C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ask.com_0.localstorage-journal
    C:\Users\Tom\Downloads\BorgataPokerSetup.exe
    C:\Users\Tom\Documents\HoyleCasino.xlsx
    C:\PokerStars.log.0
    C:\Program Files\PokerStars
    C:\Program Files\PokerStars.NET
    C:\Users\Cathy\AppData\Local\PokerStars.NET
    C:\Users\Tom\AppData\Local\PokerStars.NET
    C:\Users\Cathy\AppData\Local\PokerStars
    C:\Users\Tom\AppData\Local\PokerStars
    C:\Users\Cathy\AppData\Local\VirtualStore\Program Files\Encore\Hoyle Casino 2007
    C:\Users\Tom\AppData\Local\VirtualStore\Program Files\Encore\Hoyle Casino 2007
    C:\Users\Tom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XHKGZUF\btn-pokerplaynow[1].jpg
    C:\Users\Tom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XHKGZUF\hdr-poker[1].htm
    C:\Users\Tom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XHKGZUF\learn_more_poker[1].jpg
    C:\Users\Tom\Downloads\BorgataPokerSetup.exe
    C:\Programs\theBorgata
    C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\poker.theborgata.com
    C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\macromedia.com\support\flashplayer\sys\#poker.theborgata.com
    C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\poker.theborgata.com
    C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\macromedia.com\support\flashplayer\sys\#poker.theborgata.com
    C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\poker.theborgata.com\content\dam\poker
    
    :Reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
    "DllName"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
    "DllName"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
    "DllName"=-
    [-HKEY_CURRENT_USER\Software\Microsoft\IntelliType Pro\AppSpecific\Borgata.exe]
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\69ff0602_0]
    @=""
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c75cabc6_0]
    @=""
    [HKEY_CURRENT_USER\Software\Microsoft\Windows Live Mail\PerPassportSettings\0\Junk Mail\Safe Senders List\00000001]
    "Exception"=-
    [-HKEY_CURRENT_USER\Software\theBorgata]
    [-HKEY_CURRENT_USER\Software\Classes\launcher-borgatapoker]
    [HKEY_CURRENT_USER\Software\Classes\launcher-borgatapoker\shell\open\command]
    @=""
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\Borgata.exe]
    [HKEY_LOCAL_MACHINE\SOFTWARE\WRData\Journal]
    "14421"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\WRData\Journal]
    "14423"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\WRData\Journal]
    "14425"=-
    [-HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\IntelliType Pro\AppSpecific\Borgata.exe]
    [HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\69ff0602_0]
    @=""
    [HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c75cabc6_0]
    @=""
    [HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Windows Live Mail\PerPassportSettings\0\Junk Mail\Safe Senders List\00000001]
    "Exception"=-
    [-HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\theBorgata]
    [-HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Classes\launcher-borgatapoker]
    [-HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000_Classes\launcher-borgatapoker]
    
    :Commands
    [emptytemp]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Copy the contents of that file and post it in your next reply. The log can also be found, based on the date/time it was created, as C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log

Step 2.
SystemLook
You should still have SystemLook.exe on your desktop.
  1. Right click on SystemLook.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
    If you receive an "Open file - security warning"... asking "Do you want to run this file?", press the Run button.
  2. Highlight and copy the following entries: into SystemLook's main text entry window.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Regfind
    AskToolbar
    Ask.com
    Babylon
    Bandoo
    borgata
    Cheat
    Conduit
    Coupons
    Enigma
    searchab
    Fun4IM
    Funmoods
    Hoyle
    iLivid
    IObit
    Iminent
    Poker
    Realms
    Searchqu
    Searchnu
    Slick
    smartbar
    Somoto
    Sweetpack
    Tarma
    trolltech
    Vafmusic2
    vshare
    whitesmoke
    Yontoo
    
  3. Press the Look button to start the scan. The scan will take a while so please be patient...
    When finished, a Notepad window will open with the results of the scan.
    A file will be created (on your Desktop) with the results of the scan, named SystemLook.txt
  4. Please post the contents of the SystemLook.txt file in your next reply.

Step 3.
Fresh OTL Scan
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the boxes labeled:
    • Scan All Users
    • Extra Registry > Use SafeList
  4. Click on Run Scan at the top left hand corner.
  5. When done, one Notepad file OTL.txt <-- Will be opened, maximized
  6. Please post the content of OTL.txt file ONLY in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log log file after OTL FixScript run
  3. Contents of the SystemLook.txt log file
  4. Contents of the most recent OTL.txt file after fresh OTL scan
  5. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: slow running computer

Unread postby c62ip64 » May 4th, 2014, 12:11 pm

There were no errors running the OTL fix this time. Here are the log files. I am not experiencing slow response times.

Tom

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== FILES ==========
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ask.com_0.localstorage moved successfully.
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ask.com_0.localstorage-journal moved successfully.
C:\Users\Tom\Downloads\BorgataPokerSetup.exe moved successfully.
C:\Users\Tom\Documents\HoyleCasino.xlsx moved successfully.
C:\PokerStars.log.0 moved successfully.
C:\Program Files\PokerStars\updateself folder moved successfully.
C:\Program Files\PokerStars\update folder moved successfully.
C:\Program Files\PokerStars\Themes\simple\label folder moved successfully.
C:\Program Files\PokerStars\Themes\simple folder moved successfully.
C:\Program Files\PokerStars\Themes\shiny\label folder moved successfully.
C:\Program Files\PokerStars\Themes\shiny\ctrls folder moved successfully.
C:\Program Files\PokerStars\Themes\shiny folder moved successfully.
C:\Program Files\PokerStars\Themes\saloon\label folder moved successfully.
C:\Program Files\PokerStars\Themes\saloon\ctrls folder moved successfully.
C:\Program Files\PokerStars\Themes\saloon folder moved successfully.
C:\Program Files\PokerStars\Themes\preview\lobby folder moved successfully.
C:\Program Files\PokerStars\Themes\preview folder moved successfully.
C:\Program Files\PokerStars\Themes\oldblack\label folder moved successfully.
C:\Program Files\PokerStars\Themes\oldblack\ctrls folder moved successfully.
C:\Program Files\PokerStars\Themes\oldblack folder moved successfully.
C:\Program Files\PokerStars\Themes\black\templates folder moved successfully.
C:\Program Files\PokerStars\Themes\black\lobby folder moved successfully.
C:\Program Files\PokerStars\Themes\black\label folder moved successfully.
C:\Program Files\PokerStars\Themes\black\images folder moved successfully.
C:\Program Files\PokerStars\Themes\black\home folder moved successfully.
C:\Program Files\PokerStars\Themes\black\ctrls folder moved successfully.
C:\Program Files\PokerStars\Themes\black folder moved successfully.
C:\Program Files\PokerStars\Themes\&lobby\black\templates folder moved successfully.
C:\Program Files\PokerStars\Themes\&lobby\black\images folder moved successfully.
C:\Program Files\PokerStars\Themes\&lobby\black folder moved successfully.
C:\Program Files\PokerStars\Themes\&lobby folder moved successfully.
C:\Program Files\PokerStars\Themes\&default folder moved successfully.
C:\Program Files\PokerStars\Themes folder moved successfully.
C:\Program Files\PokerStars\Snd folder moved successfully.
C:\Program Files\PokerStars\HandHistory folder moved successfully.
C:\Program Files\PokerStars\Gx\templates folder moved successfully.
C:\Program Files\PokerStars\Gx\replay folder moved successfully.
C:\Program Files\PokerStars\Gx\lobby\en folder moved successfully.
C:\Program Files\PokerStars\Gx\lobby folder moved successfully.
C:\Program Files\PokerStars\Gx\label folder moved successfully.
C:\Program Files\PokerStars\Gx\home folder moved successfully.
C:\Program Files\PokerStars\Gx\fonts folder moved successfully.
C:\Program Files\PokerStars\Gx\ctrls folder moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple\0 folder moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple folder moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default\0 folder moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default folder moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck folder moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\6 folder moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\5 folder moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\4 folder moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\3 folder moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\2 folder moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\1 folder moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\0 folder moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips folder moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck folder moved successfully.
C:\Program Files\PokerStars\Gx folder moved successfully.
C:\Program Files\PokerStars\backup\themes\black\templates folder moved successfully.
C:\Program Files\PokerStars\backup\themes\black folder moved successfully.
C:\Program Files\PokerStars\backup\themes\&default folder moved successfully.
C:\Program Files\PokerStars\backup\themes folder moved successfully.
C:\Program Files\PokerStars\backup\gx\templates folder moved successfully.
C:\Program Files\PokerStars\backup\gx folder moved successfully.
C:\Program Files\PokerStars\backup folder moved successfully.
C:\Program Files\PokerStars folder moved successfully.
C:\Program Files\PokerStars.NET folder moved successfully.
File\Folder C:\Users\Cathy\AppData\Local\PokerStars.NET not found.
C:\Users\Tom\AppData\Local\PokerStars.NET folder moved successfully.
C:\Users\Cathy\AppData\Local\PokerStars\ImgCache folder moved successfully.
C:\Users\Cathy\AppData\Local\PokerStars\bg folder moved successfully.
C:\Users\Cathy\AppData\Local\PokerStars folder moved successfully.
C:\Users\Tom\AppData\Local\PokerStars\imgcache folder moved successfully.
C:\Users\Tom\AppData\Local\PokerStars\bg folder moved successfully.
C:\Users\Tom\AppData\Local\PokerStars folder moved successfully.
C:\Users\Cathy\AppData\Local\VirtualStore\Program Files\Encore\Hoyle Casino 2007 folder moved successfully.
C:\Users\Tom\AppData\Local\VirtualStore\Program Files\Encore\Hoyle Casino 2007 folder moved successfully.
C:\Users\Tom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XHKGZUF\btn-pokerplaynow[1].jpg moved successfully.
C:\Users\Tom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XHKGZUF\hdr-poker[1].htm moved successfully.
C:\Users\Tom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XHKGZUF\learn_more_poker[1].jpg moved successfully.
File\Folder C:\Users\Tom\Downloads\BorgataPokerSetup.exe not found.
C:\Programs\theBorgata\BorgataPoker\Stats folder moved successfully.
C:\Programs\theBorgata\BorgataPoker folder moved successfully.
C:\Programs\theBorgata folder moved successfully.
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\poker.theborgata.com\content\dam\poker\aff\swfObj.swf folder moved successfully.
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\poker.theborgata.com\content\dam\poker\aff folder moved successfully.
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\poker.theborgata.com\content\dam\poker folder moved successfully.
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\poker.theborgata.com\content\dam folder moved successfully.
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\poker.theborgata.com\content folder moved successfully.
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\poker.theborgata.com folder moved successfully.
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\macromedia.com\support\flashplayer\sys\#poker.theborgata.com folder moved successfully.
File\Folder C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\poker.theborgata.com not found.
File\Folder C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\macromedia.com\support\flashplayer\sys\#poker.theborgata.com not found.
File\Folder C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\AMYECVZV\poker.theborgata.com\content\dam\poker not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}\\DllName deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}\\DllName deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}\\DllName deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\IntelliType Pro\AppSpecific\Borgata.exe\ deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\69ff0602_0\\@|"" /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c75cabc6_0\\@|"" /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows Live Mail\PerPassportSettings\0\Junk Mail\Safe Senders List\00000001\\Exception deleted successfully.
Registry key HKEY_CURRENT_USER\Software\theBorgata\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\launcher-borgatapoker\ deleted successfully.
HKEY_CURRENT_USER\Software\Classes\launcher-borgatapoker\shell\open\command\\@|"" /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\Borgata.exe\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\WRData\Journal\\14421 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\WRData\Journal\\14423 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\WRData\Journal\\14425 deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\IntelliType Pro\AppSpecific\Borgata.exe\ not found.
HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\69ff0602_0\\@|"" /E : value set successfully!
HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c75cabc6_0\\@|"" /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Windows Live Mail\PerPassportSettings\0\Junk Mail\Safe Senders List\00000001\\Exception not found.
Registry key HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\theBorgata\ not found.
Registry key HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Classes\launcher-borgatapoker\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000_Classes\launcher-borgatapoker not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Cathy
->Temp folder emptied: 33488 bytes
->Temporary Internet Files folder emptied: 4516924 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Tom
->Temp folder emptied: 2272288 bytes
->Temporary Internet Files folder emptied: 53366525 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 57480504 bytes
->Google Chrome cache emptied: 391816376 bytes
->Flash cache emptied: 120913 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 524017476 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 164885773 bytes

Total Files Cleaned = 1,143.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 05042014_110441

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
c62ip64
Regular Member
 
Posts: 19
Joined: April 27th, 2014, 12:13 pm

Re: slow running computer

Unread postby c62ip64 » May 4th, 2014, 12:12 pm

SystemLook 30.07.11 by jpshortstuff
Log created at 11:22 on 04/05/2014 by Tom
Administrator - Elevation successful

========== Regfind ==========

Searching for "AskToolbar"
No data found.

Searching for "Ask.com"
[HKEY_CURRENT_USER\Software\Microsoft\MSN\Toolbar\Shared\Obsidian\AutoFill]
"Local"="www.nytimes.com 1
email 16
zip 13
new.aol.com 1
zip 13
desiredsn 3
zip or postal code 13
actionform.zipcode 13
zipcode 13
first name 5
actionform.firstname 5
firstname 5
last name 7
actionform.lastname 7
lastname 7
zip or
postal code 13
actionform.zipcode 13
zipcode 13
day phone 17
actionform.dayphone 17
dayphone 17
www.amazon.com 1
email 16
emailcheck 16
enteraddressfullname 4
username 4
enteraddressaddressline1 9
enteraddressaddressline2 10
enteraddresscity 11
enteraddressstateorregion 12
zip 13
phone number 17
enteraddressphonenumber 17
wiki.answers.com 1
email address 16
wpemail 16
email 16
r.espn.go.com 1
cellareacode 20
cellprefix 21
cellnumber 22
twitter.com 1
user[name] 4
www.ticketmaster.com 1
first
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Task]
"PreviewDetails"="prop:*System.DueDate;*System.Task.CompletionStatus;*System.Task.Owner;*System.Keywords"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\MAPI/IPM.Task]
"PreviewDetails"="prop:*System.DueDate;*System.Task.CompletionStatus;*System.Task.Owner;*System.Keywords"
[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\MSN\Toolbar\Shared\Obsidian\AutoFill]
"Local"="www.nytimes.com 1
email 16
zip 13
new.aol.com 1
zip 13
desiredsn 3
zip or postal code 13
actionform.zipcode 13
zipcode 13
first name 5
actionform.firstname 5
firstname 5
last name 7
actionform.lastname 7
lastname 7
zip or
postal code 13
actionform.zipcode 13
zipcode 13
day phone 17
actionform.dayphone 17
dayphone 17
www.amazon.com 1
email 16
emailcheck 16
enteraddressfullname 4
username 4
enteraddressaddressline1 9
enteraddressaddressline2 10
enteraddresscity 11
enteraddressstateorregion 12
zip 13
phone number 17
enteraddressphonenumber 17
wiki.answers.com 1
email address 16
wpemail 16
email 16
r.espn.go.com 1
cellareacode 20
cellprefix 21
cellnumber 22
twitter.com 1
user[name]

Searching for "Babylon"
No data found.

Searching for "Bandoo"
No data found.

Searching for "borgata"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\69ff0602_0]
@="{0.0.0.00000000}.{86f92cb4-1de0-4304-bcfd-7844016a4447}|\Device\HarddiskVolume3\Users\Tom\Downloads\BorgataPoker_Installer\SmartInstaller.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c75cabc6_0]
@="{0.0.0.00000000}.{86f92cb4-1de0-4304-bcfd-7844016a4447}|\Device\HarddiskVolume3\Programs\theBorgata\Borgata.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\69ff0602_0]
@="{0.0.0.00000000}.{86f92cb4-1de0-4304-bcfd-7844016a4447}|\Device\HarddiskVolume3\Users\Tom\Downloads\BorgataPoker_Installer\SmartInstaller.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c75cabc6_0]
@="{0.0.0.00000000}.{86f92cb4-1de0-4304-bcfd-7844016a4447}|\Device\HarddiskVolume3\Programs\theBorgata\Borgata.exe%b{00000000-0000-0000-0000-000000000000}"

Searching for "Cheat"
No data found.

Searching for "Conduit"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966]
"1AF74D8104403D847A0EAD9035F74F17"="C:\Program Files\Common Files\Apple\Mobile Device Support\iSyncConduit.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966\1AF74D8104403D847A0EAD9035F74F17]
"File"="iSyncConduit.dll"

Searching for "Coupons"
No data found.

Searching for "Enigma"
No data found.

Searching for "searchab"
c62ip64
Regular Member
 
Posts: 19
Joined: April 27th, 2014, 12:13 pm

Re: slow running computer

Unread postby c62ip64 » May 4th, 2014, 12:12 pm

OTL logfile created on: 5/4/2014 11:53:23 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tom\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 56.70% Memory free
4.23 Gb Paging File | 2.84 Gb Available in Paging File | 67.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 137.85 Gb Free Space | 61.88% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.46 Gb Free Space | 54.56% Space Free | Partition Type: NTFS

Computer Name: FAMILY-PC | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/04/29 10:36:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
PRC - [2014/04/29 09:37:16 | 001,864,368 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
PRC - [2014/04/28 10:41:14 | 000,354,888 | ---- | M] (Verizon) -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
PRC - [2014/04/28 10:41:12 | 001,718,344 | ---- | M] (Verizon) -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\VzDetectAgent.exe
PRC - [2014/04/18 22:58:31 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/04/14 00:00:58 | 002,484,504 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2014/04/14 00:00:58 | 001,444,120 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2014/04/13 12:35:10 | 000,766,040 | ---- | M] (Webroot) -- C:\Program Files\Webroot\WRSA.exe
PRC - [2013/12/18 14:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/11/17 11:44:38 | 001,765,744 | ---- | M] (NDS Technologies) -- C:\Users\Tom\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
PRC - [2013/11/17 11:44:36 | 007,877,480 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
PRC - [2011/10/03 09:14:06 | 001,409,384 | ---- | M] (Garmin) -- C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/05/23 11:28:48 | 000,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2007/02/08 01:16:24 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
PRC - [2006/11/27 09:14:52 | 000,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
PRC - [2006/11/12 02:19:46 | 000,446,976 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2006/09/29 12:39:20 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/09/29 12:38:50 | 000,081,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe


========== Modules (No Company Name) ==========

MOD - [2014/04/29 09:37:16 | 016,351,920 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_13_0_0_206.dll
MOD - [2014/04/27 10:50:39 | 000,399,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll
MOD - [2014/04/27 10:50:00 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014/04/27 10:49:57 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\0d3cb1df8b6af32cebdc6e2cc4948c69\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014/04/27 10:49:56 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
MOD - [2014/04/22 18:56:52 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014/04/22 18:56:33 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014/04/22 18:56:27 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014/04/22 18:56:13 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014/04/22 18:56:06 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014/04/22 18:55:54 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014/04/22 18:55:50 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014/04/22 18:55:41 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014/04/22 18:55:39 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014/04/22 18:55:32 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014/04/22 18:55:30 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014/04/22 18:55:04 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/04/18 22:58:30 | 003,642,480 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/03/23 17:04:20 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2014/02/06 01:52:52 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/06 01:52:32 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/02/03 14:21:51 | 001,125,592 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
MOD - [2013/11/17 11:45:22 | 000,091,976 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\z.dll
MOD - [2013/11/17 11:45:18 | 000,332,128 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\ndsLogStore.dll
MOD - [2013/11/17 11:45:16 | 001,403,224 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\libxml2-2.dll
MOD - [2013/11/17 11:45:06 | 000,689,000 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
MOD - [2013/11/17 11:44:44 | 007,554,400 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\gsttspplugin.dll
MOD - [2013/11/17 11:44:36 | 007,877,480 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
MOD - [2013/11/17 11:44:32 | 003,094,880 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\DrmSingleton.dll
MOD - [2013/11/17 11:44:30 | 002,157,928 | ---- | M] () -- C:\Users\Tom\AppData\Local\DIRECTV Player\DiscoveryManager.dll
MOD - [2011/11/24 00:05:40 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2007/04/04 08:54:34 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2006/11/20 13:29:10 | 000,101,376 | ---- | M] () -- C:\Windows\System32\APOMngr.dll
MOD - [2006/11/13 10:07:34 | 000,066,560 | ---- | M] () -- C:\Windows\System32\CmdRtr.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter -- (sprtsvc_dellsupportcenter)
SRV - [2014/04/29 09:37:17 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/28 10:41:14 | 000,354,888 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2014/04/18 22:58:30 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/14 00:00:58 | 001,444,120 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2014/04/13 12:35:10 | 000,766,040 | ---- | M] (Webroot) [Auto | Running] -- C:\Program Files\Webroot\WRSA.exe -- (WRSVC)
SRV - [2013/12/18 14:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2008/07/29 14:10:46 | 003,201,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon90)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/23 11:28:48 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2006/11/07 13:27:02 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/09/29 12:38:50 | 000,081,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\npf.sys -- (NPF)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\bcmwlhigh6.sys -- (BCMH43XX)
DRV - [2014/04/14 00:01:06 | 000,228,888 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2014/04/14 00:01:06 | 000,156,024 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2014/04/14 00:01:06 | 000,107,256 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2014/04/13 12:35:49 | 000,118,240 | ---- | M] (Webroot) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\WRkrn.sys -- (WRkrn)
DRV - [2013/10/31 20:40:10 | 000,340,432 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys -- (RapportCerberus_59849)
DRV - [2011/12/06 19:38:23 | 000,111,872 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2010/04/03 12:02:54 | 000,240,608 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0150.sys -- (RsFx0150)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/11/05 16:35:25 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2008/11/19 14:22:36 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2008/01/19 00:25:05 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/04/04 08:54:32 | 002,313,216 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007/02/08 01:16:26 | 000,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2006/10/18 14:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/17 15:43:52 | 000,007,424 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Program Files\DellSupport\Drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/08/04 20:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/06/24 17:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005/05/26 10:01:36 | 000,038,144 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2005/05/26 10:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cli ... bd=5070523
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS
IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.comcast.net/news/"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Tom\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tom\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tom\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\geocomply.com/gc_browser_plugin_client_c: C:\Program Files\GeoComply\gc-browser-plugin-client-c\2.1.4.2\npgc-browser-plugin-client-c.dll (GeoComply)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Tom\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webrootsecure@webroot.com: C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2014/03/09 10:44:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/05/01 18:47:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/05/02 23:56:56 | 000,000,000 | ---D | M]

[2008/08/27 21:35:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Extensions
[2007/06/01 23:28:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\jvcjvj1p.default\extensions
[2014/05/01 18:47:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\odvrni0d.default\extensions
[2010/04/28 09:28:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\odvrni0d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2014/04/29 10:09:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/04/18 22:58:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/04/18 22:58:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www22.verizon.com/Foryourhome/My ... Login.aspx
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Tom\AppData\Local\Google\Chrome\Application\34.0.1847.131\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Tom\AppData\Local\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Tom\AppData\Local\Google\Chrome\Application\34.0.1847.131\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Verizon Servicepoint (Enabled) = C:\Program Files\Verizon\VSP\nprpspa.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~1\mcafee\msc\npmcsn~1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Google Wallet = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2012/08/04 09:06:07 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Webroot Filtering Extension) - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ECenter] c:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [WRSVC] C:\Program Files\Webroot\WRSA.exe (Webroot)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000..\Run: [PCShowServer] C:\Users\Tom\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{837B7C71-5871-45E6-B5A6-A4CCD5A82203}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O30 - LSA: Security Packages - (pku2u) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/09/21 15:29:16 | 000,021,628 | ---- | M] () - D:\auto_v2a_image[1].jpg -- [ NTFS ]
O33 - MountPoints2\{b2f3f85c-1051-11dc-aed0-0019d172d1fe}\Shell - "" = AutoRun
O33 - MountPoints2\{b2f3f85c-1051-11dc-aed0-0019d172d1fe}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-1571669636-96613985-1446841813-1000\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/05/04 11:00:44 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\{05821EF2-EDD5-4241-A004-403C835D4655}
[2014/05/03 09:53:59 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\{A1FEF8FE-18CA-48D6-A65C-67034A947554}
[2014/05/03 00:06:22 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014/05/03 00:05:32 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/02 23:50:09 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/05/02 23:33:45 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/05/01 18:46:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/01 18:22:55 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Tom\Desktop\JRT.exe
[2014/04/29 10:51:34 | 004,164,448 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tom\Desktop\tdsskiller.exe
[2014/04/29 10:36:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2014/04/27 14:59:17 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\DIRECTV Player
[2014/04/18 23:30:36 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/04/18 22:58:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/04/14 00:01:06 | 000,107,256 | ---- | C] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2014/04/12 10:06:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/04/12 10:06:49 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/04/12 10:06:49 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/04/12 10:06:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/04/12 10:06:47 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/04/12 10:06:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/04/12 10:06:44 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

========== Files - Modified Within 30 Days ==========

[2014/05/04 11:57:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{62A93A7C-B9D5-4553-A562-97492E6A1F25}.job
[2014/05/04 11:50:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/04 11:39:20 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/04 11:26:40 | 000,000,896 | ---- | M] () -- C:\Users\Public\Desktop\Vz In-Home Agent.lnk
[2014/05/04 11:26:32 | 000,000,000 | ---- | M] () -- C:\arp.out
[2014/05/04 11:21:12 | 000,722,164 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/05/04 11:21:12 | 000,148,886 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/05/04 11:15:19 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/04 11:15:03 | 000,003,952 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/04 11:15:03 | 000,003,952 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/04 11:14:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/04 11:07:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1571669636-96613985-1446841813-1000UA.job
[2014/05/03 18:07:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1571669636-96613985-1446841813-1000Core1cc02b7290d2d2b.job
[2014/05/03 18:00:00 | 000,000,438 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2014/05/03 14:17:00 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2014/05/01 18:25:25 | 000,139,264 | ---- | M] () -- C:\Users\Tom\Desktop\SystemLook.exe
[2014/05/01 18:24:49 | 001,310,621 | ---- | M] () -- C:\Users\Tom\Desktop\adwcleaner.exe
[2014/05/01 18:22:55 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Tom\Desktop\JRT.exe
[2014/04/29 15:28:34 | 000,002,075 | ---- | M] () -- C:\Users\Tom\Desktop\Google Chrome.lnk
[2014/04/29 10:51:34 | 004,164,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tom\Desktop\tdsskiller.exe
[2014/04/29 10:36:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2014/04/29 09:37:16 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/04/29 09:37:16 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/04/29 06:07:56 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/04/18 22:11:14 | 000,000,426 | ---- | M] () -- C:\AVScanner.ini
[2014/04/14 00:01:06 | 000,107,256 | ---- | M] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2014/04/13 12:35:49 | 000,154,248 | ---- | M] (Webroot) -- C:\Windows\System32\WRusr.dll
[2014/04/13 12:35:49 | 000,118,240 | ---- | M] (Webroot) -- C:\Windows\System32\drivers\WRkrn.sys

========== Files Created - No Company Name ==========

[2014/05/04 11:26:32 | 000,000,000 | ---- | C] () -- C:\arp.out
[2014/05/01 18:25:25 | 000,139,264 | ---- | C] () -- C:\Users\Tom\Desktop\SystemLook.exe
[2014/05/01 18:24:48 | 001,310,621 | ---- | C] () -- C:\Users\Tom\Desktop\adwcleaner.exe
[2014/04/18 22:37:49 | 000,000,426 | ---- | C] () -- C:\AVScanner.ini
[2010/10/25 11:08:02 | 019,657,194 | ---- | C] () -- C:\ProgramData\vlc-1.1.4-win32.exe
[2010/02/15 16:32:51 | 000,000,040 | ---- | C] () -- C:\Users\Tom\dlmgr_.pro
[2009/12/03 15:26:36 | 000,000,680 | ---- | C] () -- C:\Users\Tom\AppData\Local\d3d9caps.dat
[2009/07/08 20:19:26 | 000,000,004 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\BF28D8
[2009/07/08 20:19:25 | 000,870,128 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\mcs.rma
[2007/06/10 13:39:45 | 000,000,000 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\wklnhst.dat
[2007/05/28 04:08:35 | 000,127,488 | ---- | C] () -- C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %SystemRoot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
c62ip64
Regular Member
 
Posts: 19
Joined: April 27th, 2014, 12:13 pm

Re: slow running computer

Unread postby pgmigg » May 5th, 2014, 1:12 am

Hello c62ip64,

I am not experiencing slow response times.
Good Job! :D And let continue...

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Highlight and copy the following entries: into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [createrestorepoint]
    
    :OTL
    CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
    CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
    CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~1\mcafee\msc\npmcsn~1.dll
    
    :Reg
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\69ff0602_0]
    @=""
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c75cabc6_0]
    @=""
    [HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\69ff0602_0]
    @=""
    [HKEY_USERS\S-1-5-21-1571669636-96613985-1446841813-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c75cabc6_0]
    @=""
    
    :Commands
    [emptytemp]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Copy the contents of that file and post it in your next reply. The log can also be found, based on the date/time it was created, as C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log

Step 2.
SystemLook
You should still have SystemLook.exe on your desktop.
  1. Right click on SystemLook.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
    If you receive an "Open file - security warning"... asking "Do you want to run this file?", press the Run button.
  2. Highlight and copy the following entries: into SystemLook's main text entry window.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Regfind
    Fun4IM
    Funmoods
    Hoyle
    iLivid
    IObit
    Iminent
    Poker
    Realms
    Searchqu
    Searchnu
    Slick
    smartbar
    Somoto
    Sweetpack
    Tarma
    trolltech
    Vafmusic2
    vshare
    whitesmoke
    Yontoo
    
  3. Press the Look button to start the scan. The scan will take a while so please be patient...
    When finished, a Notepad window will open with the results of the scan.
    A file will be created (on your Desktop) with the results of the scan, named SystemLook.txt
  4. Please post the contents of the SystemLook.txt file in your next reply.

Step 3.
ESET NOD32 Online Scan
  1. Firstly please Disable any Antivirus you have active, as shown in This topic. If active, it could impact the online scan.
    Do NOT use the computer while the scan is running!
    Make sure all other programs and windows are closed!
  2. You need to right-click on the Internet Explorer or Firefox icons on the Start Menu or Quick Launch Bar on the Taskbar and select "Run as Administrator" from the context menu.
  3. Go to ESET Online Scanner - © ESET All Rights Reserved, to run an online scan.
  4. Click the dark blue Run ESET Online Scanner button:
    • If you using Google Chrome or Mozilla Firefox you will need to download "esetsmartinstaller_enu.exe" when prompted. Then double click on it to install.
    • If you using Internet Explorer please read the End User License Agreement and check the box: Yes, I accept the terms of use. Then click the green Start button.
  5. Accept any security warnings from your browser and allow the download/installation of any required files.
    If your browser blocks or halts a download, please allow it to download any required files.
  6. Under scan settings:
    • Check "Scan archives"
    • UNCHECK "Remove found threats"
  7. Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  8. Click the Start button.
    ESET will install itself, download virus signature database updates and begin scanning your computer.
    The scan will take a while so please be patient. Do NOT use the computer while the scan is running!
  9. When the scan completes, please press the text: Image
  10. Press the text: Image, then save the file to your desktop as ESETScan.txt.
  11. Press the Back button, then press the Finish button.
  12. Copy and paste the contents of ESETScan.txt in your next reply.
    Note: If no threats are found, there is no option to create a log. Just report back to me there was nothing found.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log log file after OTL FixScript run
  3. Contents of the SystemLook.txt log file
  4. Contents of the ESETScan.txt log file
  5. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 135 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware