Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Firefox locking up.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Firefox locking up.

Unread postby Perkypen » January 25th, 2013, 6:49 pm

Firefox locks up and computer runs slow. Runs start up fix occasionally when computer is turned on.

Logs below. Thank you!

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.7.2
Run by Penny at 17:43:06 on 2013-01-25
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3874.1071 [GMT -5:00]
.
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\spool\DRIVERS\x64\3\EBAPIx32.EXE
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\ProgramData\WeCareReminder\ReminderHelper.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.certified-toolbar.com?si= ... ue&tid=592
uSearch Bar = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
uSearch Page = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
uDefault_Page_URL = hxxp://asus.msn.com
uDefault_Search_URL = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
mStart Page = hxxp://search.certified-toolbar.com?si= ... ue&tid=592
mSearch Bar = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
mSearch Page = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
mDefault_Search_URL = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
uURLSearchHooks: {9d0f7eb2-452d-4766-b535-8d23e36c300e} - <orphaned>
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
BHO: RivalGaming Games: {26D675AC-D925-4bbf-A720-62C2AA4A81EB} - C:\Users\Allen\AppData\Local\RivalGaming\RivalGaming.dll
BHO: PinPhotoZoom: {4a0c8953-9d4e-4790-b732-2b9fc9ebce05} - C:\Users\Penny\AppData\Roaming\PinPhotoZoom\AutocompletePro.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
BHO: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
uRun: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
uRun: [Epson Stylus NX230(Network)] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIHLA.EXE /FU "C:\Users\Penny\AppData\Local\Temp\E_S4CD8.tmp" /EF "HKCU"
uRun: [Desura] C:\Program Files (x86)\Desura\desura.exe -autostart
uRun: [DW7] "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SpeetItUpFree] "C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONTIN~1.LNK - C:\Users\Penny\AppData\Local\Temp\Full_REVOLT_or_RE-VOLT___RC_game_(_PC_GAME_)_]_downloader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe
uPolicies-Explorer: NoDriveAutoRun = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{BD04AFDA-8EE6-4120-8ADF-7DBB5FC4DE94} : DHCPNameServer = 24.178.162.3 66.189.0.100 24.217.201.67
TCP: Interfaces\{CBB90AF4-61D5-41A7-BDBC-6766502E2BDB} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{CBB90AF4-61D5-41A7-BDBC-6766502E2BDB}\16474777966696 : DHCPNameServer = 192.168.4.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{CBB90AF4-61D5-41A7-BDBC-6766502E2BDB}\C4546445 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{CBB90AF4-61D5-41A7-BDBC-6766502E2BDB}\C696E6B6379737 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{CBB90AF4-61D5-41A7-BDBC-6766502E2BDB}\F42716E67656D41676E6F6C69616 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{CBB90AF4-61D5-41A7-BDBC-6766502E2BDB}\F42716E67656D41676E6F6C69616D27657563747 : DHCPNameServer = 192.168.3.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-mStart Page = hxxp://start.funmoods.com/?f=1&a=axl&ch ... =156910436
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
x64-BHO: PinPhotoZoom: {4a0c8953-9d4e-4790-b732-2b9fc9ebce05} - C:\Users\Penny\AppData\Roaming\PinPhotoZoom\64\AutocompletePro64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [fssui] "C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe" -autorun
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Penny\AppData\Roaming\Mozilla\Firefox\Profiles\1rdw4rqh.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.certified-toolbar.com?si= ... ue&tid=592
FF - prefs.js: keyword.URL - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Penny\AppData\Roaming\Mozilla\Firefox\Profiles\1rdw4rqh.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
.
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_de ... 866a66b&q=
FF - user.js: extensions.BabylonToolbar.id - 2484ebdd000000000000742f6866a66b
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15592
FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12
FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.1221:46:14
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110790&tt=3612_8
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.funmoods.hmpg - true
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=axl&ch ... =156910436
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Search
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?f=2&a=axl&ch ... =156910436
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://start.funmoods.com/?f=3&a=axl&ch ... 6910436&q=
FF - user.js: extensions.funmoods.id - 742F6866A66BEBDD
FF - user.js: extensions.funmoods.instlDay - 15595
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2220:45:42
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - axl
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - axl
FF - user.js: extensions.funmoods.dfltLng -
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
.
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NAVx64\1309000.009\symds64.sys [2012-10-1 451192]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NAVx64\1309000.009\symefa64.sys [2012-10-1 1129120]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20130116.013_53b\BHDrvx64.sys [2013-1-16 1388120]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;C:\Windows\System32\drivers\NAVx64\1309000.009\ccsetx64.sys [2012-10-1 167072]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20130124.001_572\IDSviA64.sys [2013-1-24 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NAVx64\1309000.009\ironx64.sys [2012-10-1 190072]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NAVx64\1309000.009\symnets.sys [2012-10-1 405624]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-8-11 913792]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-10-25 379520]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2012-8-11 168448]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-8-11 131072]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-6-9 555392]
R2 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-15 48488]
R2 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-11-20 8704]
R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\ccsvchst.exe [2012-10-1 138272]
R2 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-10-26 241488]
R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-4-1 67664]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-16 13832]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-10-25 2656280]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-1-21 138912]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-5-8 138024]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-5-8 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-5-8 76912]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2011-10-25 1103976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]
S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-4-1 267480]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2011-3-18 74840]
S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-11-17 131912]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-18 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-18 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-27 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-01-25 22:02:24 -------- d-----w- C:\Users\Penny\AppData\Roaming\ParetoLogic
2013-01-25 22:02:24 -------- d-----w- C:\Users\Penny\AppData\Roaming\DriverCure
2013-01-25 22:01:57 -------- d-----w- C:\Program Files (x86)\Common Files\ParetoLogic
2013-01-25 22:01:54 -------- d-----w- C:\ProgramData\ParetoLogic
2013-01-25 22:01:54 -------- d-----w- C:\Program Files (x86)\ParetoLogic
2013-01-25 21:43:34 -------- d-----w- C:\Users\Penny\AppData\Local\{3934DCD2-9A0C-4A0F-96B5-3161B4B7EF4B}
2013-01-24 02:35:35 -------- d-----w- C:\Users\Penny\AppData\Roaming\Malwarebytes
2013-01-24 02:35:25 -------- d-----w- C:\ProgramData\Malwarebytes
2013-01-24 02:35:25 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-24 02:35:02 -------- d-----w- C:\Users\Penny\AppData\Local\Programs
2013-01-24 02:29:40 -------- d-----w- C:\Users\Penny\AppData\Local\{964B21FF-3AF2-4DB4-AF43-4A75CC323E6E}
2013-01-23 01:13:42 -------- d-----w- C:\Users\Penny\AppData\Local\{791877E5-3AF1-4A01-98F5-B7033BE57106}
2013-01-22 01:29:32 -------- d-----w- C:\Users\Penny\AppData\Local\{42D6E040-927D-47AD-8841-F3DD26E6D0A9}
2013-01-22 00:54:11 -------- d-----w- C:\Users\Penny\AppData\Local\{E064F5D4-0514-44A6-9021-B10ABF98AE19}
2013-01-21 11:56:30 -------- d-----w- C:\Users\Penny\AppData\Local\{70D7F539-2B66-4726-889A-30CDF433E3D9}
2013-01-20 19:54:31 -------- d-----w- C:\Users\Penny\AppData\Local\{9FBA1788-5328-40A9-9A31-F90C14134128}
2013-01-20 02:26:36 -------- d-----w- C:\Users\Penny\AppData\Local\Diagnostics
2013-01-19 18:42:16 -------- d-----w- C:\Users\Penny\AppData\Local\{C6837B6C-28CE-4A23-B7EA-B47CCFC6EF33}
2013-01-18 17:25:48 -------- d-----w- C:\Users\Penny\AppData\Local\UberLauncher
2013-01-13 22:18:09 118784 ----a-w- C:\Windows\System32\E_ILMHLA.DLL
2013-01-13 22:14:47 -------- d-----w- C:\Users\Penny\AppData\Local\{2503582D-76BB-4F45-A7EE-04FFD2310884}
2013-01-13 14:14:19 -------- d-----w- C:\ProgramData\Bohemia Interactive Studio
2013-01-08 02:17:42 -------- d-----w- C:\ProgramData\Media Center Programs
2013-01-08 02:17:41 -------- d--h--w- C:\Windows\PIF
2013-01-06 15:06:03 -------- d-----w- C:\Users\Penny\AppData\Local\{73B539B4-E236-4FB3-B770-F7445AEB5110}
2013-01-02 02:31:32 40960 ----a-r- C:\Users\Penny\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2013-01-02 02:31:32 40960 ----a-r- C:\Users\Penny\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2013-01-02 02:31:32 -------- d-----w- C:\Program Files (x86)\Project64 1.6
2012-12-31 14:12:56 -------- d-----w- C:\Users\Penny\AppData\Local\{4563C9FC-8FC9-46D6-89A5-7EA28AA0C5B5}
2012-12-31 01:25:41 -------- d-----w- C:\ProgramData\PopCap Games
2012-12-31 01:25:41 -------- d-----w- C:\Program Files (x86)\PopCap Games
2012-12-30 02:26:16 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2012-12-29 13:18:04 -------- d-----w- C:\Users\Penny\AppData\Local\{1481150F-FF1D-4F27-B0A6-27EC490B5E5B}
.
==================== Find3M ====================
.
2013-01-25 21:42:00 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2013-01-22 02:25:41 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-22 02:25:41 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
.
============= FINISH: 17:44:17.72 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/25/2011 9:56:26 PM
System Uptime: 1/25/2013 4:40:47 PM (1 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | K53E
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz | CPU 1 | 792/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 441 GiB total, 174.905 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP167: 1/21/2013 8:02:25 PM - Restore Operation
RP168: 1/22/2013 7:27:18 PM - Windows Update
.
==== Installed Programs ======================
.
??????? Windows Live Mesh ActiveX ??(????)
??????? Windows Live Mesh ActiveX ???
7-zip v9.20
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.5)
Advanced SystemCare 5
Alcor Micro USB Card Reader
Alliance of Valiant Arms
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ARMA 2
ARMA 2: Operation Arrowhead
ARMA 2: Operation Arrowhead Beta
ASPCA Reminder by We-Care.com v4.1.19.1
ASUS AI Recovery
ASUS FaceLogon
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS Power4Gear Hybrid
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ASUS WebStorage
AsusScr_K3 Series_ENG
AsusVibe2.0
ATK Package
BattlEye for OA Uninstall
Black Shades (remove only)
Blockade Runner
Bonjour
Bully: Scholarship Edition
Call of Duty: Modern Warfare 3 - Multiplayer
CCleaner
Cisco Connect
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Control ActiveX de Windows Live Mesh para conexiones remotas
Controlo ActiveX do Windows Live Mesh para Ligações Remotas
Counter-Strike: Global Offensive
Counter-Strike: Source
Counter-Strike: Source Beta
CyberLink LabelPrint
CyberLink Power2Go
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Duke Nukem Forever
Dungeon Defenders
Epson Connect
Epson Customer Participation
Epson Event Manager
EPSON NX230 Series Printer Uninstall
EPSON Scan
EpsonNet Print
ETDWare PS/2-X64 8.0.5.1_WHQL
Fallen Earth
Fast Boot
Free Media Pack version 1.7
FTL: Faster Than Light
Galeria de Fotografias do Windows Live
Galerie de photos Windows Live
Galería fotográfica de Windows Live
GameMaker: Studio
Garmin BaseCamp
Garmin USB Drivers
Garry's Mod
Garry's Mod 13 Beta
Google Chrome
Google SketchUp 8
Google Update Helper
H&R Block North Carolina 2011
H&R Block Premium + Efile + State 2011
Hard Time
Hi-Rez Studios Authenticate and Update Service
InstallIQ Updater
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Turbo Boost Technology Monitor
Intrusion 2
iTunes
Java 7 Update 7
Java 7 Update 7 (64-bit)
Java Auto Updater
Jawbone Updater
Junk Mail filter update
Just Cause 2 Demo
Just Cause Demo
Lagarith lossless video codec (Remove Only)
Magic: The Gathering – Tactics
Mesh Runtime
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 4.0
Mozilla Firefox 15.0 (x86 en-US)
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
NaturalMotion endorphin 2.7.1
Norton AntiVirus
Nuance PDF Reader
NVIDIA PhysX
PAYDAY: The Heist
PinPhotoZoom
PlanetSide 2
Play withSIX
Pokémon Trading Card Game Online
Portal 2
Project64 1.6
Protected Search 1.1
Realtek High Definition Audio Driver
REALTEK Wireless LAN Driver
RegCure Pro
Rubber Ninjas Demo 1.05
Saints Row: The Third
Saints Row: The Third - Initiation Station
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Six Updater
Skype™ 5.10
Sleeping Dogs™
Sniper Elite V2 Demo
Sonic Focus
Steam
Stronghold Kingdoms
Super Monday Night Combat
syncables desktop SE
Terraria
The Lord of the Rings Online™
The Lord of the Rings Online™ v03.07.01.8015
TmNationsForever
Trend Micro Titanium Internet Security
Tribes: Ascend
Ultima Online Classic Client
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VLC media player 2.0.0
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
Windows Live
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinFlash
WinRAR 4.11 (32-bit)
Wireless Console 3
Wizard101
.
==== Event Viewer Messages From Past Week ========
.
1/25/2013 4:43:16 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\System Volume Information\Syscache.hve' was corrupted and it has been recovered. Some data might have been lost.
1/25/2013 4:41:16 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\SOFTWARE' was corrupted and it has been recovered. Some data might have been lost.
1/25/2013 4:18:11 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64
1/24/2013 6:29:32 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
1/24/2013 6:28:51 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NAV service.
1/22/2013 7:24:48 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
1/22/2013 7:24:48 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/21/2013 8:35:42 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.
1/19/2013 10:39:23 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.141. The computer with the IP address 192.168.1.126 did not allow the name to be claimed by this computer.
1/18/2013 8:40:23 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
1/18/2013 8:40:23 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/18/2013 8:40:23 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
1/18/2013 7:36:03 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
.
==== End Of File ===========================
Perkypen
Regular Member
 
Posts: 180
Joined: February 9th, 2005, 12:07 pm
Location: Catawba, NC
Advertisement
Register to Remove

Re: Firefox locking up.

Unread postby askey127 » January 25th, 2013, 7:07 pm

Hi Perkypen,
You have too many antivirus programs installed.
More than ONE will reduce your protection and may make your system unstable.
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

Advanced SystemCare 5
RegCure Pro
Trend Micro Titanium Internet Security

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
-------------------------------------------------------------
Run Junkware Removal Tool
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software (Antivirus) now to avoid potential conflicts.

  • Run the tool by double-clicking it. If you are using Vista, Win7, or Win8, right-click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient, as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Firefox locking up.

Unread postby Perkypen » January 25th, 2013, 10:16 pm

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.5.0 (01.23.2013:2)
OS: Windows 7 Home Premium x64
Ran by Penny on Fri 01/25/2013 at 21:01:57.07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\speetitupfree
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\browsermngr start page
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{98889811-442d-49dd-99d7-dc866be87dbc}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2404180575-613936789-2187745631-1000\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2404180575-613936789-2187745631-1000\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Search Bar
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2404180575-613936789-2187745631-1000\software\microsoft\internet explorer\main\\Search Bar
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Search Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2404180575-613936789-2187745631-1000\software\microsoft\internet explorer\main\\Search Page
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\search\\Default_Search_URL
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2404180575-613936789-2187745631-1000\software\microsoft\internet explorer\search\\Default_Search_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\f
Successfully deleted: [Registry Key] hkey_classes_root\funmoods.dskbnd
Successfully deleted: [Registry Key] hkey_classes_root\funmoods.dskbnd.1
Successfully deleted: [Registry Key] hkey_classes_root\funmoods.funmoodshlpr
Successfully deleted: [Registry Key] hkey_classes_root\funmoods.funmoodshlpr.1
Successfully deleted: [Registry Key] hkey_classes_root\funmoodsapp.appcore
Successfully deleted: [Registry Key] hkey_classes_root\funmoodsapp.appcore.1
Successfully deleted: [Registry Key] hkey_local_machine\software\babylon
Successfully deleted: [Registry Key] hkey_local_machine\software\babylontoolbar
Successfully deleted: [Registry Key] hkey_local_machine\software\browsermngr
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\datamngr
Successfully deleted: [Registry Key] hkey_current_user\software\default tab
Successfully deleted: [Registry Key] hkey_local_machine\software\default tab
Successfully deleted: [Registry Key] hkey_local_machine\software\freeze.com
Successfully deleted: [Registry Key] hkey_current_user\software\iminent
Successfully deleted: [Registry Key] hkey_local_machine\software\iminent
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\competeinc
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduitsearchscopes
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\freecause
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\autocompletepro.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\iehelperv2.5.0.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\iehelperv250.wecarereminder
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\iehelperv250.wecarereminder.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\suggestmeyes.suggestmeyesbho
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\suggestmeyes.suggestmeyesbho.1
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\iminent_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\iminent_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibar_install_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibar_install_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\searchqumediabar_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\searchqumediabar_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\wow6432node\microsoft\tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\wow6432node\microsoft\tracing\ilividsetupv1_rasmancs
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{26d675ac-d925-4bbf-a720-62c2aa4a81eb}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{26d675ac-d925-4bbf-a720-62c2aa4a81eb}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{4a0c8953-9d4e-4790-b732-2b9fc9ebce05}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{4a0c8953-9d4e-4790-b732-2b9fc9ebce05}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2406}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2406}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{d824f0de-3d60-4f57-9eb1-66033ecd8abb}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{d824f0de-3d60-4f57-9eb1-66033ecd8abb}



~~~ Files

Successfully deleted: [File] "C:\Users\Penny\appdata\local\funmoods-speeddial.crx"
Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\pc optimizer pro"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\ProgramData\w3i"
Successfully deleted: [Folder] "C:\ProgramData\wecarereminder"
Successfully deleted: [Folder] "C:\Users\Penny\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Penny\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Penny\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Penny\AppData\Roaming\pinphotozoom"
Successfully deleted: [Folder] "C:\Users\Penny\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Penny\appdata\local\downtango"
Successfully deleted: [Folder] "C:\Users\Penny\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\Penny\appdata\local\wajam"
Successfully deleted: [Folder] "C:\Users\Penny\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Penny\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Penny\appdata\locallow\downtangolaunchertoolbar"
Successfully deleted: [Folder] "C:\Users\Penny\appdata\locallow\toolbar4"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\fantastigames"
Successfully deleted: [Folder] "C:\Program Files (x86)\free offers from freeze.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\iminent"
Successfully deleted: [Folder] "C:\Program Files (x86)\pinphotozoom"
Successfully deleted: [Folder] "C:\Program Files (x86)\protected search"
Successfully deleted: [Folder] "C:\Program Files (x86)\shop to win"
Successfully deleted: [Folder] "C:\Program Files (x86)\w3i"
Successfully deleted: [Folder] "C:\Users\Penny\AppData\Roaming\microsoft\windows\start menu\programs\browser manager"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"
Successfully deleted: [File] C:\Users\Penny\AppData\Roaming\mozilla\firefox\profiles\1rdw4rqh.default\user.js
Successfully deleted: [File] C:\Users\Penny\AppData\Roaming\mozilla\firefox\profiles\1rdw4rqh.default\browsermngr_extensions.sqlite
Successfully deleted: [File] C:\Users\Penny\AppData\Roaming\mozilla\firefox\profiles\1rdw4rqh.default\browsermngr_prefs.js
Successfully deleted: [File] C:\Users\Penny\AppData\Roaming\mozilla\firefox\profiles\1rdw4rqh.default\extensions\addon@defaulttab.com.xpi
Successfully deleted: [File] C:\Users\Penny\AppData\Roaming\mozilla\firefox\profiles\1rdw4rqh.default\searchplugins\babylonmngr.xml
Successfully deleted: [File] C:\Users\Penny\AppData\Roaming\mozilla\firefox\profiles\1rdw4rqh.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\Penny\AppData\Roaming\mozilla\firefox\profiles\1rdw4rqh.default\searchplugins\search-here.xml
Successfully deleted: [File] C:\Users\Penny\AppData\Roaming\mozilla\firefox\profiles\1rdw4rqh.default\searchplugins\search.xml
Successfully deleted: [File] C:\Users\Penny\AppData\Roaming\mozilla\firefox\profiles\1rdw4rqh.default\searchplugins\search_results.xml
Successfully deleted: [Folder] C:\Users\Penny\AppData\Roaming\mozilla\firefox\profiles\1rdw4rqh.default\extensions\{ebc3cfe3-606b-4470-98ae-4dd305d4c0b9}
Successfully deleted: [Registry Value] hkey_local_machine\software\mozilla\firefox\extensions\\webbooster@iminent.com
Successfully deleted the following from C:\Users\Penny\AppData\Roaming\mozilla\firefox\profiles\1rdw4rqh.default\prefs.js

user_pref("avg.install.userHPSettings", "http://search.babylon.com/?affID=110790&tt=3612_8&babsrc=HP_ss&mntrId=2484ebdd000000000000742f6866a66b");
user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
user_pref("browser.search.defaultengine", "Web Search");
user_pref("browser.search.defaultenginename", "Web Search");
user_pref("browser.search.defaultthis.engineName", "InternetHelper Customized Web Search");
user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3237160&SearchSource=3&q={searchTerms}");
user_pref("browser.search.order.1", "Web Search");
user_pref("browser.search.selectedEngine", "Web Search");
user_pref("browser.startup.homepage", "http://search.certified-toolbar.com?si=41460&home=true&tid=592");
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
user_pref("extensions.BabylonToolbar.autoRvrt", "false");
user_pref("extensions.BabylonToolbar.babExt", "");
user_pref("extensions.BabylonToolbar.babTrack", "affID=110790&tt=3612_8");
user_pref("extensions.BabylonToolbar.babext", "babExt");
user_pref("extensions.BabylonToolbar.babtrack", "babTrack");
user_pref("extensions.BabylonToolbar.bbDpng", "16");
user_pref("extensions.BabylonToolbar.bbdpng", 9);
user_pref("extensions.BabylonToolbar.cntry", "US");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.dfltlng", "en");
user_pref("extensions.BabylonToolbar.dfltsrch", "false");
user_pref("extensions.BabylonToolbar.envrmnt", "production");
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.firstrun", false);
user_pref("extensions.BabylonToolbar.hdrMd5", "CBEB11E6F7AD213067FBCFF998BAC61A");
user_pref("extensions.BabylonToolbar.hmpg", false);
user_pref("extensions.BabylonToolbar.hrdid", "2484ebdd000000000000742f6866a66b");
user_pref("extensions.BabylonToolbar.id", "2484ebdd000000000000742f6866a66b");
user_pref("extensions.BabylonToolbar.instlDay", "15592");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.instlday", "15592");
user_pref("extensions.BabylonToolbar.instlref", "sst");
user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false");
user_pref("extensions.BabylonToolbar.keywordurl", "");
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1221:46:14");
user_pref("extensions.BabylonToolbar.lastdp", 9);
user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");
user_pref("extensions.BabylonToolbar.newTab", false);
user_pref("extensions.BabylonToolbar.newtab", "false");
user_pref("extensions.BabylonToolbar.newtaburl", "");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.prtnrid", "babylon");
user_pref("extensions.BabylonToolbar.savedVrsnTs", "1");
user_pref("extensions.BabylonToolbar.sg", "czb");
user_pref("extensions.BabylonToolbar.smplGrp", "czb");
user_pref("extensions.BabylonToolbar.smplgrp", "none");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.srcext", "ss");
user_pref("extensions.BabylonToolbar.srch", "");
user_pref("extensions.BabylonToolbar.srchprvdr", "");
user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=2484ebdd000000000000742f6866a66b&q=");
user_pref("extensions.BabylonToolbar.tlbrid", "tb9");
user_pref("extensions.BabylonToolbar.tlbrsrchurl", "http://search.babylon.com/?babsrc=TB_def&mntrId=2484ebdd000000000000742f6866a66b&q=");
user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1221:46:14");
user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1221:46:14");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110790&tt=3612_8");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1221:46:14");
user_pref("extensions.defaulttab.active.affiliate", 2636);
user_pref("extensions.defaulttab.active.overridechromesearch", false);
user_pref("extensions.defaulttab.active.overridekeywordsearch", false);
user_pref("extensions.defaulttab.active.yw3i", "W3i_IA,206,0_0,Search,20120936,18175,0,0,0");
user_pref("extensions.defaulttab.browserID", "99D263F55CF9407F059954685C9EDFDB");
user_pref("extensions.defaulttab.config", "{\"status\": \"ok\", \"config\": {\"dns_error_handling\": \"Scenario_1,Scenario_2\", \"set_default_search\": \"Search Here|Search He
user_pref("extensions.defaulttab.firstrun", false);
user_pref("extensions.defaulttab.installedVersion", "1.4.2");
user_pref("extensions.defaulttab.lastUsed", 1351440532);
user_pref("extensions.funmoods.aflt", "axl");
user_pref("extensions.funmoods.autoRvrt", false);
user_pref("extensions.funmoods.cntry", "US");
user_pref("extensions.funmoods.cv", "cv5");
user_pref("extensions.funmoods.dfltLng", "");
user_pref("extensions.funmoods.dfltSrch", true);
user_pref("extensions.funmoods.dnsErr", true);
user_pref("extensions.funmoods.envrmnt", "production");
user_pref("extensions.funmoods.excTlbr", false);
user_pref("extensions.funmoods.hdrMd5", "DFF48330CFB3930F5CA5502A5C78D0A3");
user_pref("extensions.funmoods.hmpg", true);
user_pref("extensions.funmoods.hmpgUrl", "http://start.funmoods.com/?f=1&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzzyCyC0AyCyC0B0E0B0D0DtN0D0Tzu0CtByDyCtN1L2XzutBtFtCtFtCtF
user_pref("extensions.funmoods.id", "742F6866A66BEBDD");
user_pref("extensions.funmoods.instlDay", "15595");
user_pref("extensions.funmoods.instlRef", "axl");
user_pref("extensions.funmoods.isdcmntcmplt", true);
user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2220:45:42");
user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
user_pref("extensions.funmoods.newTab", true);
user_pref("extensions.funmoods.newTabUrl", "http://start.funmoods.com/?f=2&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzzyCyC0AyCyC0B0E0B0D0DtN0D0Tzu0CtByDyCtN1L2XzutBtFtCtFtC
user_pref("extensions.funmoods.prdct", "funmoods");
user_pref("extensions.funmoods.prtnrId", "funmoods");
user_pref("extensions.funmoods.sg", "none");
user_pref("extensions.funmoods.smplGrp", "none");
user_pref("extensions.funmoods.srchPrvdr", "Search");
user_pref("extensions.funmoods.tlbrId", "base");
user_pref("extensions.funmoods.tlbrSrchUrl", "http://start.funmoods.com/?f=3&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzzyCyC0AyCyC0B0E0B0D0DtN0D0Tzu0CtByDyCtN1L2XzutBtFtCtF
user_pref("extensions.funmoods.vrsn", "1.5.23.22");
user_pref("extensions.funmoods.vrsnTs", "1.5.23.2220:45:42");
user_pref("extensions.funmoods.vrsni", "1.5.23.22");
user_pref("extensions.funmoods.xpestat\\xpereportdata", "16-8-2012");
user_pref("extensions.funmoods_i.newTab", true);
user_pref("extensions.funmoods_i.smplGrp", "none");
user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2220:45:42");
user_pref("extensions.wajam.affiliate_id", "6447");
user_pref("extensions.wajam.firstrun", "false");
user_pref("extensions.wajam.log_send_info", "false");
user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21083\",\"supported_sites\":{\"google\":{\"patterns\":[\"^http\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\
user_pref("extensions.wajam.no_trace", "false");
user_pref("extensions.wajam.server_current_mapping_version", "0.21083");
user_pref("extensions.wajam.supported_sites.ask.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_
user_pref("extensions.wajam.supported_sites.bing.wajam_yahoo_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABE
user_pref("extensions.wajam.supported_sites.yahoo.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAM
user_pref("extensions.wajam.trace_log", "1346618395459 - processInstallationUpgrade - openFirstRunDownloadPage\n1346618395460 - processInstallationUpgrade - firstrun set to fa
user_pref("extensions.wajam.unique_id", "3C63A9A1ACD9C145FF0C330F184C07D3");
user_pref("extensions.wajam.user_current_mapping_version", "0");
user_pref("extensions.wajam.version", "1.25");
user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sale A Day\",\"autordr\":1,\"n\":\"3\",\"td\":1.5},\"1-Stop-Florists\":{\"nam
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent101", "1347805836460");
user_pref("keyword.URL", "http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=");
user_pref("sweetim.toolbar.urls.homepage", "http://search.babylon.com/?affID=110790&tt=3612_8&babsrc=HP_ss&mntrId=2484ebdd000000000000742f6866a66b");
Emptied folder: C:\Users\Penny\AppData\Roaming\mozilla\firefox\profiles\1rdw4rqh.default\minidumps [33 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Penny\appdata\local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm
Successfully deleted: [Registry Key] hkey_current_user\software\google\chrome\extensions\bbjciahceamgodcoidkjpchnokgfpphh
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\bbjciahceamgodcoidkjpchnokgfpphh
Successfully deleted: [Registry Key] hkey_current_user\software\google\chrome\extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\ippkomaaonokjnfjoikaemidanojkfmm
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\mbdamgnimlipjnpgiakiojcbbmcmiibn



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/25/2013 at 21:09:12.70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Perkypen
Regular Member
 
Posts: 180
Joined: February 9th, 2005, 12:07 pm
Location: Catawba, NC

Re: Firefox locking up.

Unread postby askey127 » January 26th, 2013, 7:55 am

perkypen,
---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
---------------------------------------------
Run a Scan with OTL
  • Right click the OTL icon and choose "Run as administrator" to run it.
  • Check the box at the top, labeled Include 64 bit scans
  • Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  • Make sure all other windows are closed to let it run uninterrupted.
  • Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
OTL.txt will be open on your desktop, and Extras.txt will be minimized in your taskbar.
The Extras.txt file will only appear the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Firefox locking up.

Unread postby Perkypen » January 26th, 2013, 10:34 am

You stated the scan would not take long. It seems to be stuck on "Scanning Firefox settings" It has been scanning this file for the past 15 minutes. Is this correct?
Perkypen
Regular Member
 
Posts: 180
Joined: February 9th, 2005, 12:07 pm
Location: Catawba, NC

Re: Firefox locking up.

Unread postby askey127 » January 26th, 2013, 10:53 am

I would let it run 30 min. if necessary.
Failing that, reboot the machine and try it again.
Make sure you "Run as administrator"
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Firefox locking up.

Unread postby Perkypen » January 26th, 2013, 5:26 pm

OTL logfile created on: 1/26/2013 12:00:46 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Penny\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.78 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 44.31% Memory free
7.57 Gb Paging File | 5.11 Gb Available in Paging File | 67.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 440.76 Gb Total Space | 174.72 Gb Free Space | 39.64% Space Free | Partition Type: NTFS

Computer Name: PENNY-PC | User Name: Penny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/26 11:41:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Penny\Downloads\OTL.exe
PRC - [2013/01/22 19:24:01 | 000,541,608 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/04 17:19:58 | 001,354,736 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/09/23 10:54:24 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\ccsvchst.exe
PRC - [2012/01/09 09:09:56 | 001,556,128 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2011/12/06 15:21:36 | 000,101,544 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2011/10/25 07:48:07 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011/10/18 17:38:26 | 002,319,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2011/10/03 11:46:00 | 000,760,448 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\smartlogon.exe
PRC - [2011/10/03 11:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
PRC - [2011/02/01 15:20:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 15:20:46 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/01/25 13:32:28 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010/10/12 12:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2010/10/07 16:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/08/17 16:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/07/10 00:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/11/02 16:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/06/19 12:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 12:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 19:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/13 23:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/26 08:49:37 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/01/26 08:49:02 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/01/26 08:48:40 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013/01/26 08:48:35 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/26 08:48:31 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/01/26 08:48:17 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/26 08:48:04 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/26 08:47:59 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/26 08:47:57 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/26 08:47:36 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2011/12/06 15:21:34 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2007/07/12 10:11:54 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/06/09 12:01:00 | 000,555,392 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV:64bit: - [2011/01/25 16:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2011/01/11 13:00:00 | 000,168,448 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:64bit: - [2011/01/11 13:00:00 | 000,131,072 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/16 18:07:42 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/01/22 19:24:01 | 000,541,608 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/01/21 21:25:42 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/17 08:42:55 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2012/11/14 08:44:28 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012/09/23 10:54:24 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe -- (NAV)
SRV - [2012/06/07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/05 07:19:00 | 003,953,632 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011/02/01 15:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 15:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/05 21:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309000.009\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 21:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309000.009\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/06 23:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309000.009\ccsetx64.sys -- (ccSet_NAV)
DRV:64bit: - [2012/05/21 20:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309000.009\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/04/17 21:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309000.009\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/17 20:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309000.009\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/03/23 19:15:17 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 10:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/26 15:22:48 | 012,288,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/07/25 21:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309000.009\symds64.sys -- (SymDS)
DRV:64bit: - [2011/03/18 00:36:18 | 000,074,840 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/31 05:30:10 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/11/23 05:09:42 | 001,103,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/11/20 08:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/05 10:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/14 11:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/08/24 04:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/04/16 18:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/10/04 20:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/20 04:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/23 19:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/01/25 16:32:17 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20130125.023\ex64.sys -- (NAVEX15)
DRV - [2013/01/25 16:32:17 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20130125.023\eng64.sys -- (NAVENG)
DRV - [2013/01/24 16:31:08 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20130124.001_572\IDSviA64.sys -- (IDSVia64)
DRV - [2013/01/21 20:33:32 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/01/16 03:22:36 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20130116.013_53b\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/01/06 00:30:41 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/07/26 15:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 19:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=axl&ch ... =156910436
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=592
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=592
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si= ... ue&tid=592
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes,DefaultScope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{7F7F418D-377B-71D0-9040-0B6F8134CAE0}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}

IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.babylon.com/?affID=110790 ... 2f6866a66b
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=592
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=592
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si= ... ue&tid=592
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\..\URLSearchHook: {9d0f7eb2-452d-4766-b535-8d23e36c300e} - No CLSID value found
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\..\SearchScopes,DefaultScope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\..\SearchScopes\{7F7F418D-377B-71D0-9040-0B6F8134CAE0}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110790&tt=3612_8&babsrc=SP_ss&mntrId=2484ebdd000000000000742f6866a66b
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\..\SearchScopes\{C2DEED75-7FDC-4C6B-A115-333EC3EB00FE}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3237160
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\..\SearchScopes\{F0D60785-D3CA-4228-9390-AD0087CAA5DB}: "URL" = http://www.mysearchresults.com/search?&c=2636&t=03&q={searchTerms}
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/mdickie/{8A43B5A1-FC00-4FF7-BB7E-A3BC0785E122}
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\URLSearchHook: {9d0f7eb2-452d-4766-b535-8d23e36c300e} - No CLSID value found
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\SearchScopes,BrowserMngrDefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110795&tt=3512_1&babsrc=SP_ss&mntrId=2484ebdd000000000000742f6866a66b
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/mdickie/{8A43B5A1-FC00-4FF7-BB7E-A3BC0785E122}?q={searchTerms}
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\SearchScopes\{C2DEED75-7FDC-4C6B-A115-333EC3EB00FE}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3237160
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:4.0.4
FF - prefs.js..extensions.enabledAddons: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.5.1.20121012015120
FF - prefs.js..extensions.enabledAddons: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.1.1.5 - 2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\IPSFFPlgn\ [2013/01/25 18:56:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ntfdsaftsfdfdxx@mozilla.org: C:\Users\Penny\AppData\Roaming\Free Media Pack\extension_firefox.xpi [2012/09/08 20:46:14 | 000,049,469 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/25 18:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/25 18:56:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/09/16 09:50:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Penny\AppData\Roaming\Mozilla\Extensions
[2013/01/25 21:08:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Penny\AppData\Roaming\Mozilla\Firefox\Profiles\1rdw4rqh.default\extensions
[2012/12/02 15:04:04 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Penny\AppData\Roaming\Mozilla\Firefox\Profiles\1rdw4rqh.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012/10/20 08:02:08 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Penny\AppData\Roaming\Mozilla\Firefox\Profiles\1rdw4rqh.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/09/27 19:21:51 | 000,003,267 | ---- | M] () -- C:\Users\Penny\AppData\Roaming\Mozilla\Firefox\Profiles\1rdw4rqh.default\searchplugins\Web Search.xml
[2013/01/25 11:36:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/01/25 18:56:47 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\IPSFFPLGN
[2012/09/23 10:54:24 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/01/25 11:36:08 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/01/25 11:36:08 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/09/27 19:21:51 | 000,003,267 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Web Search (Enabled)
CHR - default_search_provider: search_url = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzzyCyC0AyCyC0B0E0B0D0DtN0D0Tzu0CtByDyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=156910436
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.8_0\BabylonChromeToolBar.dll
CHR - plugin: Wajam (Enabled) = C:\Users\Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (PinPhotoZoom) - {4a0c8953-9d4e-4790-b732-2b9fc9ebce05} - C:\Users\Penny\AppData\Roaming\PinPhotoZoom\64\AutocompletePro64.dll File not found
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\..\Toolbar\WebBrowser: (no name) - {9D0F7EB2-452D-4766-B535-8D23E36C300E} - No CLSID value found.
O3 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\Toolbar\WebBrowser: (no name) - {9D0F7EB2-452D-4766-B535-8D23E36C300E} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2404180575-613936789-2187745631-1000..\Run: [Desura] C:\Program Files (x86)\Desura\desura.exe (Desura Pty Ltd)
O4 - HKU\S-1-5-21-2404180575-613936789-2187745631-1000..\Run: [DW7] C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe (The Weather Channel)
O4 - HKU\S-1-5-21-2404180575-613936789-2187745631-1000..\Run: [Epson Stylus NX230(Network)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLA.EXE /FU "C:\Users\Penny\AppData\Local\Temp\E_S4CD8.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-2404180575-613936789-2187745631-1000..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found
O4 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart File not found
O4 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003..\Run: [Exetender] "C:\Program Files (x86)\FantastiGames\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003..\Run: [InstallIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun File not found
O4 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD04AFDA-8EE6-4120-8ADF-7DBB5FC4DE94}: DhcpNameServer = 24.178.162.3 66.189.0.100 24.217.201.67
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBB90AF4-61D5-41A7-BDBC-6766502E2BDB}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/26 11:38:26 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{8CF92DFD-2FE7-4EDF-AE05-9A7E94DB3E99}
[2013/01/25 21:01:47 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/01/25 21:01:27 | 000,000,000 | ---D | C] -- C:\JRT
[2013/01/25 17:02:24 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Roaming\ParetoLogic
[2013/01/25 17:01:54 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2013/01/25 16:59:47 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/01/25 16:59:47 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/01/25 16:59:07 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/01/25 16:59:06 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/01/25 16:58:49 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/01/25 16:58:49 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/01/25 16:58:49 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/01/25 16:58:49 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/01/25 16:58:49 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/01/25 16:58:49 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/01/25 16:58:49 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/01/25 16:58:49 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/01/25 16:58:49 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/01/25 16:58:49 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/01/25 16:58:49 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/01/25 16:58:49 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/01/25 16:58:49 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/01/25 16:58:49 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/01/25 16:58:49 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/01/25 16:58:49 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/01/25 16:58:49 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/01/25 16:58:49 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/01/25 16:58:49 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/01/25 16:58:49 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/01/25 16:58:49 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/01/25 16:58:46 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/01/25 16:58:45 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/01/25 16:58:44 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/01/25 16:58:42 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/01/25 16:58:42 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/01/25 16:58:41 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/01/25 16:58:41 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/01/25 16:58:41 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/01/25 16:58:41 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/01/25 16:58:41 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/01/25 16:57:37 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/01/25 16:57:36 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/01/25 16:57:34 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/01/25 16:57:34 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/01/25 16:57:34 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/01/25 16:57:34 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/01/25 16:57:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/01/25 16:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/01/25 16:57:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/01/25 16:57:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/01/25 16:57:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/01/25 16:57:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/01/25 16:57:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/01/25 16:57:33 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/01/25 16:57:33 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/01/25 16:57:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/25 16:57:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/25 16:57:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/25 16:57:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/25 16:57:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/25 16:57:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/01/25 16:57:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/01/25 16:57:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/25 16:57:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/25 16:57:32 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/01/25 16:57:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/01/25 16:57:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/25 16:57:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/01/25 16:57:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/01/25 16:57:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/01/25 16:57:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/25 16:57:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/01/25 16:57:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/01/25 16:57:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/01/25 16:56:47 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/01/25 16:43:34 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{3934DCD2-9A0C-4A0F-96B5-3161B4B7EF4B}
[2013/01/23 21:35:35 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Roaming\Malwarebytes
[2013/01/23 21:35:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/01/23 21:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/23 21:35:02 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\Programs
[2013/01/23 21:29:40 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{964B21FF-3AF2-4DB4-AF43-4A75CC323E6E}
[2013/01/22 20:13:42 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{791877E5-3AF1-4A01-98F5-B7033BE57106}
[2013/01/21 21:09:25 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/01/21 21:07:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/21 21:07:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/21 20:29:32 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{42D6E040-927D-47AD-8841-F3DD26E6D0A9}
[2013/01/21 19:54:11 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{E064F5D4-0514-44A6-9021-B10ABF98AE19}
[2013/01/21 06:56:30 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{70D7F539-2B66-4726-889A-30CDF433E3D9}
[2013/01/20 16:55:11 | 000,000,000 | ---D | C] -- C:\Users\Penny\Documents\My Games
[2013/01/20 14:54:31 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{9FBA1788-5328-40A9-9A31-F90C14134128}
[2013/01/19 21:26:36 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\Diagnostics
[2013/01/19 13:42:16 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{C6837B6C-28CE-4A23-B7EA-B47CCFC6EF33}
[2013/01/18 12:25:48 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\UberLauncher
[2013/01/13 17:18:09 | 000,118,784 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMHLA.DLL
[2013/01/13 17:14:47 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{2503582D-76BB-4F45-A7EE-04FFD2310884}
[2013/01/13 09:14:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Bohemia Interactive Studio
[2013/01/07 21:18:07 | 000,000,000 | ---D | C] -- C:\Users\Penny\Documents\EA Games
[2013/01/07 21:17:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2013/01/07 21:17:41 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2013/01/06 10:06:03 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{73B539B4-E236-4FB3-B770-F7445AEB5110}
[2013/01/01 21:31:33 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
[2013/01/01 21:31:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Project64 1.6
[2013/01/01 13:39:36 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/12/31 09:12:56 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{4563C9FC-8FC9-46D6-89A5-7EA28AA0C5B5}
[2012/12/30 20:25:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
[2012/12/30 20:25:41 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2012/12/30 20:25:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PopCap Games
[2012/12/29 21:26:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/12/29 08:18:04 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{1481150F-FF1D-4F27-B0A6-27EC490B5E5B}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/26 11:41:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/26 11:39:18 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/26 11:38:02 | 000,000,632 | RHS- | M] () -- C:\Users\Penny\ntuser.pol
[2013/01/26 11:37:57 | 000,000,414 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro64 startups.job
[2013/01/26 11:25:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/26 11:03:00 | 000,000,260 | ---- | M] () -- C:\Windows\tasks\RGames Updater.job
[2013/01/26 08:58:00 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/26 08:58:00 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/26 08:38:34 | 000,417,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/26 08:38:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/26 08:37:42 | 3046,805,504 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/25 22:15:38 | 000,804,224 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/25 22:15:38 | 000,681,660 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/25 22:15:38 | 000,130,236 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/25 22:15:32 | 000,804,224 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/25 20:59:00 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2013/01/25 20:39:34 | 000,002,257 | ---- | M] () -- C:\Users\Penny\Desktop\Google Chrome.lnk
[2013/01/21 21:25:41 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/01/21 21:25:41 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/01/20 09:54:13 | 000,828,671 | ---- | M] () -- C:\Users\Penny\AppData\Local\Tempmusic.ogg
[2013/01/12 19:32:37 | 331,647,579 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/01/07 21:17:43 | 000,000,949 | ---- | M] () -- C:\Users\Penny\Desktop\Ultima Online Classic Client.lnk
[2013/01/02 17:28:51 | 000,002,856 | ---- | M] () -- C:\{C88928C1-05D5-4AC6-A2AF-CC0EED284DCF}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/07 21:17:43 | 000,000,949 | ---- | C] () -- C:\Users\Penny\Desktop\Ultima Online Classic Client.lnk
[2013/01/02 17:28:50 | 000,002,856 | ---- | C] () -- C:\{C88928C1-05D5-4AC6-A2AF-CC0EED284DCF}
[2013/01/01 13:39:06 | 331,647,579 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/11/12 13:31:41 | 000,828,671 | ---- | C] () -- C:\Users\Penny\AppData\Local\Tempmusic.ogg
[2012/09/16 10:43:38 | 000,000,063 | ---- | C] () -- C:\Windows\wininit.ini
[2012/09/11 18:49:57 | 000,033,958 | ---- | C] () -- C:\ProgramData\uninstaller.exe
[2012/09/08 20:45:34 | 000,000,093 | ---- | C] () -- C:\Users\Penny\AppData\Local\fusioncache.dat
[2012/09/08 06:13:46 | 000,021,036 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012/09/08 06:13:46 | 000,015,132 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012/09/08 06:13:46 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012/09/01 14:20:46 | 000,860,211 | --S- | C] () -- C:\Windows\SysWow64\XSIFtk-3.6.2.1.dll
[2012/08/11 19:46:54 | 000,000,071 | ---- | C] () -- C:\Windows\ENX230.ini
[2012/08/07 13:49:20 | 004,608,000 | ---- | C] () -- C:\ProgramData\ReadOnlyInstaller.msi
[2012/01/21 21:22:34 | 000,804,224 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/05 17:10:01 | 000,000,632 | RHS- | C] () -- C:\Users\Penny\ntuser.pol
[2011/10/25 07:47:06 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2011/07/26 15:20:38 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/26 15:14:32 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/07/26 14:50:58 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/05/08 22:28:03 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/05/08 22:27:56 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/01/25 18:51:25 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\.minecraft
[2013/01/25 18:56:47 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\.techniclauncher
[2012/01/05 18:41:52 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\ASUS WebStorage
[2012/09/13 18:48:57 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\Atari
[2012/08/26 20:28:47 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\Awesomium
[2012/08/11 22:17:56 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\Epson
[2012/09/08 15:27:25 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\Exent Technologies
[2012/10/07 16:42:04 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\Firefly Studios
[2012/04/01 10:18:34 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\Hi-Rez Studios
[2012/09/08 07:46:10 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\Iminent
[2012/08/11 08:04:50 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\IObit
[2012/06/26 18:21:08 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\LOVE
[2012/02/06 17:45:15 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\NationRed
[2012/11/24 14:44:11 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\Play withSIX
[2012/12/14 16:49:09 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\Pokémon Trading Card Game Online
[2012/03/19 19:13:28 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\RotMG.Production
[2011/10/21 23:41:00 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\SkyBlock2.1
[2012/04/12 19:40:33 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\Unity
[2012/11/25 11:33:55 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\WeatherBug
[2013/01/22 19:38:15 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2013/01/22 19:38:15 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2012/01/05 20:41:44 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\.minecraft
[2012/08/11 09:30:07 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\.minecraft
[2011/12/26 08:54:18 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\ASUS WebStorage
[2012/08/12 12:34:58 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\Epson
[2012/12/02 15:50:32 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\Free Media Pack
[2012/09/09 12:01:42 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\Garmin
[2012/10/05 20:01:06 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\ijjigame
[2012/08/12 13:15:52 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\IObit
[2012/04/01 17:43:30 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\JawboneUpdater
[2012/08/11 20:05:36 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\Leadertech
[2012/09/08 20:46:39 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\Media Get LLC
[2012/09/16 10:27:54 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\NeopleLauncherDFO
[2011/12/25 10:38:27 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\Nuance
[2013/01/25 17:02:24 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\ParetoLogic
[2012/11/21 09:37:47 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\six-updater
[2012/07/22 17:52:22 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\six-zsync
[2012/02/04 11:19:23 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\TaxCut
[2012/08/11 12:35:56 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\TeamViewer
[2011/12/25 10:38:24 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\Zeon

========== Purity Check ==========



< End of report >
Perkypen
Regular Member
 
Posts: 180
Joined: February 9th, 2005, 12:07 pm
Location: Catawba, NC

Re: Firefox locking up.

Unread postby Perkypen » January 26th, 2013, 5:27 pm

OTL Extras logfile created on: 1/26/2013 12:00:46 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Penny\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.78 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 44.31% Memory free
7.57 Gb Paging File | 5.11 Gb Available in Paging File | 67.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 440.76 Gb Total Space | 174.72 Gb Free Space | 39.64% Space Free | Partition Type: NTFS

Computer Name: PENNY-PC | User Name: Penny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0082F1AD-59F0-49BC-A2B9-16EA3CD9F5EE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{07ABD2C1-B7B9-44DC-83F6-6A05CBA1397D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0D753FF3-5272-4F19-BBF5-67DCD40E74F3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{121BF8BE-18E6-40F9-B0D0-1FBF96E075CD}" = lport=139 | protocol=6 | dir=in | app=system |
"{15ACD661-2DCE-4523-9B7C-3F0198696E6F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1A165FF4-80F7-488F-A0ED-2A89D740AF12}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1A2218D6-D399-404A-B871-17EBB392804A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1C4807E7-3B1A-42AA-822C-D86791CFA425}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1C5B95D3-2875-4D16-A746-34061B8EC0AD}" = rport=137 | protocol=17 | dir=out | app=system |
"{2CE2C232-DEBE-48D9-BAB6-AFF70DA911C3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{32CA6032-93C4-4472-A793-FC6A795651DE}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |
"{34C2DA0E-5D31-4732-A096-C87DB1C601ED}" = lport=138 | protocol=17 | dir=in | app=system |
"{369DD98B-621E-45E5-B284-5E74F2F973FD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{62D0CA9E-FBDB-49FB-A3D8-1165CCC4CFF2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{67885200-6359-4EC0-BEA7-963D10F184CB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{71DA593C-C9E3-468F-9937-7BC4149B5376}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{75D3ABDB-AC37-4425-A399-1C4D806B00EE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82D54DA1-AD3C-42FE-B7D6-60DC238BC6F3}" = rport=138 | protocol=17 | dir=out | app=system |
"{86315A17-DE80-44ED-9DB5-8C8C466070A4}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
"{8C843F08-4535-464C-9419-4C963CBE1CAB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9EAA397A-8F0E-403A-93E3-1948856D46AF}" = rport=445 | protocol=6 | dir=out | app=system |
"{C6D80655-A6AA-469D-BE9D-D05378AD35E6}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{DDD42333-50AC-464D-A0C1-85558D9CE751}" = lport=137 | protocol=17 | dir=in | app=system |
"{DF09397C-1F22-4FC4-9239-2864E7178703}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DF44B65C-BF2C-4D2A-B298-9D74C3C18C06}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{E5B6AA0D-B960-4C23-B91C-5A1A7A42F5C4}" = rport=139 | protocol=6 | dir=out | app=system |
"{EF3132F1-5F94-46CF-B47B-B7E448231EE8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F1730D0B-4A9F-4A8A-BD95-BA6C9C03F79E}" = lport=445 | protocol=6 | dir=in | app=system |
"{F99516EF-8400-4E92-8148-74B88F6D7EAE}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01BB222F-7A6A-4209-B27F-D1DF00BE2BF9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{02B07344-4438-4115-8013-544AAC135112}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supercratebox\supercratebox.exe |
"{02F3A5CF-1240-49A8-810D-95203534F8E1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{045BA665-9D13-4DE5-A9CA-90EFAD5310F3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{053F097C-10D0-4430-B636-DC9D0EE0D883}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{05AC3FB4-570F-462E-A447-C8E4B995BFB8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0918E3CF-5B32-4792-9934-F9846FF61318}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gamemaker_studio\gamemakerplayer.exe |
"{0AE874FF-C73C-4B63-A038-A8C006A2DF0A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{0BC9FCFA-F95A-42F0-B77A-60897040DA58}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bully scholarship edition\bully.exe |
"{0BF786EA-9222-4F81-AB29-92E6A036968E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{10182CBD-1194-47FC-81D4-A019DFD7F557}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gamemaker_studio\gamemakerplayer.exe |
"{15B7A7F4-F881-4205-B29F-463BCE1A3B1D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maplestory\nxsteam.exe |
"{1BD088B5-DAFD-4095-8512-E51FF9C27B79}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{1D4A35A1-5245-4CFD-8469-4092839B4BDC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{1DD8F9B1-A78F-4808-BBB9-15FE1A08174B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{1E6483A1-5EEC-4AA6-9799-A9D0CB3A2C30}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third - initiation station\initiationstation.exe |
"{21C25057-368E-48A8-A458-98671B1E8158}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dfo\nxsteam.exe |
"{24AB0A31-F44B-46D6-91CF-9B3039A542EB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\uberlauncher.exe |
"{25392525-5463-48AF-ADEF-E2C392222D57}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{258BF884-DC9B-4FFC-A5BF-50CF14338248}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dfo\nxsteam.exe |
"{25E2C0BA-16EC-47B2-95A7-88C53966FAD6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause demo\justcausedemo.exe |
"{26E686CC-4A7B-4782-AAB9-1BA9BD0530D5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{2832F26C-357C-422D-BB27-9CFA7190AA45}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{28F28454-57A8-4C65-98A2-6D4C354222CA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper elite v2 demo\bin\sniperelitev2demo.exe |
"{2A916921-4DD2-4690-B450-546FA32B02C9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\awesomeash1\counter-strike source\hl2.exe |
"{2B0A300F-2FA9-4EE6-98F0-44D93A1F0EB4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{2CDF6F34-6A07-45A6-80F2-34D39444D721}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sleepingdogs\hkship.exe |
"{2D7D4780-0B9E-4A3F-9A81-03B78EA68874}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\engine.exe |
"{2FCDD421-C552-485B-8482-4158B86AF690}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{30517FA7-6F28-4516-B0EE-52982E8D91A5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{308714A5-A7BC-42FF-BE00-8DC824AF0ECA}" = protocol=6 | dir=in | app=e:\common\epsonnet setup\eneasyapp.exe |
"{320FC8FB-33D3-4E69-BA2A-2146A542EC40}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{328E5D2D-5EA8-4E7E-999F-9F14C21ECE13}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper elite v2 demo\bin\sniperelitev2demo.exe |
"{343436C9-FECA-49D5-B542-4D9B8D23AE71}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{3713DD01-E0C1-40F8-B605-268E3A2E1EDD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{38519B1A-8CA9-46F0-877F-0C69387A7874}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{38E02D95-5242-4C7F-9AA3-FBE1688F7F83}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lord of the rings online\turbineinvoker.exe |
"{3A397540-2C9D-4FAF-B037-18E630AF174D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\awesomeash1\counter-strike source\hl2.exe |
"{3AC61F3F-B153-4947-9F94-E9D515BB6EFA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ftl faster than light\ftlgame.exe |
"{3C047124-53D4-418C-A1BB-D05444C5B0AF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supercratebox\supercratebox.exe |
"{3CDA63F4-5BDB-4E54-91AF-4FCC10FFEF26}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\bin\pblauncher.exe |
"{3D0822CC-3DF5-49BA-B284-FA5B147F019A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{3E6C4384-5086-49E7-8D93-7598471D35BD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{3E97319F-5D95-4BAC-9B75-6E8D13847316}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ava\reactor.exe |
"{3F5A4837-BABC-4AA7-A80F-21863FA3952C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold kingdoms\strongholdkingdoms.exe |
"{3F9731DC-02B6-4DA4-BAF9-9592152A7434}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\hirezbridge.exe |
"{42C27510-7657-460A-B648-279C3BA55EDF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{437D722D-CFD2-45F8-81DD-4CCB36B657A7}" = protocol=17 | dir=in | app=e:\common\epsonnet setup\eneasyapp.exe |
"{4674B10C-6044-491D-91BA-3A5A1B7B967E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third - initiation station\initiationstation.exe |
"{4728655F-F62E-4890-9EC5-C815A298B3E4}" = protocol=17 | dir=in | app=c:\program files (x86)\jawbone\jawboneupdater.exe |
"{4845F737-A8A6-4842-963A-2AAD5237A0AB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gamemaker_studio\gamemakerplayer.exe |
"{487AFA8B-7B6D-4AAE-AD70-4BEA5A362652}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{49989F4B-D464-4112-87A6-43812A0A7622}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{4A562DB9-5FE4-485E-841C-9D76C59C28E0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{4B7F247C-096E-4369-A8D4-F67B743777E6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lord of the rings online\turbineinvoker.exe |
"{4C9A287F-DDB5-4CEB-B03A-4DA99CD5853B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{4F0BDFF2-A024-4DA2-8B4A-0D41C14309E3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4FC83DDD-B5E1-4068-9A23-035E4AD5AE18}" = protocol=6 | dir=out | app=system |
"{506A9BF1-6317-433B-A74E-2132BD3AE6A4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{508B5B68-00AC-4501-A8AF-8B6CDE8A1FA6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{519EFD33-A8F8-44C7-A069-A70FF29A6234}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallen earth f2p\feupdater.exe |
"{52526AC3-BB1A-44EC-B9FA-D02236851E72}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ftl faster than light\ftlgame.exe |
"{52756C02-F912-4FD7-9AA5-87A34ABD40AD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{5378750C-C40B-40ED-A19F-8B7CA59F174D}" = protocol=17 | dir=in | app=e:\common\epsonnet setup\eneasyapp.exe |
"{53FF6420-9AE9-4142-8F6B-1FF62277A798}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold kingdoms\strongholdkingdoms.exe |
"{571A0DA1-7F24-473D-95C9-B6F5DCDFFC69}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magic the gathering tactics\launchpad.exe |
"{5971A864-7E89-459D-BA22-C05167DB9B2E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ftl faster than light\ftlgame.exe |
"{599034C0-47E2-475C-B480-5FEA437CFBF8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\awesomeash1\garrysmod\hl2.exe |
"{608830E3-4525-4707-A65E-AAC451132372}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause demo\jcsetup.exe |
"{60C9F0E7-A8FE-4C0B-8706-64FB5451A9FE}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{640BAEE5-6810-49C6-8A1F-A813F07359FB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dfo\nxsteam.exe |
"{64A1090E-C962-426D-883F-1B808FA6335B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{64CB5FAB-ABE8-404D-B52E-EC17CB15DE33}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{654DF119-F063-4290-82E9-3C58012B1F80}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maplestory\nxsteam.exe |
"{6882B897-BCF1-49AB-BF5C-1D4C8CC0F2B6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\awesomeash1\counter-strike source\hl2.exe |
"{693CC688-2030-4B8D-A254-FC935783D787}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{6BD18D8E-D873-4C60-97F8-804B1114818C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6CA77C60-4E59-4A65-9415-5A21A7A83EF9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{6D12E226-A3AC-4562-BCE3-6507EF590505}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\bin\pbclient.exe |
"{6FE467AF-EEE1-4FA1-8AA7-11E66B5321D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\awesomeash1\garrysmod\hl2.exe |
"{70617889-BA69-477F-ADA0-0844174848EF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{70B540A2-1306-4034-AFE1-517CF964703A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem forever\system\dukeforever.exe |
"{74F2BCE1-A664-4704-8858-595F947C6969}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{767AD04D-DEDC-44CF-A8A1-8261D4FE520E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{769DE5B8-C3D0-4687-A23B-5619E270FA1D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{76ED6144-E1CD-42C4-8684-0610C7D19E18}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{773BE54C-D6C9-4C40-8CD8-E93592B0EDEA}" = protocol=6 | dir=in | app=c:\program files (x86)\jawbone\jawboneupdater.exe |
"{77635588-9DE5-40FE-BF89-E1C6821F5DC2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem forever\system\dukeforever.exe |
"{778596A1-6F82-46E0-90F6-92ACFB8C8AA4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maplestory\nxsteam.exe |
"{7804B91E-F10D-473C-81CA-D976F0414192}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\hirezbridge.exe |
"{791077C2-119B-483E-ACC9-A0ED846C0768}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{79FC93B9-48E4-4A54-9357-E3751CEE1A42}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{7B695840-0AC7-4964-A19E-A45808B3C48C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{7CAE7A20-9EA6-401D-8E3B-134D3C4E7451}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7D1AA76D-D01D-4AAB-850D-EB4BDE4827DA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dfo\nxsteam.exe |
"{7D6EB02A-4EC7-4245-B66B-4F03F9003E3F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\awesomeash1\counterstrike source beta\hl2.exe |
"{811FB8A6-8B1F-48FB-B563-FC1E9FAE1215}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{8777A1A6-D132-4F71-A723-1FA7786C57D6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallen earth f2p\feupdater.exe |
"{88037A1F-1BD6-46F1-8AA3-2E3BE9E122CD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magic the gathering tactics\launchpad.exe |
"{8A92CE7E-8F69-4670-8574-771DC6698F0C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ava\reactor.exe |
"{8B30F043-FDEC-4AA9-A158-BE3F56D8D8AD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sleepingdogsdemo\hkship.exe |
"{8D03E92B-4B7C-44B4-AF70-A6A9CB1DFDA1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{8D87E0FE-0988-4935-84A8-3A62556F3D64}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\awesomeash1\garrysmod\hl2.exe |
"{8ED6A9F3-4780-43C1-8198-910454222BEF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sleepingdogsdemo\hkship.exe |
"{90E62F86-9EA4-486F-991C-1AAD4CE12F55}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem forever\system\dukeforever.exe |
"{90E94C3A-5159-44BE-A429-FF08E3346AEB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{975445DF-0224-4E02-AD70-9702376111CB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{98E1BC26-85EF-4C15-8F6E-368486FF441D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gamemaker_studio\gamemakerplayer.exe |
"{99BCD69E-30F5-4DD0-91E9-A83275392677}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third - initiation station\initiationstation.exe |
"{9BE86217-3460-4A87-9544-FFC4149A2615}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause demo\justcausedemo.exe |
"{9FBE298A-CFB0-497D-840F-54662F64F6B7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A27366E6-A795-4171-AE71-5EE310A83BF4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\launcher.exe |
"{A29FC8F0-1BE8-4E2C-BAAA-C6BF97A428C0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{A30C24A9-9E23-4F05-9AF2-4CC9F2ECB24A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A4D6A86C-C288-48A8-B171-C2BBAECDCEEF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A72B8C66-BE7B-40D5-8E0E-8759754484B7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maplestory\nxsteam.exe |
"{A756E29B-CEDB-4E62-B38A-557307DED7F8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\intrusion 2\intrusion2.exe |
"{A91205EB-7358-47F4-9F65-6610AA56001B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\bin\pblauncher.exe |
"{ACE961DC-6C7E-4CBA-A609-659C4AF52370}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\engine.exe |
"{AFC67076-1385-453D-AF5C-60E36CFA1563}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 demo\justcause2.exe |
"{B132E7E4-C652-4FD8-8083-2F3A985AAFAA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{B18661A5-588E-4BC7-8715-BF99F60CCC6B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{B2D7A1BC-C83B-48BA-8C86-DBB14E7C166A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe |
"{B3C3BB09-8B8C-4CB8-BB59-4C71E3C66E47}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B594B026-E770-44BE-80BE-5CD09380A00B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B5D74278-E66F-4D65-9E63-DCA188F62DA9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{B66477E3-DC43-4DF2-BCF9-0866305E360E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem forever\system\dukeforever.exe |
"{B8E4DA17-2712-4624-994F-6B6E3A1682D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sleepingdogs\hkship.exe |
"{B99B7405-E438-439D-83AE-8ABC2DC64F47}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{BCBA15CA-0969-46F7-A29E-5EE91AD202AE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{BE9E044E-FC52-4E2C-856B-A24724CEC783}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\intrusion 2\intrusion2.exe |
"{C2C3D9B9-AE16-4431-A290-CC544DE1932E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 demo\justcause2.exe |
"{C33CCBE8-BEF4-41F2-B726-7B565AEBB884}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{C4769E25-37B8-4176-962E-BF8508250AA5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{C5E78B2B-B00C-46CE-878A-F65CA6A1DBF6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{C64D5B70-7B2A-4F86-9929-7AD945892011}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{C651E919-0B50-442D-B2BD-99A51AE309BB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{C66CAA67-4F13-4B71-A08C-1645B0513CCF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe |
"{C69DC940-E96A-4ECD-B169-ACBA69C6C6C6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\uberlauncher.exe |
"{C982BA05-4AF0-41C7-8B74-733D4858548C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third - initiation station\initiationstation.exe |
"{CC0EE09B-BC19-4250-A534-C1A9C24B68DF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\awesomeash1\garrysmod\hl2.exe |
"{CC5C5C1C-3044-4E31-9FA2-C6AC7434C596}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bully scholarship edition\bully.exe |
"{CE89A4BA-178C-4126-A4A0-CFACEA0C1D95}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{D105D3BA-A39B-43B5-83F4-2C760D49CD06}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D113598F-A224-435A-9485-3A53B6A716E7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D36DCF5C-3848-49FB-B903-014684DA87CE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{D7AE4312-E0D3-4C45-B425-2267D5520468}" = protocol=6 | dir=in | app=e:\common\epsonnet setup\eneasyapp.exe |
"{D96AA791-0DB4-4A0D-92AA-2024520195A1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{DB6E9EC3-874A-4213-B9CB-2A95FE7A4C73}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DC1833A4-DFA1-4182-A68C-BFA36A85B3A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DD7CD2CA-5991-4053-9F8C-30CECDA2ED3B}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{E049FF5F-01A1-47C4-8C42-EE45DC63D00A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause demo\jcsetup.exe |
"{E17F5B4D-8031-4282-B9F0-423C28607CA4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\awesomeash1\counterstrike source beta\hl2.exe |
"{E255781A-424B-478F-BE84-C70C0C79544A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E37285A8-63BC-4EEE-A11D-8DED831C711B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E3AE81A8-2969-4DF6-A50D-1514216F7BB1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E542AB76-3EA9-4261-9DAC-064E101E5458}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E6B0EF51-00A0-4BC8-8249-D6D366A96D6E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{E98B756B-A014-45DB-BB24-1DE27B6912FC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\launcher.exe |
"{EC161E53-B26A-451E-97B9-2BC1CB0D1F3A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{F285D7E2-516D-47BA-B16F-425109F46188}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{F3991C6C-F84C-4C1E-92E2-F37462708EC3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F4BC0100-EA71-44F6-B0A8-ED0ABBDC3C8F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\awesomeash1\counter-strike source\hl2.exe |
"{FA400044-0200-4F4A-BA4A-4CA6FE3C5B2E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\bin\pbclient.exe |
"{FA74A5EE-40D4-4B3E-BA53-B109C71480A1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ftl faster than light\ftlgame.exe |
"{FAF58579-C55F-49EC-B854-ED95163DD195}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe |
"{FF80BD3A-FE9E-4624-8CF2-90B75D66E6B2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe |
"TCP Query User{31830F24-1673-4906-BE74-DDE9A9029F28}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{3390880F-E1D1-42A8-9E34-4CD9761C7F76}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"TCP Query User{359906F9-8CC7-432F-B617-9CA2C6500665}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{3CB5C08E-CAA9-49CB-B26A-A0740E1796B2}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe |
"TCP Query User{3FEB676D-AF37-43C4-A187-3D1B4BBEFB29}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"TCP Query User{46EDF288-57C5-4F42-9AA7-B0EB0716E438}C:\program files (x86)\steam\steamapps\awesomeash1\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\awesomeash1\team fortress 2\hl2.exe |
"TCP Query User{4AF07DA0-2022-4656-B975-09BC72852FD5}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe |
"TCP Query User{586469EF-6837-43CF-B6F3-9E74E4BD7CE8}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{5C79B191-264E-4FA0-9119-38F77E4F41FC}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{6AB18BD7-1DCB-4936-8880-714448B06BC8}C:\program files (x86)\steam\steamapps\awesomeash1\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\awesomeash1\team fortress 2\hl2.exe |
"TCP Query User{6FC44C48-6E5C-4AC1-AE08-A2039371DBEB}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"TCP Query User{761411DC-8F06-41E0-A5DD-87D1149FFB67}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{7767C916-F004-43CF-9CD4-2A9BD76E434F}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{7E4265AB-6C9B-40F4-83EC-6B48A74BBAF2}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"TCP Query User{99A7F4B6-038F-4DAA-B75C-ED34BCBA52F5}C:\program files (x86)\six networks\play withsix\tools\bin\rsync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\six networks\play withsix\tools\bin\rsync.exe |
"TCP Query User{A0F2C8DE-4DD0-43DC-B64A-A3053B9A80FD}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{A6D12210-7223-4112-B26E-F8F1C339AE60}C:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"TCP Query User{AB774569-EEC4-4B02-B5CF-D61B98BE2394}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe |
"TCP Query User{B8CA669D-E0B0-4584-8E50-5E1354BCCAB0}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{C1578DDC-EF57-41EB-99E7-945055FD9643}C:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"TCP Query User{C3299069-FB6A-479C-A570-A87ADFE44A98}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{C4FB3FA0-1277-4F37-A600-85FBB0A5003F}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"TCP Query User{E6EB8BEA-E9A6-41C3-B82E-B733FEA1467B}C:\users\penny\appdata\local\mediaget2\mediaget.exe" = protocol=6 | dir=in | app=c:\users\penny\appdata\local\mediaget2\mediaget.exe |
"TCP Query User{EEDEBDF4-50EA-4619-A577-9DA188C7CAD2}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{FFF394BD-4369-499C-8185-3FD6B09F9D4B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{01A25B61-6497-47EC-A878-C7CA4CAD548C}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{0A08C216-25E7-4776-8ACC-64B048DCCB58}C:\program files (x86)\steam\steamapps\awesomeash1\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\awesomeash1\team fortress 2\hl2.exe |
"UDP Query User{0D8E86A4-AA63-4AA7-9057-A7F60AC55552}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"UDP Query User{0EDDE717-E0EC-43DC-B5D4-3D302D92DDF0}C:\program files (x86)\steam\steamapps\awesomeash1\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\awesomeash1\team fortress 2\hl2.exe |
"UDP Query User{0FB5ED6A-CFE3-4ADD-A2B4-6AB8A8651DC0}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{12105038-3FEA-4930-A5BF-641717A51883}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"UDP Query User{26D1DFD4-D89E-4C04-BB9E-F0170A26E800}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"UDP Query User{39EB655C-0388-472D-949C-AF39E7FBC91C}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"UDP Query User{4B7564BC-00EA-4534-8279-FCE4BC2BAED7}C:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"UDP Query User{4BB87950-2483-4E0F-9E39-B07982F60D73}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{56B7766A-FF65-4D53-878D-8C2FC8F565A1}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe |
"UDP Query User{5F9219C2-AD85-4A0D-9591-3E9AAE904E60}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{6E5324A6-9853-4414-9D5E-5D981D487548}C:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"UDP Query User{71DA61EA-22A7-43BE-A1E7-6C0EBCF08411}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe |
"UDP Query User{8ED95C4B-94BC-415E-A62B-C95FBFFE894B}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{934B6A89-5B48-4309-A790-168ECF50C96C}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{96AC8026-03A0-4A31-8E6D-6A0152603119}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{96DEAB0A-DF85-48FC-B643-76E228A36DE8}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{9E40E9C4-3A3F-42B8-B7AF-EF819E0ECF5F}C:\users\penny\appdata\local\mediaget2\mediaget.exe" = protocol=17 | dir=in | app=c:\users\penny\appdata\local\mediaget2\mediaget.exe |
"UDP Query User{A73A28EF-C408-4070-8C31-3DE0A152E746}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"UDP Query User{C8EAF1C8-93A7-4AB0-88B6-06E5F5A33A47}C:\program files (x86)\six networks\play withsix\tools\bin\rsync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\six networks\play withsix\tools\bin\rsync.exe |
"UDP Query User{D66B2409-DCF2-4AD2-97E7-8A9628DCE457}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{DAAB352D-E2DC-4BBF-9E11-D99A416A6AC0}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe |
"UDP Query User{FA8BF57B-AF8E-4388-AA90-F6926418C10F}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{FC05F21A-A174-49ED-A55F-0CAE08A6CE61}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{02E5BCCA-317C-418F-9E06-42526E050829}" = Windows Live Family Safety
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{698EAE05-09DE-47D0-9586-29E41A0934DD}" = Windows Live Family Safety
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8832CAA2-4934-4916-A8BF-A9A51C6B58B3}" = Windows Live Family Safety
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BFBE6E95-5724-47EC-85A0-74D436AD938F}" = Windows Live Family Safety
"{C61D639C-3A1B-4654-901F-08927C804321}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 8.0.5.1_WHQL
"EPSON NX230 Series" = EPSON NX230 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common
"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19EA33FB-B34E-40EA-8B8A-61743AEB795A}" = Wireless Console 3
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3544DED1-07DB-40C0-98F3-435A6DA195C7}" = Google SketchUp 8
"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4221094E-82B8-43C4-94F4-A6760FC1842A}" = H&R Block Premium + Efile + State 2011
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{524AC636-ADC4-4E42-B149-D0B6B5F4D24A}" = Garmin BaseCamp
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5dfd64a7-81dd-45a9-9874-1fe13b7f4d56}_is1" = PinPhotoZoom
"{5EECEB40-3EE2-4762-872D-264346A26B84}_is1" = Rubber Ninjas Demo 1.05
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{64BA551C-9AF6-495C-93F3-D1270E0045FC}" = Epson Connect
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E1CB0F1-67BF-4052-AA23-FA22E94804C1}" = InstallIQ Updater
"{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker
"{916B2871-EB8A-4744-8880-AE0019823835}" = H&R Block North Carolina 2011
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}" = Wizard101
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.5)
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D81F39D4-FDA9-4356-92B1-16081D8BF71A}" = Pokémon Trading Card Game Online
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E77FE33E-DD32-4916-8728-F7757EEECB5F}" = Play withSIX
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5575DD6-8112-45A6-8FFA-C7249C3D8E1F}" = ASPCA Reminder by We-Care.com v4.1.19.1
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F992409C-9D10-4AE2-BAEB-B5409AD3785E}" = 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文)
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = The Lord of the Rings Online™ v03.07.01.8015
"7-zip" = 7-zip v9.20
"8BF93FA7EFE844559C46F20AB44C5004_is1" = Free Media Pack version 1.7
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"AsusScr_K3 Series_ENG" = AsusScr_K3 Series_ENG
"BattlEye for OA" = BattlEye for OA Uninstall
"BLACKSHADES" = Black Shades (remove only)
"Blockade Runner0.71.0c" = Blockade Runner
"Cisco Connect" = Cisco Connect
"EPSON Scanner" = EPSON Scan
"Google Chrome" = Google Chrome
"Hard Time" = Hard Time
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"Jawbone Updater" = Jawbone Updater
"LAGARITH" = Lagarith lossless video codec (Remove Only)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 15.0 (x86 en-US)" = Mozilla Firefox 15.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NaturalMotion endorphin_is1" = NaturalMotion endorphin 2.7.1
"NAV" = Norton AntiVirus
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Protected Search_is1" = Protected Search 1.1
"Steam App 102700" = Alliance of Valiant Arms
"Steam App 104700" = Super Monday Night Combat
"Steam App 105600" = Terraria
"Steam App 113420" = Fallen Earth
"Steam App 12200" = Bully: Scholarship Edition
"Steam App 17080" = Tribes: Ascend
"Steam App 201190" = Magic: The Gathering – Tactics
"Steam App 202170" = Sleeping Dogs™
"Steam App 210470" = Sniper Elite V2 Demo
"Steam App 212500" = The Lord of the Rings Online™
"Steam App 212680" = FTL: Faster Than Light
"Steam App 214850" = GameMaker: Studio
"Steam App 214970" = Intrusion 2
"Steam App 218230" = PlanetSide 2
"Steam App 219540" = ARMA 2: Operation Arrowhead Beta
"Steam App 240" = Counter-Strike: Source
"Steam App 24240" = PAYDAY: The Heist
"Steam App 260" = Counter-Strike: Source Beta
"Steam App 33900" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 35110" = Just Cause 2 Demo
"Steam App 4000" = Garry's Mod
"Steam App 4010" = Garry's Mod 13 Beta
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 47410" = Stronghold Kingdoms
"Steam App 55230" = Saints Row: The Third
"Steam App 55370" = Saints Row: The Third - Initiation Station
"Steam App 57900" = Duke Nukem Forever
"Steam App 620" = Portal 2
"Steam App 65800" = Dungeon Defenders
"Steam App 6930" = Just Cause Demo
"Steam App 730" = Counter-Strike: Global Offensive
"TmNationsForever_is1" = TmNationsForever
"Ultima Online Classic" = Ultima Online Classic Client
"VLC media player" = VLC media player 2.0.0
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 15.0.1 (x86 en-US)" = Mozilla Firefox 15.0.1 (x86 en-US)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player for Allen
"FoxTab PDF Creator" = FoxTab PDF Creator
"RivalGaming" = RivalGaming
"SOE-Clone Wars" = Clone Wars
"SOE-Free Realms" = Free Realms
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/26/2013 5:12:28 PM | Computer Name = Penny-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13488923

Error - 1/26/2013 5:12:29 PM | Computer Name = Penny-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/26/2013 5:12:29 PM | Computer Name = Penny-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13489922

Error - 1/26/2013 5:12:29 PM | Computer Name = Penny-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13489922

Error - 1/26/2013 5:12:30 PM | Computer Name = Penny-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/26/2013 5:12:30 PM | Computer Name = Penny-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13490920

Error - 1/26/2013 5:12:30 PM | Computer Name = Penny-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13490920

Error - 1/26/2013 5:12:31 PM | Computer Name = Penny-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/26/2013 5:12:31 PM | Computer Name = Penny-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13491918

Error - 1/26/2013 5:12:31 PM | Computer Name = Penny-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13491918

[ System Events ]
Error - 1/25/2013 10:10:42 PM | Computer Name = Penny-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 1/26/2013 9:44:17 AM | Computer Name = Penny-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Defender service hung on starting.

Error - 1/26/2013 9:46:42 AM | Computer Name = Penny-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.

Error - 1/26/2013 9:48:43 AM | Computer Name = Penny-PC | Source = Service Control Manager | ID = 7022
Description = The Intel(R) Management and Security Application User Notification
Service service hung on starting.


< End of report >
Perkypen
Regular Member
 
Posts: 180
Joined: February 9th, 2005, 12:07 pm
Location: Catawba, NC

Re: Firefox locking up.

Unread postby askey127 » January 27th, 2013, 8:22 am

perkypen,
Microsoft Office Plus is a business program. Where did you get it?
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

Java 7 Update 7 (64-bit)

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
----------------------------------------------
Perform a Custom Fix with OTL
Run OTL (Right click and choose "Run as administrator" in Vista/Win7)
  • In the Custom Scans/Fixes box at the bottom, paste in the following lines from the Code box (Do not include the word "Code"):
    Code: Select all
    :Commands
    [CREATERESTOREPOINT]
    :OTL
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=axl&ch ... =156910436
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q= {searchTerms}
    IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    IE - HKLM\..\SearchScopes\{7F7F418D-377B-71D0-9040-0B6F8134CAE0}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q= {searchTerms}
    IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.babylon.com/?affID=110790 ... 2f6866a66b
    IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\..\URLSearchHook: - No CLSID value found
    IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\..\URLSearchHook: {9d0f7eb2-452d-4766-b535-8d23e36c300e} - No CLSID value found
    IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\..\SearchScopes\{7F7F418D-377B-71D0-9040-0B6F8134CAE0}: "URL" = http://search.babylon.com/?q= {searchTerms}&affID=110790&tt=3612_8&babsrc=SP_ss&mntrId=2484ebdd000000000000742f6866a66b
    IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\..\SearchScopes\{C2DEED75-7FDC-4C6B-A115-333EC3EB00FE}: "URL" = http://search.conduit.com/ResultsExt.aspx?q= {searchTerms}&SearchSource=4&ctid=CT3237160
    IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\URLSearchHook: - No CLSID value found
    IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
    IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\URLSearchHook: {9d0f7eb2-452d-4766-b535-8d23e36c300e} - No CLSID value found
    IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\SearchScopes,BrowserMngrDefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q= {searchTerms}&affID=110795&tt=3512_1&babsrc=SP_ss&mntrId=2484ebdd000000000000742f6866a66b
    IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/mdickie/ {8A43B5A1-FC00-4FF7-BB7E-A3BC0785E122}?q={searchTerms}
    IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q= {searchTerms}
    IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q= {searchTerms}
    IE - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\SearchScopes\{C2DEED75-7FDC-4C6B-A115-333EC3EB00FE}: "URL" = http://search.conduit.com/ResultsExt.aspx?q= {searchTerms}&SearchSource=4&ctid=CT3237160
    CHR - default_search_provider: search_url = http://start.funmoods.com/results.php?f=4&q= {searchTerms}&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzzyCyC0AyCyC0B0E0B0D0DtN0D0Tzu0CtByDyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=156910436
    CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.8_0\BabylonChromeToolBar.dll
    CHR - plugin: Wajam (Enabled) = C:\Users\Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
    O3 - HKU\S-1-5-21-2404180575-613936789-2187745631-1000\..\Toolbar\WebBrowser: (no name) - {9D0F7EB2-452D-4766-B535-8D23E36C300E} - No CLSID value found.
    O3 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
    O3 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003\..\Toolbar\WebBrowser: (no name) - {9D0F7EB2-452D-4766-B535-8D23E36C300E} - No CLSID value found.
    O4 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart File not found
    O4 - HKU\S-1-5-21-2404180575-613936789-2187745631-1003..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1 File not found
    :Reg
    [-HKEY_CURRENT_USER\Software\cks\mainform]
    :Files
    C:\Windows\tasks\PC Optimizer Pro64 startups.job
    C:\Users\Allen\AppData\Roaming\IObit
    C:\Users\Allen\AppData\Roaming\Iminent
    C:\Users\Allen\AppData\Roaming\WeatherBug
    C:\Users\Default\AppData\Roaming\IObit
    C:\Users\Default User\AppData\Roaming\IObit
    C:\Users\Penny\AppData\Roaming\IObit
    ipconfig /flushdns /c
    :Commands
    [emptyjava]
    [emptyflash] 
    [EMPTYTEMP]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, and click to allow the Reboot when it is done.
    When the computer Reboots, and you start your usual account, a Notepad text file will appear.
  • Copy the contents of that file and post it in your next reply.
    The FIX log file will also be available and named by timestamp here: C:\_OTL\Moved Files\mmddyyyy_hhmmss.log

----------------------------------------------
After posting the Resulting log, Please Rescan as follows:
Open OTL again and click the Quick Scan button. Post the new log it produces, OTL.txt, in your next reply.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Firefox locking up.

Unread postby Perkypen » January 27th, 2013, 10:43 am

Microsoft office was provide to us from the college. I was able to download it and give a product key for it.

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F7F418D-377B-71D0-9040-0B6F8134CAE0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7F7F418D-377B-71D0-9040-0B6F8134CAE0}\ not found.
HKU\S-1-5-21-2404180575-613936789-2187745631-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Backup.Old.Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{9d0f7eb2-452d-4766-b535-8d23e36c300e} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d0f7eb2-452d-4766-b535-8d23e36c300e}\ not found.
Registry key HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7F7F418D-377B-71D0-9040-0B6F8134CAE0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7F7F418D-377B-71D0-9040-0B6F8134CAE0}\ not found.
Registry key HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C2DEED75-7FDC-4C6B-A115-333EC3EB00FE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C2DEED75-7FDC-4C6B-A115-333EC3EB00FE}\ not found.
Registry key HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1003\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1003\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}\ not found.
Registry key HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1003\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d0f7eb2-452d-4766-b535-8d23e36c300e}\ not found.
Unable to set value : HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E!
Registry key HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1003\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found.
Registry key HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1003\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1003\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}\ not found.
Registry key HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1003\Software\Microsoft\Internet Explorer\SearchScopes\{C2DEED75-7FDC-4C6B-A115-333EC3EB00FE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C2DEED75-7FDC-4C6B-A115-333EC3EB00FE}\ not found.
Use Chrome's Settings page to remove the default_search_provider items.
File C:\Users\Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.8_0\BabylonChromeToolBar.dll not found.
File C:\Users\Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll not found.
Registry value HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{9D0F7EB2-452D-4766-B535-8D23E36C300E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D0F7EB2-452D-4766-B535-8D23E36C300E}\ not found.
Registry key HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\ not found.
Registry key HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D0F7EB2-452D-4766-B535-8D23E36C300E}\ not found.
Registry key HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1003\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\S-1-5-21-2404180575-613936789-2187745631-1003\Software\Microsoft\Windows\CurrentVersion\Run not found.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\cks\mainform\ not found.
========== FILES ==========
C:\Windows\tasks\PC Optimizer Pro64 startups.job moved successfully.
C:\Users\Allen\AppData\Roaming\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Users\Allen\AppData\Roaming\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Users\Allen\AppData\Roaming\IObit folder moved successfully.
C:\Users\Allen\AppData\Roaming\Iminent\Mediator\Datas folder moved successfully.
C:\Users\Allen\AppData\Roaming\Iminent\Mediator folder moved successfully.
C:\Users\Allen\AppData\Roaming\Iminent folder moved successfully.
C:\Users\Allen\AppData\Roaming\WeatherBug folder moved successfully.
C:\Users\Default\AppData\Roaming\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Users\Default\AppData\Roaming\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Users\Default\AppData\Roaming\IObit folder moved successfully.
File\Folder C:\Users\Default User\AppData\Roaming\IObit not found.
C:\Users\Penny\AppData\Roaming\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Users\Penny\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\Penny\AppData\Roaming\IObit\Advanced SystemCare V5\Toolbox folder moved successfully.
C:\Users\Penny\AppData\Roaming\IObit\Advanced SystemCare V5\Log folder moved successfully.
C:\Users\Penny\AppData\Roaming\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Users\Penny\AppData\Roaming\IObit\Advanced SystemCare V5\Backup folder moved successfully.
C:\Users\Penny\AppData\Roaming\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Users\Penny\AppData\Roaming\IObit folder moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Penny\Downloads\cmd.bat deleted successfully.
C:\Users\Penny\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: Allen
->Java cache emptied: 214303 bytes

User: AppData

User: Default

User: Default User

User: Guest

User: Penny
->Java cache emptied: 31573 bytes

User: Public

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: Allen
->Flash cache emptied: 155449 bytes

User: AppData

User: Default
->Flash cache emptied: 56475 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 56990 bytes

User: Penny
->Flash cache emptied: 506 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: All Users

User: Allen
->Temp folder emptied: 117583402 bytes
->Temporary Internet Files folder emptied: 263323616 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 66876124 bytes
->Google Chrome cache emptied: 11434393 bytes
->Flash cache emptied: 0 bytes

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 123053 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 11272539 bytes
->Flash cache emptied: 0 bytes

User: Penny
->Temp folder emptied: 14105743 bytes
->Temporary Internet Files folder emptied: 39046419 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 80961121 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 143355666 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50467 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 714.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01272013_093335

Files\Folders moved on Reboot...
C:\Users\Penny\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Penny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Penny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Perkypen
Regular Member
 
Posts: 180
Joined: February 9th, 2005, 12:07 pm
Location: Catawba, NC

Re: Firefox locking up.

Unread postby Perkypen » January 27th, 2013, 11:16 am

OTL logfile created on: 1/27/2013 9:44:20 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Penny\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.78 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 52.03% Memory free
7.57 Gb Paging File | 5.65 Gb Available in Paging File | 74.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 440.76 Gb Total Space | 179.68 Gb Free Space | 40.77% Space Free | Partition Type: NTFS

Computer Name: PENNY-PC | User Name: Penny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/26 11:41:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Penny\Downloads\OTL.exe
PRC - [2013/01/10 21:26:28 | 000,699,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
PRC - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\ccsvchst.exe
PRC - [2012/01/09 09:09:56 | 001,556,128 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2011/12/06 15:21:36 | 000,101,544 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2011/10/25 07:48:07 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011/10/18 17:38:26 | 002,319,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2011/10/03 11:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
PRC - [2011/02/01 15:20:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 15:20:46 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/01/25 13:32:28 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010/10/12 12:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2010/10/07 16:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/08/17 16:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/07/10 00:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/11/02 16:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/06/19 12:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 12:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 19:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/13 23:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/26 08:49:37 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/01/26 08:49:02 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/01/26 08:48:40 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013/01/26 08:48:35 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/26 08:48:31 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/01/26 08:48:17 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/26 08:48:04 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/26 08:47:59 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/26 08:47:57 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/26 08:47:36 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2011/12/06 15:21:34 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/11/02 16:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 16:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2007/07/12 10:11:54 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/06/09 12:01:00 | 000,555,392 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV:64bit: - [2011/01/25 16:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2011/01/11 13:00:00 | 000,168,448 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:64bit: - [2011/01/11 13:00:00 | 000,131,072 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/16 18:07:42 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/01/26 22:30:01 | 000,045,056 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013/01/22 19:24:01 | 000,541,608 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/01/21 21:25:42 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/17 08:42:55 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2012/11/14 08:44:28 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012/09/23 10:54:24 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe -- (NAV)
SRV - [2012/06/07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/05 07:19:00 | 003,953,632 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011/02/01 15:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 15:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/05 21:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309000.009\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 21:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309000.009\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/06 23:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309000.009\ccsetx64.sys -- (ccSet_NAV)
DRV:64bit: - [2012/05/21 20:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309000.009\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/04/17 21:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309000.009\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/17 20:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309000.009\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/03/23 19:15:17 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 10:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/26 15:22:48 | 012,288,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/07/25 21:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309000.009\symds64.sys -- (SymDS)
DRV:64bit: - [2011/03/18 00:36:18 | 000,074,840 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/31 05:30:10 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/11/23 05:09:42 | 001,103,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/11/20 08:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/05 10:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/14 11:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/08/24 04:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/04/16 18:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/10/04 20:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/20 04:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/23 19:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/01/25 16:32:17 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20130126.007\ex64.sys -- (NAVEX15)
DRV - [2013/01/25 16:32:17 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20130126.007\eng64.sys -- (NAVENG)
DRV - [2013/01/24 16:31:08 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20130124.001_572\IDSviA64.sys -- (IDSVia64)
DRV - [2013/01/21 20:33:32 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/01/16 03:22:36 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20130116.013_53b\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/01/06 00:30:41 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/07/26 15:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 19:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=592
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=592
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si= ... ue&tid=592
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=592
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... ue&tid=592
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si= ... ue&tid=592
IE - HKCU\..\SearchScopes,DefaultScope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKCU\..\SearchScopes\{F0D60785-D3CA-4228-9390-AD0087CAA5DB}: "URL" = http://www.mysearchresults.com/search?&c=2636&t=03&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:4.0.4
FF - prefs.js..extensions.enabledAddons: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.5.1.20121012015120
FF - prefs.js..extensions.enabledAddons: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.1.1.5 - 2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\IPSFFPlgn\ [2013/01/25 18:56:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ntfdsaftsfdfdxx@mozilla.org: C:\Users\Penny\AppData\Roaming\Free Media Pack\extension_firefox.xpi [2012/09/08 20:46:14 | 000,049,469 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/25 18:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/25 18:56:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/09/16 09:50:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Penny\AppData\Roaming\Mozilla\Extensions
[2013/01/25 21:08:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Penny\AppData\Roaming\Mozilla\Firefox\Profiles\1rdw4rqh.default\extensions
[2012/12/02 15:04:04 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Penny\AppData\Roaming\Mozilla\Firefox\Profiles\1rdw4rqh.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012/10/20 08:02:08 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Penny\AppData\Roaming\Mozilla\Firefox\Profiles\1rdw4rqh.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/09/27 19:21:51 | 000,003,267 | ---- | M] () -- C:\Users\Penny\AppData\Roaming\Mozilla\Firefox\Profiles\1rdw4rqh.default\searchplugins\Web Search.xml
[2013/01/25 11:36:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/01/25 18:56:47 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\IPSFFPLGN
[2012/09/23 10:54:24 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/01/25 11:36:08 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/01/25 11:36:08 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/09/27 19:21:51 | 000,003,267 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Web Search (Enabled)
CHR - default_search_provider: search_url = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzzyCyC0AyCyC0B0E0B0D0DtN0D0Tzu0CtByDyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=156910436
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.8_0\BabylonChromeToolBar.dll
CHR - plugin: Wajam (Enabled) = C:\Users\Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (PinPhotoZoom) - {4a0c8953-9d4e-4790-b732-2b9fc9ebce05} - C:\Users\Penny\AppData\Roaming\PinPhotoZoom\64\AutocompletePro64.dll File not found
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKCU..\Run: [Desura] C:\Program Files (x86)\Desura\desura.exe (Desura Pty Ltd)
O4 - HKCU..\Run: [DW7] C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe (The Weather Channel)
O4 - HKCU..\Run: [Epson Stylus NX230(Network)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLA.EXE /FU "C:\Users\Penny\AppData\Local\Temp\E_S4CD8.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD04AFDA-8EE6-4120-8ADF-7DBB5FC4DE94}: DhcpNameServer = 24.178.162.3 66.189.0.100 24.217.201.67
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBB90AF4-61D5-41A7-BDBC-6766502E2BDB}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/27 09:33:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/01/27 09:21:43 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{AD3B3B3A-F530-407A-BE64-55F6936F70CA}
[2013/01/26 22:30:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BattlEye
[2013/01/26 11:38:26 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{8CF92DFD-2FE7-4EDF-AE05-9A7E94DB3E99}
[2013/01/25 21:01:47 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/01/25 21:01:27 | 000,000,000 | ---D | C] -- C:\JRT
[2013/01/25 17:02:24 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Roaming\ParetoLogic
[2013/01/25 17:01:54 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2013/01/25 16:43:34 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{3934DCD2-9A0C-4A0F-96B5-3161B4B7EF4B}
[2013/01/23 21:35:35 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Roaming\Malwarebytes
[2013/01/23 21:35:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/01/23 21:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/23 21:35:02 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\Programs
[2013/01/23 21:29:40 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{964B21FF-3AF2-4DB4-AF43-4A75CC323E6E}
[2013/01/22 20:13:42 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{791877E5-3AF1-4A01-98F5-B7033BE57106}
[2013/01/21 20:29:32 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{42D6E040-927D-47AD-8841-F3DD26E6D0A9}
[2013/01/21 19:54:11 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{E064F5D4-0514-44A6-9021-B10ABF98AE19}
[2013/01/21 06:56:30 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{70D7F539-2B66-4726-889A-30CDF433E3D9}
[2013/01/20 16:55:11 | 000,000,000 | ---D | C] -- C:\Users\Penny\Documents\My Games
[2013/01/20 14:54:31 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{9FBA1788-5328-40A9-9A31-F90C14134128}
[2013/01/19 21:26:36 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\Diagnostics
[2013/01/19 13:42:16 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{C6837B6C-28CE-4A23-B7EA-B47CCFC6EF33}
[2013/01/18 12:25:48 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\UberLauncher
[2013/01/13 17:14:47 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{2503582D-76BB-4F45-A7EE-04FFD2310884}
[2013/01/13 09:14:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Bohemia Interactive Studio
[2013/01/07 21:18:07 | 000,000,000 | ---D | C] -- C:\Users\Penny\Documents\EA Games
[2013/01/07 21:17:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2013/01/07 21:17:41 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2013/01/06 10:06:03 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{73B539B4-E236-4FB3-B770-F7445AEB5110}
[2013/01/01 21:31:33 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
[2013/01/01 21:31:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Project64 1.6
[2013/01/01 13:39:36 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/12/31 09:12:56 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{4563C9FC-8FC9-46D6-89A5-7EA28AA0C5B5}
[2012/12/30 20:25:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
[2012/12/30 20:25:41 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2012/12/30 20:25:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PopCap Games
[2012/12/29 21:26:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/12/29 08:18:04 | 000,000,000 | ---D | C] -- C:\Users\Penny\AppData\Local\{1481150F-FF1D-4F27-B0A6-27EC490B5E5B}

========== Files - Modified Within 30 Days ==========

[2013/01/27 09:45:15 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/27 09:45:15 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/27 09:41:14 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/27 09:38:04 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/27 09:37:57 | 000,000,632 | RHS- | M] () -- C:\Users\Penny\ntuser.pol
[2013/01/27 09:37:55 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2013/01/27 09:37:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/27 09:37:21 | 3046,805,504 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/27 09:25:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/27 09:20:36 | 000,001,477 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2013/01/26 23:03:00 | 000,000,260 | ---- | M] () -- C:\Windows\tasks\RGames Updater.job
[2013/01/26 21:19:44 | 625,618,795 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/01/26 08:38:34 | 000,417,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/25 22:15:38 | 000,804,224 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/25 22:15:38 | 000,681,660 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/25 22:15:38 | 000,130,236 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/25 22:15:32 | 000,804,224 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/25 20:39:34 | 000,002,257 | ---- | M] () -- C:\Users\Penny\Desktop\Google Chrome.lnk
[2013/01/20 09:54:13 | 000,828,671 | ---- | M] () -- C:\Users\Penny\AppData\Local\Tempmusic.ogg
[2013/01/07 21:17:43 | 000,000,949 | ---- | M] () -- C:\Users\Penny\Desktop\Ultima Online Classic Client.lnk
[2013/01/02 17:28:51 | 000,002,856 | ---- | M] () -- C:\{C88928C1-05D5-4AC6-A2AF-CC0EED284DCF}

========== Files Created - No Company Name ==========

[2013/01/07 21:17:43 | 000,000,949 | ---- | C] () -- C:\Users\Penny\Desktop\Ultima Online Classic Client.lnk
[2013/01/02 17:28:50 | 000,002,856 | ---- | C] () -- C:\{C88928C1-05D5-4AC6-A2AF-CC0EED284DCF}
[2013/01/01 13:39:06 | 625,618,795 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/11/12 13:31:41 | 000,828,671 | ---- | C] () -- C:\Users\Penny\AppData\Local\Tempmusic.ogg
[2012/09/16 10:43:38 | 000,000,063 | ---- | C] () -- C:\Windows\wininit.ini
[2012/09/11 18:49:57 | 000,033,958 | ---- | C] () -- C:\ProgramData\uninstaller.exe
[2012/09/08 20:45:34 | 000,000,093 | ---- | C] () -- C:\Users\Penny\AppData\Local\fusioncache.dat
[2012/09/08 06:13:46 | 000,021,036 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012/09/08 06:13:46 | 000,015,132 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012/09/08 06:13:46 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012/09/01 14:20:46 | 000,860,211 | --S- | C] () -- C:\Windows\SysWow64\XSIFtk-3.6.2.1.dll
[2012/08/11 19:46:54 | 000,000,071 | ---- | C] () -- C:\Windows\ENX230.ini
[2012/08/07 13:49:20 | 004,608,000 | ---- | C] () -- C:\ProgramData\ReadOnlyInstaller.msi
[2012/01/21 21:22:34 | 000,804,224 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/05 17:10:01 | 000,000,632 | RHS- | C] () -- C:\Users\Penny\ntuser.pol
[2011/10/25 07:47:06 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2011/07/26 15:20:38 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/26 15:14:32 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/07/26 14:50:58 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/05/08 22:28:03 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/05/08 22:27:56 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/08/11 09:30:07 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\.minecraft
[2011/12/26 08:54:18 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\ASUS WebStorage
[2012/08/12 12:34:58 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\Epson
[2012/12/02 15:50:32 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\Free Media Pack
[2012/09/09 12:01:42 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\Garmin
[2012/10/05 20:01:06 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\ijjigame
[2012/04/01 17:43:30 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\JawboneUpdater
[2012/08/11 20:05:36 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\Leadertech
[2012/09/08 20:46:39 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\Media Get LLC
[2012/09/16 10:27:54 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\NeopleLauncherDFO
[2011/12/25 10:38:27 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\Nuance
[2013/01/25 17:02:24 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\ParetoLogic
[2012/11/21 09:37:47 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\six-updater
[2012/07/22 17:52:22 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\six-zsync
[2012/02/04 11:19:23 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\TaxCut
[2012/08/11 12:35:56 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\TeamViewer
[2011/12/25 10:38:24 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\Zeon

========== Purity Check ==========



< End of report >
Perkypen
Regular Member
 
Posts: 180
Joined: February 9th, 2005, 12:07 pm
Location: Catawba, NC

Re: Firefox locking up.

Unread postby askey127 » January 27th, 2013, 12:21 pm

perkypen,
----------------------------------------------
Perform a Custom Fix with OTL
Run OTL (Right click and choose "Run as administrator" in Vista/Win7)
  • In the Custom Scans/Fixes box at the bottom, paste in the following lines from the Code box (Do not include the word "Code"):
    Code: Select all
    :Commands
    [CREATERESTOREPOINT]
    
    :OTL
    IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
    O4 - HKCU..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [EMPTYTEMP]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, and click to allow the Reboot when it is done.
    When the computer Reboots, and you start your usual account, a Notepad text file will appear.
  • Copy the contents of that file and post it in your next reply.
    The FIX log file will also be available and named by timestamp here: C:\_OTL\Moved Files\mmddyyyy_hhmmss.log

----------------------------------------------
Tell me how it's running.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Firefox locking up.

Unread postby Perkypen » January 27th, 2013, 5:41 pm

I had shut down after my post this morning. When I turned it back on it went to the window startup error and did some self repair....

FIrefox is opening up. I will test it, I have been using IE instead.

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
C:\Program Files\Java\jre7\bin\ssv.dll moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
C:\Program Files\Java\jre7\bin\jp2ssv.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
C:\Program Files (x86)\Java\jre7\bin\ssv.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AmIcoSinglun64 deleted successfully.
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Penny\Downloads\cmd.bat deleted successfully.
C:\Users\Penny\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Allen
->Temp folder emptied: 14765016 bytes
->Temporary Internet Files folder emptied: 46443571 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 12333 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 55544 bytes

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 53632 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 6997 bytes
->Temporary Internet Files folder emptied: 402 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 53632 bytes

User: Penny
->Temp folder emptied: 13954926 bytes
->Temporary Internet Files folder emptied: 19460832 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 33762855 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14120 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 123.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01272013_162450

Files\Folders moved on Reboot...
C:\Users\Penny\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Penny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Penny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Perkypen
Regular Member
 
Posts: 180
Joined: February 9th, 2005, 12:07 pm
Location: Catawba, NC

Re: Firefox locking up.

Unread postby Perkypen » January 27th, 2013, 7:52 pm

Firefox is acting much better. A little slow to open but no other issues.
Perkypen
Regular Member
 
Posts: 180
Joined: February 9th, 2005, 12:07 pm
Location: Catawba, NC

Re: Firefox locking up.

Unread postby askey127 » January 28th, 2013, 8:31 am

Perkypen,
Unless you have additional questions, I will consider that we are done.
If you start OTL and click the Clean Up button, it will remove itself and most of the tools we used.
You can delete the Junkware removal tool your self.
In the future, avoid adding any programs without researching them first.
In general, toolbars are for the benefit of the purveyor, not you. Any that you don't really need should be removed.

Good luck
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 499 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware