Pop up probem/slow internet and/or computer thanks for your help

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

Pop up probem/slow internet and/or computer thanks for your help

Post by fbriss on Fri 07 Dec 2012, 3:34 pm

OTL logfile created on: 12/6/2012 11:06:20 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fred\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

11.98 Gb Total Physical Memory | 6.49 Gb Available Physical Memory | 54.19% Memory free
23.96 Gb Paging File | 16.15 Gb Available in Paging File | 67.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.22 Gb Total Space | 732.30 Gb Free Space | 79.75% Space Free | Partition Type: NTFS
Drive O: | 48.82 Gb Total Space | 7.86 Gb Free Space | 16.10% Space Free | Partition Type: FAT32
Drive P: | 882.68 Gb Total Space | 607.26 Gb Free Space | 68.80% Space Free | Partition Type: NTFS

Computer Name: FRED-PC | User Name: Fred | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/06 23:04:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fred\Downloads\OTL(1).com
PRC - [2012/12/04 16:42:49 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/11/22 10:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/11/16 06:49:19 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
PRC - [2012/08/31 08:52:22 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/08/31 08:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/08/31 08:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/20 07:36:57 | 000,107,520 | ---- | M] () -- C:\Users\Fred\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
PRC - [2012/05/23 12:32:38 | 001,466,760 | ---- | M] (Garmin) -- C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
PRC - [2012/03/02 16:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
PRC - [2012/03/01 22:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
PRC - [2012/02/01 11:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
PRC - [2012/02/01 11:50:04 | 001,850,224 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
PRC - [2012/02/01 11:50:02 | 002,195,824 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
PRC - [2011/09/06 12:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/01 12:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010/09/13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/09/13 18:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/05/20 14:26:30 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX3000.exe
PRC - [2010/03/10 23:22:04 | 000,599,408 | ---- | M] (Citrix Systems, Inc.) -- C:\Users\Audrey\AppData\Local\Citrix\ICA Client\wfcrun32.exe
PRC - [2010/03/10 23:21:16 | 000,300,400 | ---- | M] (Citrix Systems, Inc.) -- C:\Users\Audrey\AppData\Local\Citrix\ICA Client\concentr.exe
PRC - [2010/03/10 16:26:30 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe


========== Modules (No Company Name) ==========

MOD - [2012/12/04 16:42:41 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/11/16 06:49:18 | 014,586,808 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
MOD - [2012/11/16 03:36:27 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\d1a34ee93168657925ce2cfc68d8b63c\IAStorUtil.ni.dll
MOD - [2012/11/16 03:36:27 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\54d19fac3bfc693f87db68571844895a\IAStorCommon.ni.dll
MOD - [2012/11/16 03:36:23 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\239d84cfdb9de9730c1efb43840ef2eb\System.Core.ni.dll
MOD - [2012/11/16 03:31:26 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll
MOD - [2012/11/16 03:31:16 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012/11/16 03:31:09 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll
MOD - [2012/11/16 03:31:02 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/16 03:30:58 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/16 03:30:56 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll
MOD - [2012/11/16 03:30:50 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012/11/16 03:30:47 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012/11/16 03:30:45 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/16 03:30:45 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012/11/16 03:30:42 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012/11/16 03:16:42 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\96b48b5a8f540eb1a0d4fac6441a5409\System.ServiceProcess.ni.dll
MOD - [2012/11/16 03:16:39 | 012,082,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\7f5730b64a58533bb9c64b231e1890b2\System.Web.ni.dll
MOD - [2012/11/16 03:16:35 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\0acdeb764dc3715299a163fba3c7bdaa\System.Runtime.Remoting.ni.dll
MOD - [2012/11/16 03:16:31 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\9c60b15ab785a079a19f264b2f67032b\System.Xml.Linq.ni.dll
MOD - [2012/11/16 03:16:13 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\739c5209c3538b3457c2f8f9ad196cbb\System.Xaml.ni.dll
MOD - [2012/11/16 03:09:59 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\960b6130c64f21d8f5d8d3eb183ae660\PresentationFramework.ni.dll
MOD - [2012/11/16 03:09:52 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\6053166746abce42f4c4432e0ec54fc7\PresentationCore.ni.dll
MOD - [2012/11/16 03:09:46 | 003,882,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\947466e2a04c48c43a8b255eb236ba71\WindowsBase.ni.dll
MOD - [2012/11/16 03:09:46 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\4a2b56d6031270f0fcf7388e4d787333\PresentationFramework.Aero.ni.dll
MOD - [2012/11/16 03:06:15 | 013,198,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ff1ceec110e2983a75c2c21f50274ac2\System.Windows.Forms.ni.dll
MOD - [2012/11/16 03:06:13 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\9d1f9ff307e93bb9929b2b11661623cb\System.Core.ni.dll
MOD - [2012/11/16 03:06:10 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e46c644e0ef0456434b32f3e91b56424\System.Xml.ni.dll
MOD - [2012/11/16 03:06:09 | 000,736,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\6ccb8e689f74af5209d9bd70c3717f3a\System.Security.ni.dll
MOD - [2012/11/16 03:06:08 | 001,666,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\20ce3ca371acfbe996c6a21b5469992d\System.Drawing.ni.dll
MOD - [2012/11/16 03:06:08 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\86f1e41236b3d404d65db53bd0374d1e\System.Configuration.ni.dll
MOD - [2012/11/16 03:06:07 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\aaf8a137263c899815f0acff07eb1562\System.ni.dll
MOD - [2012/11/16 03:06:04 | 014,417,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\031abbfbd476fdc0c392160b67f2c662\mscorlib.ni.dll
MOD - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2010/11/24 22:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe


========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/06/17 02:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2011/04/20 01:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/05/20 14:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/12/04 16:42:49 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/22 10:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/11/16 06:49:19 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/20 07:36:57 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Users\Fred\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
SRV - [2012/07/03 12:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/02 16:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012/03/02 16:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2011/09/28 19:57:52 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/09/13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/19 09:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.([You must be registered and logged in to see this link.] [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/09/19 09:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.([You must be registered and logged in to see this link.] [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/08/30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 09:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 09:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/17 16:26:48 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Running] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020200}_0)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/02 15:03:00 | 000,034,816 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2012/03/02 15:03:00 | 000,028,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2012/03/02 15:03:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/26 20:54:18 | 000,019,968 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\flashusb.sys -- (flashusb)
DRV:64bit: - [2011/09/28 21:36:58 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/09/28 21:36:58 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/07/27 13:48:14 | 000,014,952 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\iPodDrv.sys -- (iPodDrv)
DRV:64bit: - [2011/04/30 06:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/04/30 06:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/04/20 01:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 00:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/17 17:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/10/19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 20:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/14 07:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/06/08 07:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010/05/20 14:26:30 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VX3000.sys -- (VX3000)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/27 10:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/29 07:15:02 | 000,016,384 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtpt64.sys -- (LgBttPort)
DRV:64bit: - [2009/09/29 07:15:00 | 000,017,408 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgvmdm64.sys -- (LGVMODEM)
DRV:64bit: - [2009/09/29 07:15:00 | 000,014,848 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtbs64.sys -- (lgbusenum)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/05/14 15:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - No CLSID value found
IE - HKCU\..\URLSearchHook: {cce665dd-f6dd-4808-968e-eaec971f70ef} - No CLSID value found
IE - HKCU\..\URLSearchHook: {efb1e45a-148d-40f9-a3f0-09d5577f9970} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{1DFC7CD7-E451-47E5-8BD2-75656D41147C}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{7BE8F9C2-0112-4830-9038-98F1165CF7D0}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{C70A97CC-B227-46E2-9AC5-AE6028CA16B4}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..CT3101810.browser.search.defaultthis.engineName: true
FF - prefs.js..CT3198785.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultthis.engineName: "midicairus Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3184201&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "[You must be registered and logged in to see this link.]
FF - prefs.js..extensions.enabledAddons: %7B5D3F3872-91E9-4d59-AD9F-AA174A3145DD%7D:2.00
FF - prefs.js..extensions.enabledAddons: ffxtlbra%40softonic.com:1.6.0
FF - prefs.js..extensions.enabledAddons: autofillForms%40blueimp.net:0.9.9.0
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4
FF - prefs.js..extensions.enabledAddons: %7Bbb45ef8e-1e36-4535-a017-ec908fb1e335%7D:10.13.40.15
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0034-ABCDEFFEDCBA%7D:6.0.34
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3101810&SearchSource=2&q="
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@winzip.com/Winzip Courier: C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}: C:\Program Files\Logitech\ScrollApp\LogiSmoothFirefoxExt [2011/10/04 20:29:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{74c841e3-b59f-479e-8d7a-e26a942a87c8}: C:\Program Files (x86)\WinZip Courier\FFExt [2011/11/08 21:12:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/04 16:42:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/04 16:42:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{B4DC8AAD-D0EA-11E1-8270-B8AC6F996F26}: C:\Users\Fred\AppData\Local\{B4DC8AAD-D0EA-11E1-8270-B8AC6F996F26}\ [2012/07/18 10:10:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/04 16:42:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/04 16:42:38 | 000,000,000 | ---D | M]

[2011/11/01 20:05:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fred\AppData\Roaming\Mozilla\Extensions
[2012/11/30 22:57:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions
[2012/11/07 16:16:37 | 000,000,000 | ---D | M] (uTorrentBar_FR Community Toolbar) -- C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}
[2012/11/30 22:56:07 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012/11/16 06:18:41 | 000,000,000 | ---D | M] (Somoto) -- C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\{bb45ef8e-1e36-4535-a017-ec908fb1e335}
[2012/11/11 10:30:11 | 000,000,000 | ---D | M] (WhiteSmoke US) -- C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}
[2012/11/07 16:16:36 | 000,000,000 | ---D | M] (midicairus Community Toolbar) -- C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\{efb1e45a-148d-40f9-a3f0-09d5577f9970}
[2012/11/30 16:10:35 | 000,000,000 | ---D | M] (softonic.com) -- C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\ffxtlbra@softonic.com
[2012/08/17 15:07:09 | 000,021,674 | ---- | M] () (No name found) -- C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\addon@defaulttab.com.xpi
[2012/11/30 22:56:07 | 000,149,045 | ---- | M] () (No name found) -- C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\autofillForms@blueimp.net.xpi
[2012/12/04 16:42:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/12/04 16:42:38 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/12/04 16:42:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}
[2012/12/04 16:42:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/12/04 16:42:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2011/10/04 20:29:49 | 000,000,000 | ---D | M] (Logitech Scroll App) -- C:\PROGRAM FILES\LOGITECH\SCROLLAPP\LOGISMOOTHFIREFOXEXT
[2012/12/04 16:42:49 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/21 08:13:34 | 000,001,729 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2012/11/30 22:55:53 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/09/13 15:30:21 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/21 08:13:34 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/11/21 08:13:34 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2011/11/01 20:02:18 | 000,002,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
[2012/11/21 08:13:34 | 000,001,639 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/11/21 08:13:34 | 000,001,169 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Logitech Scroll App) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\ScrollApp\LogiSmooth.dll (Logitech, Inc.)
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Fred\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (WinZip Courier BHO) - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\Program Files (x86)\WinZip Courier\wzwmcie.dll (WinZip Computing, S.L.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Logitech Scroll App) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\ScrollApp\32-bit\LogiSmooth.dll (Logitech, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCE665DD-F6DD-4808-968E-EAEC971F70EF} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EFB1E45A-148D-40F9-A3F0-09D5577F9970} - No CLSID value found.
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [LogiScrollApp] C:\Program Files\Logitech\ScrollApp\KhalScroll.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [HKCU] C:\Users\Fred\AppData\Roaming\install\server.exe (Microsoft Corporation)
O4 - HKCU..\Run: [HP Officejet Pro 8600 (NET)] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2E9762D9-BC57-4F52-A351-758BF49E89BA}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b194a6ec-06d3-11e1-b8a2-180373ca4386}\Shell - "" = AutoRun
O33 - MountPoints2\{b194a6ec-06d3-11e1-b8a2-180373ca4386}\Shell\AutoRun\command - "" = K:\LaunchU3.exe
O33 - MountPoints2\{f6e29702-c214-11e1-9472-180373df3cec}\Shell - "" = AutoRun
O33 - MountPoints2\{f6e29702-c214-11e1-9472-180373df3cec}\Shell\AutoRun\command - "" = K:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {361BA88E-5FC4-2778-B6C4-25BC92A6A206} - Browser Customizations
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {50160E7C-09BE-0457-3929-5C0067316D15} - Microsoft Windows Media Player
ActiveX: {5FB7B2CC-614E-EF3D-7E16-CBC691710C94} - Themes Setup
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {67F75127-A7FF-A510-2A52-1442EDBA8BE5} - Microsoft Windows Media Player 12.0
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()

fbriss

Rookie Surfer
Rookie Surfer

Posts : 52
Joined : 2008-12-01
Operating System : XP

View user profile

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by fbriss on Fri 07 Dec 2012, 3:35 pm

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/12/05 19:49:56 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{522E44C7-52DA-4820-B8F1-404DAC3AE347}
[2012/12/05 07:49:45 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{688F0AAB-1D6C-4972-BB23-46376B5AEF20}
[2012/12/04 19:49:33 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{9321EE22-236D-435D-9866-F7B17683301B}
[2012/12/04 16:42:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/12/04 07:49:22 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{1B232E20-B358-4850-A596-7D5116D4143A}
[2012/12/03 19:49:10 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{4550AE31-4A34-4559-B46C-7E9668FF5413}
[2012/11/30 22:55:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/11/30 22:55:49 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Roaming\Babylon
[2012/11/29 06:51:14 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{8DCE6C80-586A-4303-B167-2BABCDBFF7C3}
[2012/11/28 17:51:51 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{EF03C883-4383-47F7-AA8F-17F8A16E6C8C}
[2012/11/27 06:28:15 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{69C74528-951F-409D-BBDB-5CC7BE11E136}
[2012/11/26 18:28:03 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{5DC5DD9E-6D45-47A4-A782-C09F02305C45}
[2012/11/26 06:27:52 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{F798FA9F-A1E1-4CAA-93FC-2059785792E0}
[2012/11/25 18:27:40 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{6004F810-2FDE-445F-A986-249472A1A3C5}
[2012/11/25 06:27:29 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{A37C8C8E-DEA7-4F4F-AD5C-8241DAB73615}
[2012/11/24 05:36:13 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{BD0C3399-E75C-426F-9876-8E4E421BFFD6}
[2012/11/23 10:02:49 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{7797536C-7FA8-41E4-9ECD-5A1398771772}
[2012/11/22 22:02:37 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{8B312F4D-E195-40B5-8301-90F6C6D4754D}
[2012/11/22 10:02:26 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{0434125E-8684-46F7-AA1E-A741E46CA01E}
[2012/11/21 22:02:14 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{349E8A81-F39E-46C0-A80A-8AB203F3A59B}
[2012/11/21 10:02:03 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{3376DEF1-21DD-497C-8FDA-836C29B67184}
[2012/11/20 22:01:51 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{3D6D3F47-269D-4D48-A17C-32C351DB412A}
[2012/11/20 10:01:39 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{DE6C860E-C039-4564-8396-A69DE8CC0139}
[2012/11/19 22:01:28 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{977C8766-91CF-421E-9256-6F846DB31C16}
[2012/11/19 10:01:16 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{067AB4BA-8AAA-4F1A-831D-C4513F73F535}
[2012/11/18 22:01:05 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{BBD20644-D616-46B5-ADA8-567768F40B41}
[2012/11/18 10:05:07 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{146ACDAB-C24B-4FCD-883B-79490C878E24}
[2012/11/18 10:01:17 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{E18A41A4-37BD-495A-95D2-B91DC02AD88D}
[2012/11/17 22:01:05 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{86F14206-34B1-477A-A84C-76AC642D179F}
[2012/11/16 03:07:22 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012/11/16 03:07:22 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012/11/16 03:03:01 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/11/16 03:03:01 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/11/16 03:03:00 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/11/16 03:03:00 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/11/16 03:03:00 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/11/16 03:03:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/11/16 03:03:00 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/11/16 03:03:00 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/11/16 03:02:59 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/11/16 03:02:59 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/11/16 03:02:59 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/11/16 03:02:59 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/11/16 03:02:58 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/11/16 03:02:58 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/11/16 03:02:58 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/11/16 03:01:27 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/11/16 03:01:27 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/11/16 03:01:26 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/11/16 03:01:26 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/11/15 21:29:29 | 000,000,000 | ---D | C] -- C:\Maison
[2012/11/15 21:07:39 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{05A511F5-DC6C-4D9C-8C12-11D77EC41F34}
[2012/11/15 06:29:00 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012/11/15 06:29:00 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012/11/15 06:29:00 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012/11/15 06:28:49 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012/11/15 06:28:49 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/11/15 06:28:49 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012/11/15 06:28:49 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/11/15 06:28:48 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012/11/15 06:28:48 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012/11/15 06:28:24 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012/11/15 06:28:24 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012/11/14 21:27:41 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{FB9F0460-550F-4D9C-8C22-8F695C08113A}
[2012/11/14 06:57:07 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{10EBFA24-1F71-48A4-81EA-61D7FC646C99}
[2012/11/13 18:36:30 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{1CA70FB6-16EC-4854-BDE9-DE2D9E3B5E1A}
[2012/11/12 07:58:06 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{D32266FB-3DBA-4D96-859A-BE5E484F4FF1}
[2012/11/11 10:24:20 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{A1E8378F-DE93-4216-A5C8-F1DC0F349328}
[2012/11/10 07:52:27 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{5F69EE92-FCF8-47B0-9FEA-3C6EE0525420}
[2012/11/09 19:52:16 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{D272D964-7579-48B2-A7A9-3DD53EFF2FFE}
[2012/11/09 07:52:05 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{60634D4D-8882-4329-AC60-6CC6C0FA998D}
[2012/11/08 19:48:58 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{84C840F3-2934-4D8C-BB50-21C6A8F3B105}
[2012/11/07 19:53:53 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{8AFF37AC-C9F6-40FB-BD76-B9616C367540}
[2012/11/07 07:53:41 | 000,000,000 | ---D | C] -- C:\Users\Fred\AppData\Local\{D3BAC3EC-F6B4-463F-BED2-12315A217D2E}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Fred\Desktop\*.tmp files -> C:\Users\Fred\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/06 23:07:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/06 22:52:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/06 22:52:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/06 16:19:18 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/02 10:11:13 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/02 10:11:13 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/01 04:44:47 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/01 04:44:47 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/01 04:44:47 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/01 04:38:38 | 1003,451,043 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/12/01 04:38:37 | 1059,934,206 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/30 07:01:55 | 000,000,109 | ---- | M] () -- C:\user.js
[2012/11/16 06:49:19 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/11/16 06:49:19 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/11/16 03:27:48 | 000,461,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/16 03:27:44 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/11/15 21:24:57 | 001,299,718 | ---- | M] () -- C:\Users\Fred\Documents\Scan0004.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Fred\Desktop\*.tmp files -> C:\Users\Fred\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/30 07:01:54 | 000,000,109 | ---- | C] () -- C:\user.js
[2012/11/16 03:07:24 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/16 03:01:26 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/15 21:24:57 | 001,299,718 | ---- | C] () -- C:\Users\Fred\Documents\Scan0004.pdf
[2012/09/03 17:00:10 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dvdtest10024.dat
[2012/07/07 12:00:34 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/05/23 17:49:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/05/23 17:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/05/23 17:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/05/23 17:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/05/23 17:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012/03/07 09:18:59 | 000,001,443 | ---- | C] () -- C:\Users\Fred\gsview32.ini
[2011/12/08 08:48:01 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/12/07 16:49:31 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011/12/07 16:49:31 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011/12/02 15:11:06 | 000,006,144 | ---- | C] () -- C:\Users\Fred\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/28 21:04:59 | 000,007,606 | ---- | C] () -- C:\Users\Fred\AppData\Local\Resmon.ResmonCfg
[2011/10/10 20:50:42 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/10/04 22:35:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/09/28 21:41:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/09/28 19:58:15 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/09/28 19:58:15 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/09/28 19:58:15 | 000,001,264 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2011/09/28 19:58:15 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2011/09/28 19:58:15 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2011/03/17 16:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/02/10 11:10:51 | 000,767,738 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2005/04/07 21:16:43 | 000,004,362 | -H-- | C] () -- C:\Users\Fred\AppData\Roaming\Fredlog.dat

========== ZeroAccess Check ==========

[2011/11/17 01:41:18 | 000,000,000 | -HSD | M] -- C:\Users\Fred\AppData\Local\{e6c44ce1-7eb6-ec81-4a68-163bc9275d6e}\L
[2011/11/17 01:41:18 | 000,000,000 | -HSD | M] -- C:\Users\Fred\AppData\Local\{e6c44ce1-7eb6-ec81-4a68-163bc9275d6e}\U
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Users\Fred\AppData\Local\{e6c44ce1-7eb6-ec81-4a68-163bc9275d6e}\n.

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< %AppData%\Roaming\Mozilla\Firefox\Profiles\*.default\extensions\ /s /md5 >

< %AppData%\Local\ >

< %systemroot%\system32\sysprep >

< *.xpi /md5 >

< %systemroot%\Downloaded Program Files\ >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile >
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/12/04 16:42:40 | 000,892,176 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/12/04 16:42:40 | 000,892,176 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/12/04 16:42:40 | 000,892,176 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/12/04 16:42:49 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/12/04 16:42:49 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/12/04 16:42:49 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/09/28 21:25:27 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/09/28 21:25:27 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/09/28 21:25:27 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/10/08 03:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/10/08 03:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/12/04 16:42:40 | 000,892,176 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/12/04 16:42:40 | 000,892,176 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/12/04 16:42:40 | 000,892,176 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/12/04 16:42:49 | 000,916,960 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/12/04 16:42:49 | 000,916,960 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/12/04 16:42:49 | 000,916,960 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/09/28 21:25:27 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/09/28 21:25:27 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/09/28 21:25:27 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/10/08 03:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/10/08 03:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\drivers\*.sys /90 >

< %systemroot%\System32\config\*.sav >

< %SYSTEMDRIVE%\*.exe /md5 >

< "%WinDir%\$NtUninstallKB*$." /30 >

< %systemdrive%\Program Files\Common Files\ComObjects\*.* /s >

< %systemroot%\*. /mp /s >

< %systemroot%\*. /rp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\Installer\ /s >

< %systemroot%\system32\Cache\ /s >

< %systemroot%\system32\config\systemprofile\ /s >

< %PROGRAMFILES%\*. >
[2012/04/05 06:29:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\4Media
[2011/09/28 20:04:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2011/09/28 19:54:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
[2012/09/03 17:03:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Burn4Free
[2012/11/30 22:47:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2012/05/05 08:26:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2011/09/28 19:56:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cozi Express
[2011/09/28 19:58:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Creative
[2011/09/28 19:59:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cyberlink
[2011/09/28 20:10:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell
[2012/12/01 04:39:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell DataSafe Local Backup
[2011/10/04 19:36:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell Stage
[2011/10/04 19:36:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell Touch Software Suite
[2011/12/08 08:48:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\doubleTwist 2.0
[2012/09/03 16:59:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DVD-Cloner
[2012/07/19 20:59:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ffdshow
[2012/04/27 21:01:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Futuremark
[2012/04/30 17:54:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Garmin
[2012/03/07 09:18:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ghostgum
[2012/06/06 19:14:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2012/07/07 12:06:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hewlett-Packard
[2012/07/07 12:17:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP
[2011/11/01 20:04:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iLivid
[2012/02/29 18:31:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Impot
[2012/03/29 17:07:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ImpotExpert 2011
[2012/07/05 14:41:30 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/09/28 19:52:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2012/11/16 03:25:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2012/04/04 20:27:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2012/10/24 11:22:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2012/07/07 15:18:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LG Electronics
[2011/10/16 09:09:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Logitech
[2012/06/17 13:50:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MarkAny
[2012/12/06 22:56:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2011/10/05 17:12:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011/10/04 20:45:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft LifeCam
[2011/10/05 17:18:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2012/10/02 02:01:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Security Client
[2012/05/29 05:31:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/09/28 20:03:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/10/05 17:13:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2012/12/04 16:42:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2012/12/05 17:40:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2011/10/04 21:08:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2011/09/28 19:54:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Multimedia Card Reader(9106)
[2012/06/17 14:24:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MyFree Codec
[2011/10/31 20:31:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ParetoLogic
[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2011/09/28 20:08:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Roxio
[2012/07/05 14:41:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Samsung
[2012/07/24 20:37:21 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2012/08/31 22:06:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Unified Remote
[2012/07/19 20:59:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2012/05/29 05:30:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\uTorrent
[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/11/01 20:02:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows iLivid Toolbar
[2012/04/27 21:03:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2010/11/20 22:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2011/11/08 21:12:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinZip Courier

< %appdata%\*.* >
[2011/11/03 15:23:14 | 000,004,362 | -H-- | M] () -- C:\Users\Fred\AppData\Roaming\Fredlog.dat

< MD5 for: AFD.SYS >
[2011/12/27 22:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\SysNative\drivers\afd.sys
[2011/12/27 22:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys
[2011/12/27 23:01:36 | 000,498,176 | ---- | M] (Microsoft Corporation) MD5=36A14FD1A23F57046361733B792CA8DB -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys
[2010/11/20 22:24:08 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[2011/09/28 21:37:00 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
[2011/09/28 21:37:00 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CRYPTSVC.DLL >
[2012/06/01 23:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012/04/23 23:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010/11/20 22:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012/04/23 23:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012/04/24 00:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012/06/04 02:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2012/06/01 23:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012/06/01 23:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012/06/02 00:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\SysNative\cryptsvc.dll
[2012/06/02 00:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010/11/20 22:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012/04/24 00:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll

< MD5 for: DNSRSLVR.DLL >
[2011/09/28 21:36:58 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=16835866AAA693C7D7FCEBA8FFF706E4 -- C:\Windows\SysNative\dnsrslvr.dll
[2011/09/28 21:36:58 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=16835866AAA693C7D7FCEBA8FFF706E4 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsrslvr.dll
[2011/09/28 21:36:58 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=B2205BAEAE4C178ABEB1B149751FC2B9 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsrslvr.dll
[2010/11/20 22:24:15 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=CD55F5355D8F55D44C9F4ED875705BD6 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsrslvr.dll

< MD5 for: ES.DLL >
[2012/10/31 17:14:04 | 000,008,728 | ---- | M] () MD5=07C0EEFCED87271FD2844DA8EE8B6042 -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\Locales\es.dll
[2012/08/17 17:27:53 | 000,008,728 | ---- | M] () MD5=328868A14EB90E6A8EA9F3FC59FC49BB -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\Locales\es.dll
[2009/07/13 20:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\SysNative\es.dll
[2009/07/13 20:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll
[2012/10/10 05:05:14 | 000,008,728 | ---- | M] () MD5=543EC1FF66953631A17477AEC9C7A111 -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\Locales\es.dll
[2012/10/03 20:14:58 | 000,008,728 | ---- | M] () MD5=CA2C5AA0DAC841157AE8680A48700073 -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.92\Locales\es.dll
[2012/11/13 21:10:22 | 000,009,320 | ---- | M] () MD5=CE1DEB45766BDE8ABBC90A4F780F2974 -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\Locales\es.dll
[2012/11/27 22:42:40 | 000,009,320 | ---- | M] () MD5=CFEBBFA78448CCD8E6EFE1F1062F1AB9 -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\Locales\es.dll
[2012/08/29 21:57:44 | 000,008,728 | ---- | M] () MD5=F01EB2548FC7BAEC80C00941089000DE -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\Locales\es.dll
[2009/07/13 20:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\SysWOW64\es.dll
[2009/07/13 20:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll
[2012/09/25 04:41:57 | 000,008,728 | ---- | M] () MD5=FABB2C5368FC626FB1D2A214028DF8EF -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\Locales\es.dll

< MD5 for: EXPLORER.EXE >
[2011/09/28 21:36:59 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/09/28 21:36:59 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/09/28 21:36:59 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/09/28 21:36:59 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 22:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/09/28 21:36:59 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/09/28 21:36:59 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 22:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: IPNATHLP.DLL >
[2009/07/13 20:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\SysNative\ipnathlp.dll
[2009/07/13 20:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_60c2504d62fd4f0e\ipnathlp.dll

< MD5 for: NETBT.SYS >
[2010/11/20 22:23:51 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\SysNative\drivers\netbt.sys
[2010/11/20 22:23:51 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys

< MD5 for: NETMAN.DLL >
[2009/07/13 20:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\SysNative\netman.dll
[2009/07/13 20:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll

< MD5 for: QMGR.DLL >
[2010/11/20 22:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010/11/20 22:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll

< MD5 for: RPCSS.DLL >
[2010/11/20 22:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\SysNative\rpcss.dll
[2010/11/20 22:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll

< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 12:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012/10/03 12:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011/09/29 12:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 22:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012/08/22 13:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 05:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011/09/28 21:37:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 01:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2012/03/30 06:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011/09/28 21:37:00 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/09/28 21:36:58 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2012/10/03 12:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011/09/28 21:36:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys
[2011/06/21 01:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2012/08/22 13:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 11:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: TDX.SYS >
[2010/11/20 22:24:32 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\SysNative\drivers\tdx.sys
[2010/11/20 22:24:32 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: VOLSNAP.SYS >
[2010/11/20 22:23:47 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys
[2010/11/20 22:23:47 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys
[2010/11/20 22:23:47 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys

< MD5 for: WININIT.EXE >
[2009/07/13 20:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/13 20:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/13 20:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/13 20:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WMISVC.DLL >
[2009/07/13 20:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\SysNative\wbem\WMIsvc.dll
[2009/07/13 20:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7601.17514_none_fed8c13f0d90a8cf\WMIsvc.dll

< MD5 for: WSCSVC.DLL >
[2009/07/13 20:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\SysNative\wscsvc.dll
[2009/07/13 20:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7601.17514_none_78666321c8b86082\wscsvc.dll

< End of report >

fbriss

Rookie Surfer
Rookie Surfer

Posts : 52
Joined : 2008-12-01
Operating System : XP

View user profile

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by fbriss on Fri 07 Dec 2012, 3:36 pm

OTL Extras logfile created on: 12/6/2012 11:06:20 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fred\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

11.98 Gb Total Physical Memory | 6.49 Gb Available Physical Memory | 54.19% Memory free
23.96 Gb Paging File | 16.15 Gb Available in Paging File | 67.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.22 Gb Total Space | 732.30 Gb Free Space | 79.75% Space Free | Partition Type: NTFS
Drive O: | 48.82 Gb Total Space | 7.86 Gb Free Space | 16.10% Space Free | Partition Type: FAT32
Drive P: | 882.68 Gb Total Space | 607.26 Gb Free Space | 68.80% Space Free | Partition Type: NTFS

Computer Name: FRED-PC | User Name: Fred | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02A5C798-8539-4C9B-A6C5-4A3C4FED58B8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{07ED3C3F-EB2F-45E9-A369-583407511FA1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1AE12959-979F-4360-A34B-7BEBD7B29EC9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E28D7D6-8747-488D-B0D6-B7654A077329}" = lport=3390 | protocol=6 | dir=in | app=system |
"{204DBF0F-707B-4881-A53B-7B44F0BE6F32}" = lport=137 | protocol=17 | dir=in | app=system |
"{25B942E1-A855-43DA-BFB1-E820B169226B}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2B656275-17FF-4752-A254-AC4CB35AD930}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2C8B4E2F-5144-4B06-8DC4-ED571C694417}" = lport=10243 | protocol=6 | dir=in | app=system |
"{36D6BA68-83CF-437C-958A-520DB8F0F09B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{43AAF4A4-15A9-4F9B-B055-BADAC9B21D5A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{45D4CEE8-74F0-4F92-BA7E-77CC814577D8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4BE8C977-952F-48BE-8A98-E737BB258E2A}" = lport=10244 | protocol=6 | dir=in | app=system |
"{5AC8908D-1A71-42B2-83A2-703568E24962}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5BFCC929-BD0D-4652-9614-8070DA18006B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6C2CC718-AD5F-4659-B3F1-78CCE9AC80B6}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{70755627-CAE6-4778-A6B7-324E1AE04348}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{73612F18-8A5A-496A-9671-4F459472A69B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{73E677F9-A520-4253-B22C-8EADDE2F60D0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{758F5832-90B4-495F-9BA7-2AD66640F4DF}" = lport=3390 | protocol=6 | dir=in | app=system |
"{791B1C22-FA6E-45C3-8AE2-E410B462F503}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7F6A13F6-0C2E-413A-AA5A-F11779FBCCF4}" = rport=139 | protocol=6 | dir=out | app=system |
"{9F416102-92F4-48AE-84B8-E9E94BF37971}" = lport=10244 | protocol=6 | dir=in | app=system |
"{A38F58AB-0E75-4D2F-A649-67B0EB1D7E06}" = rport=138 | protocol=17 | dir=out | app=system |
"{A6BE8A0A-4924-439F-9232-21934ABE92FD}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{AB55005A-06C2-4F74-AD6D-05DCF307D5A1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AC71A4C8-853D-4321-A921-0285D7A4280D}" = lport=445 | protocol=6 | dir=in | app=system |
"{AE10395E-A053-440D-A561-5EDFA064EFC3}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{AFC3A0B6-E9FC-481C-82B2-62183E531A0E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B10FBC85-4E85-42FC-A2AE-F9A675E7E372}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B1C4D562-D7BC-4D8C-8224-79693C178F67}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B39ACC3C-D262-4389-8E70-34B0DFA350E9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B8DB50F8-803B-49E2-BD42-5468CA544252}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{BD4B6C79-7A2C-4123-939C-D71EC7E84892}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{BF49BE94-A69B-4AC9-A9E3-927BEE48A7C7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BF59E107-1BD3-4407-B070-4905A7300EEA}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C9013724-111E-4F14-8C1B-DF1E8CBF66D0}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C9B6E365-479F-4D81-9DC5-C8EB17ACE0C8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{CD77F0ED-1919-47D0-8338-9AD03481137B}" = lport=139 | protocol=6 | dir=in | app=system |
"{D177CC86-4327-4DFE-89E2-812ECD3145B0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D4F6A5C2-E4C9-44FE-B0B2-E467095D6F76}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D500D3AA-1286-4042-8C40-545895DA1C7D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DA860F81-3F9C-4FCB-9D36-55212B49DB8E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DADF4681-1589-43B5-8F37-0AD275352917}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{DC8C7D27-9A52-4F2E-9C1F-6C1F417299F0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E359845C-2A9F-4328-A39C-BAB7D0B7DEAF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E3EAAA45-E279-4E0F-B44E-3ABD40DE142F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E44C7CF3-84F7-4F94-B389-91C3D36E0BDB}" = rport=137 | protocol=17 | dir=out | app=system |
"{E899AB09-6417-42AB-BEEB-964C4CE6206B}" = rport=445 | protocol=6 | dir=out | app=system |
"{F0FAFEAC-42D3-4117-ABE0-E569364AA04D}" = lport=138 | protocol=17 | dir=in | app=system |
"{FA94E37A-DBBB-4A40-8E09-C0F5B53A441F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FAA76525-76AC-4CE8-B1B4-1570F0388AC8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01373E30-2A9E-4626-9154-3D2830C9D54C}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{031F6BEA-1793-46DD-ADF9-A6D31894D326}" = protocol=6 | dir=out | app=system |
"{085884A8-0788-4136-8FB4-881E2A9DCDB1}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{0BD33AB1-6F6D-42BD-8F6D-802857FDD86C}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{15E70961-5A0F-43D1-9AFC-4EABC94E8115}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{187C57EE-B7E4-4FB7-9724-C88136C55868}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{18C9788F-2997-4656-B487-C59C854FB172}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{1C3195C6-5D4C-4D5B-9FEF-86E755645013}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{1EDA948E-8DA3-4EDF-B274-6CAA81662196}" = dir=in | app=c:\program files\dell stage\dell stage\stage_primary.exe |
"{2024A1AF-AA19-4E4D-87BC-AE9BE107672F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{2B91CBE2-FE91-42E7-93F0-4EEF671F133D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{37A6778D-CF7A-42B1-8AC9-5677FA80110B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C82CC97-D6A8-4CEF-96D9-93E0145FE3E4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3FCA9FC1-D870-4FCB-B74E-3A5B47EA6619}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4AD06674-C4F3-4682-8403-F3742CADF812}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4D2193C6-1AB8-45F3-BE8D-85B38343C19C}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe |
"{52B54E76-69AE-4BE9-AA52-087D62C72B3F}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{532986B8-0201-4369-B2B0-900AE48309AB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{541538C2-FCA4-47BC-A9B2-D815DCA5BA05}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{57ABCB09-5D1D-4B60-B702-0068FE7AAC2A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5865B663-B93E-4A8C-B9ED-DCE913C6ECCB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5C31E745-5F97-444D-B2F0-2288232BDD6C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5C93C5AA-1BE7-466D-AD1A-2B29EBEB4520}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5E142062-B3F0-4527-A513-A65A4DA92F1F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{5EE8EFAF-B6DA-48BB-B73B-7BD76DBEB851}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{5FE2D1CF-6E36-4A04-90E9-92E209EE504D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6CC1C6A9-FC7F-49D8-8CD7-EECE368AB9FA}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{72485A8C-28C9-409A-A00C-3CF525F2CDAC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{73DCBA56-05F0-4E51-9392-51E7CFE1D069}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{75096871-FD01-471D-B9E5-DE7D97F75132}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\devicesetup.exe |
"{76215365-F228-4716-B7FA-50BD482E8A6A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{799D9BAB-60DE-4D37-A39C-512DFCB78903}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{8418100D-E5CF-400A-9968-90A5187D68B5}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{8603BDE5-8514-418D-81D8-4ED747F540BF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{86666544-8A8F-4AA0-A6A6-81FFF5456149}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9353DE18-6113-41D0-A0AD-2D9A1FDDA9B6}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{94ABA094-0BA7-4BDC-8308-BA0C824970FC}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{976DB040-86B6-41C6-B7EB-1AA4FF65725F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{98A8A033-FBD4-4EE6-A88B-8DFC4E2DFDF1}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{9ADC939D-2151-4697-9609-3F7062EFFD07}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{9B368248-F023-475B-A7A1-08056B31A65D}" = dir=in | app=c:\program files\dell stage\musicstage\musicstageengine.exe |
"{9C1ABBF2-9B6B-4606-809D-2E18CC62276E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9C3EC5F4-6438-4AFB-BACB-229EDA1E443D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{9D436A58-3B29-47C5-8C96-03D0A6646DBB}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{9D4ECB08-69C9-4E5F-BC4D-3C7D3D442DBB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{A5785660-6CF1-4884-BD38-A45BD9A7CD85}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A82AD182-B24C-434F-BD16-52E7C2944A38}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{AE6558A6-6152-4816-8F63-5B4FA467EE13}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B0CB8A0D-865C-4E79-A70B-4429335C6342}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{B8281698-7575-4A10-9DED-672904FE1E6A}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{C8693CE1-7FBE-44CC-A390-2B3429DAF9D8}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C9E325A5-5503-4B32-AB3F-36046E260E66}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{CA44982A-76DC-4961-B878-77C523F34A30}" = dir=in | app=c:\program files\dell stage\dell stage\accuweather\accuweather.exe |
"{CAA33101-2AAF-4E4F-A0DE-84F4FC4D0C8A}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe |
"{D8783DCA-18B1-423A-9076-EEA891898318}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{DF67B5BF-4FDB-4B46-9B29-C07834FDCDFA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{E03C66BD-C804-4265-A755-98513228CD7E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E0E304F8-D59E-400D-9BA1-85C2FDE8208B}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{E46B5864-7D1C-43E3-B32D-7E8006B2DB9D}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{F77552FA-56E1-47E2-8B77-BA4396D7A3E9}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{FA764C28-8832-42BD-A278-29485F8E4BBB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FB35C4B8-7B1D-4AC3-8A4E-20A0239450AA}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{FBF42DF3-2C34-4627-8A62-60FB721C087F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{6604C7F6-17F1-4565-AB77-528302A1B753}C:\program files (x86)\bitpim\bitpimw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitpim\bitpimw.exe |
"UDP Query User{331B448F-5858-4A7A-BEFD-5AA9E249186F}C:\program files (x86)\bitpim\bitpimw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitpim\bitpimw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{2D5E3D2B-919F-407C-8757-E64827518BB6}" = HP Officejet Pro 8600 Basic Device Software
"{32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}" = Microsoft Antimalware Service FR-FR Language Pack
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{6E3D4FFE-9614-4E58-9DE2-F9A036EAD491}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{83CB95E0-5518-AAC2-9B63-1FDBB4D51263}" = ATI AVIVO64 Codecs
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BFBE6E95-5724-47EC-85A0-74D436AD938F}" = Windows Live Family Safety
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{C99B5E76-3EA1-9943-F394-1E9F9EC8B28C}" = ccc-utility64
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C7}" = WinZip 16.0
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client FR-FR Language Pack
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F792E5B0-11C4-4C68-8A63-FB5F52749180}" = HP Officejet Pro 8600 Product Improvement Study
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"PC-Doctor for Windows" = Dell Support Center
"Sn1" = Logitech Scroll App 2.0
"sp6" = Logitech SetPoint 6.30

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{010A785B-F920-4350-821B-6309909C20BB}" = THX TruStudio PC
"{023D64D7-E7B4-47C7-BE6E-B7C2E8960D08}" = Citrix Online Plug-in (Web)
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0B043A05-B07C-9307-8CC8-0C72BC8895E2}" = CCC Help Polish
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1879C1-B74A-4C6D-8880-E3F54B78E816}" = LG United Mobile Drivers
"{0D98F04D-11A1-4B64-A406-43292B9EEE90}" = Dell PhotoStage
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{153EAC4C-D3E8-4A68-9A20-CFDB953CCE3C}" = ImpotExpert Updater 2011
"{16D6AA4F-959B-306B-0747-CFBEFCC7A0DE}" = CCC Help Greek
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C1473A1-1A26-4C8F-9548-A52D03066CE7}" = Catalyst Control Center - Branding
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22076B10-37D9-7B32-AB5D-3F97D9E87E15}" = CCC Help Turkish
"{22813428-038B-8C98-5AF8-22B7EF1B6284}" = CCC Help Spanish
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216034FF}" = Java(TM) 6 Update 37
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BDCCC79-2352-1CD6-80D0-1E1948FEF262}" = CCC Help Italian
"{2D162142-12F7-4419-577C-7BB3204F799F}" = CCC Help Chinese Standard
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2F4FB074-80B6-118F-42AD-27B6F275D884}" = CCC Help Chinese Traditional
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{374EBC77-5E23-0B63-0B65-136AEFF98C1D}" = CCC Help Danish
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{400F29A3-58E9-4848-5BE1-01919F891D44}" = CCC Help Swedish
"{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{451BB54C-8B23-4455-8BDC-14FC7D43E056}" = MSXML4SP2
"{45411273-7307-4F9D-BCAF-7E5ED0A36050}" = Garmin Lifetime Updater
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFA3415-7B6A-EF20-225A-B1DC627BBAC5}" = CCC Help Korean
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7
"{8144262B-25B4-44F6-8204-FCC8EF50179F}" = Citrix Online Plug-in (DV)
"{81C3E664-CA21-3C4B-312F-54DEB08EF1A5}" = Catalyst Control Center InstallProxy
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{8279F213-ECD0-4C36-A8EC-670FC16218E3}" = CCC Help Dutch
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}" = Dell MusicStage
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{965D4A7F-25FE-4D0E-8729-43C6236FB03C}" = Unified Remote
"{9842650A-98C5-A238-AC65-189F80285EBD}" = CCC Help Czech
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F41678D-3934-EBBA-F85C-E1A97DB84407}" = CCC Help Thai
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{ADDD9902-3576-7071-1196-24E37F15BB52}" = Catalyst Control Center Localization All
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}" = HP Officejet Pro 8600 Help
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CA0006CC-FB7D-6358-BF24-3394D509AB9C}" = CCC Help Japanese
"{CA04E3AD-FFAC-0EE9-3605-E9665EC05BF7}" = CCC Help Finnish
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CCAE8CA3-5C96-FBF2-BD0F-27D4644217D3}" = CCC Help Portuguese
"{CD95F661-A5C4-11AF-B2CC-ABCD21A325B8}" = WinZip Courier
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2E4FBCD-6CB1-432B-BDCF-CEE0892381C7}" = Dell Stage
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0C8AC08-1B2C-AD87-E4CE-9C0A2618807E}" = CCC Help English
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E4F3A636-92E3-86C4-FA1E-19BC06CBB037}" = CCC Help German
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5F6575A-7567-9230-2BE0-615A46E5721B}" = CCC Help Russian
"{E9656E99-F59E-F377-DC5F-477047CA4FCF}" = CCC Help French
"{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}" = Cozi
"{EA74A293-3FAC-4D1B-AE3A-3BD47FADDC20}" = Citrix Online Plug-in (HDX)
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16B7D69-784E-C12E-D42B-A1D69A38B752}" = CCC Help Hungarian
"{F44F1120-9E35-4216-952B-EB91997FED99}" = ImpotExpert 2011
"{FB85D440-98E6-B361-1727-DFD81F366943}" = ccc-core-static
"{FC4AAC27-3775-E69E-6DBB-381425D79A94}" = CCC Help Norwegian
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4Media MP4 to MP3 Converter 6" = 4Media MP4 to MP3 Converter 6
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Burn4Free DVD Burning_is1" = Burn4Free DVD Burning 6.0.0.0
"DefaultTab" = DefaultTab
"doubleTwist" = doubleTwist
"DVD-Cloner 9_is1" = DVD-Cloner V9.60 Build 1113
"ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09]
"Google Chrome" = Google Chrome
"InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"LG PC Suite IV" = LG PC Suite IV
"Mozilla Firefox 17.0.1 (x86 fr)" = Mozilla Firefox 17.0.1 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"uTorrent" = µTorrent
"WinLiveSuite" = Windows Live

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/6/2012 5:57:56 PM | Computer Name = FRED-PC | Source = Bonjour Service | ID = 100
Description =

Error - 12/6/2012 5:57:57 PM | Computer Name = FRED-PC | Source = Bonjour Service | ID = 100
Description =

Error - 12/6/2012 5:57:57 PM | Computer Name = FRED-PC | Source = Bonjour Service | ID = 100
Description =

Error - 12/6/2012 5:57:57 PM | Computer Name = FRED-PC | Source = Bonjour Service | ID = 100
Description =

Error - 12/6/2012 5:57:58 PM | Computer Name = FRED-PC | Source = Bonjour Service | ID = 100
Description =

Error - 12/6/2012 5:57:58 PM | Computer Name = FRED-PC | Source = Bonjour Service | ID = 100
Description =

Error - 12/6/2012 5:57:58 PM | Computer Name = FRED-PC | Source = Bonjour Service | ID = 100
Description =

Error - 12/6/2012 5:57:59 PM | Computer Name = FRED-PC | Source = Bonjour Service | ID = 100
Description =

Error - 12/6/2012 5:57:59 PM | Computer Name = FRED-PC | Source = Bonjour Service | ID = 100
Description =

Error - 12/6/2012 5:57:59 PM | Computer Name = FRED-PC | Source = Bonjour Service | ID = 100
Description =

[ Media Center Events ]
Error - 1/15/2012 9:14:41 AM | Computer Name = Fred-PC | Source = MCUpdate | ID = 0
Description = 08:14:41 - Error connecting to the internet. 08:14:41 - Unable
to contact server..

Error - 1/15/2012 9:14:46 AM | Computer Name = Fred-PC | Source = MCUpdate | ID = 0
Description = 08:14:46 - Error connecting to the internet. 08:14:46 - Unable
to contact server..

Error - 1/18/2012 9:43:27 AM | Computer Name = Fred-PC | Source = MCUpdate | ID = 0
Description = 08:43:27 - Error connecting to the internet. 08:43:27 - Unable
to contact server..

Error - 1/18/2012 9:43:39 AM | Computer Name = Fred-PC | Source = MCUpdate | ID = 0
Description = 08:43:32 - Error connecting to the internet. 08:43:32 - Unable
to contact server..

Error - 1/18/2012 10:43:43 AM | Computer Name = Fred-PC | Source = MCUpdate | ID = 0
Description = 09:43:43 - Error connecting to the internet. 09:43:43 - Unable
to contact server..

Error - 1/18/2012 10:43:48 AM | Computer Name = Fred-PC | Source = MCUpdate | ID = 0
Description = 09:43:48 - Error connecting to the internet. 09:43:48 - Unable
to contact server..

Error - 1/18/2012 11:43:53 AM | Computer Name = Fred-PC | Source = MCUpdate | ID = 0
Description = 10:43:53 - Error connecting to the internet. 10:43:53 - Unable
to contact server..

Error - 1/18/2012 11:43:58 AM | Computer Name = Fred-PC | Source = MCUpdate | ID = 0
Description = 10:43:58 - Error connecting to the internet. 10:43:58 - Unable
to contact server..

Error - 1/18/2012 12:44:03 PM | Computer Name = Fred-PC | Source = MCUpdate | ID = 0
Description = 11:44:03 - Error connecting to the internet. 11:44:03 - Unable
to contact server..

Error - 1/18/2012 12:44:08 PM | Computer Name = Fred-PC | Source = MCUpdate | ID = 0
Description = 11:44:08 - Error connecting to the internet. 11:44:08 - Unable
to contact server..

[ System Events ]
Error - 12/1/2012 5:38:51 AM | Computer Name = Fred-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 04:37:19 on ?2012-?12-?01 was unexpected.

Error - 12/1/2012 5:38:55 AM | Computer Name = FRED-PC | Source = BugCheck | ID = 1001
Description =

Error - 12/1/2012 5:39:28 AM | Computer Name = Fred-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 12/1/2012 5:39:58 AM | Computer Name = Fred-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 12/1/2012 10:53:52 AM | Computer Name = Fred-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk5\DR5.

Error - 12/1/2012 10:53:54 AM | Computer Name = Fred-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk5\DR5.

Error - 12/1/2012 10:54:17 AM | Computer Name = Fred-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 12/3/2012 8:02:26 AM | Computer Name = Fred-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk5\DR5.

Error - 12/3/2012 8:02:27 AM | Computer Name = Fred-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk5\DR5.

Error - 12/7/2012 12:00:18 AM | Computer Name = Fred-PC | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.


< End of report >

fbriss

Rookie Surfer
Rookie Surfer

Posts : 52
Joined : 2008-12-01
Operating System : XP

View user profile

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by fbriss on Fri 07 Dec 2012, 3:38 pm

# AdwCleaner v2.011 - Logfile created 12/06/2012 at 23:19:50
# Updated 02/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Fred - FRED-PC
# Boot Mode : Normal
# Running from : C:\Users\Fred\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : DefaultTabUpdate

***** [Files / Folders] *****

Deleted on reboot : C:\Users\Audrey\AppData\Roaming\Mozilla\Firefox\Profiles\40dpmmem.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}
Deleted on reboot : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\{bb45ef8e-1e36-4535-a017-ec908fb1e335}
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml
File Deleted : C:\user.js
File Deleted : C:\Users\Fred\AppData\Local\Temp\Searchqu.ini
File Deleted : C:\Users\Fred\AppData\Local\Temp\searchqutoolbar-manifest.xml
File Deleted : C:\Users\Fred\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
File Deleted : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\addon@defaulttab.com.xpi
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Ilivid
Folder Deleted : C:\Program Files (x86)\Windows iLivid Toolbar
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\Users\Audrey\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Audrey\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Audrey\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Audrey\AppData\Roaming\Mozilla\Firefox\Profiles\40dpmmem.default\ConduitCommon
Folder Deleted : C:\Users\Fred\AppData\Local\Conduit
Folder Deleted : C:\Users\Fred\AppData\Local\Temp\CT2851639
Folder Deleted : C:\Users\Fred\AppData\Local\Temp\CT3101810
Folder Deleted : C:\Users\Fred\AppData\Local\Temp\CT3184201
Folder Deleted : C:\Users\Fred\AppData\Local\Temp\CT3198785
Folder Deleted : C:\Users\Fred\AppData\Local\TempDir
Folder Deleted : C:\Users\Fred\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Fred\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Fred\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\Fred\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Fred\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\ConduitCommon
Folder Deleted : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\CT2851639
Folder Deleted : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\CT3101810
Folder Deleted : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\CT3184201
Folder Deleted : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\CT3198785
Folder Deleted : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}
Folder Deleted : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}
Folder Deleted : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\{efb1e45a-148d-40f9-a3f0-09d5577f9970}
Folder Deleted : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\ffxtlbra@softonic.com
Folder Deleted : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\Smartbar
Folder Deleted : C:\Users\Fred\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2851639
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3184201
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3198785
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011441179}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = [You must be registered and logged in to see this link.] --> [You must be registered and logged in to see this link.]
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = [You must be registered and logged in to see this link.] --> [You must be registered and logged in to see this link.]

-\\ Mozilla Firefox v17.0.1 (fr)

Profile name : default
File : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\prefs.js

C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\user.js ... Deleted !

Deleted : user_pref("CT2851639..clientLogIsEnabled", false);
Deleted : user_pref("CT2851639..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2851639..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2851639.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2851639.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2851639.CTID", "CT2851639");
Deleted : user_pref("CT2851639.CommunitiesChangesLastCheckTime", "0");
Deleted : user_pref("CT2851639.CurrentServerDate", "20-7-2012");
Deleted : user_pref("CT2851639.DSInstall", false);
Deleted : user_pref("CT2851639.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2851639.DialogsGetterLastCheckTime", "Thu Jul 19 2012 16:04:38 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT2851639.DownloadReferralCookieData", "");
Deleted : user_pref("CT2851639.EMailNotifierPollDate", "Sat May 05 2012 09:26:10 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2851639.EnableClickToSearchBox", false);
Deleted : user_pref("CT2851639.EnableSearchHistory", false);
Deleted : user_pref("CT2851639.EnableSearchSuggest", false);
Deleted : user_pref("CT2851639.FeedLastCount2548968607390276962", 177);
Deleted : user_pref("CT2851639.FeedPollDate2429156812186649977", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2851639.FeedPollDate2429156813040823546", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2851639.FeedPollDate2429156813130095866", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2851639.FeedPollDate2429156813224203613", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2851639.FeedPollDate2429156813230837251", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2851639.FeedPollDate2429156813454291735", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2851639.FeedPollDate2429156813729834876", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2851639.FeedPollDate2429156813860870021", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2851639.FeedPollDate2429156814264681793", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2851639.FeedPollDate2429156814863075366", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2851639.FeedPollDate2429156815257761081", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2851639.FeedTTL2429156813040823546", 15);
Deleted : user_pref("CT2851639.FeedTTL2429156813130095866", 10);
Deleted : user_pref("CT2851639.FeedTTL2429156813454291735", 5);
Deleted : user_pref("CT2851639.FeedTTL2429156814264681793", 5);
Deleted : user_pref("CT2851639.FirstServerDate", "5-5-2012");
Deleted : user_pref("CT2851639.FirstTime", true);
Deleted : user_pref("CT2851639.FirstTimeFF3", true);
Deleted : user_pref("CT2851639.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2851639.GroupingInvalidateCache", false);
Deleted : user_pref("CT2851639.GroupingLastCheckTime", "0");
Deleted : user_pref("CT2851639.GroupingLastServerUpdateTime", "0");
Deleted : user_pref("CT2851639.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2851639.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2851639.HPInstall", false);
Deleted : user_pref("CT2851639.HasUserGlobalKeys", true);
Deleted : user_pref("CT2851639.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2851639.HomepageBeforeUnload", "hxxp://www.cinoche.com/concours.html");
Deleted : user_pref("CT2851639.Initialize", true);
Deleted : user_pref("CT2851639.InitializeCommonPrefs", true);
Deleted : user_pref("CT2851639.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2851639.InstallationId", "fftDF42.tmp.exe");
Deleted : user_pref("CT2851639.InstallationType", "XPE");
Deleted : user_pref("CT2851639.InstalledDate", "Sat May 05 2012 09:26:10 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2851639.InvalidateCache", false);
Deleted : user_pref("CT2851639.IsAlertDBUpdated", true);
Deleted : user_pref("CT2851639.IsGrouping", false);
Deleted : user_pref("CT2851639.IsInitSetupIni", true);
Deleted : user_pref("CT2851639.IsMulticommunity", false);
Deleted : user_pref("CT2851639.IsOpenThankYouPage", true);
Deleted : user_pref("CT2851639.IsOpenUninstallPage", false);
Deleted : user_pref("CT2851639.LanguagePackLastCheckTime", "Thu Jul 19 2012 12:38:06 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT2851639.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2851639.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2851639.LastLogin_3.12.0.8", "Sat May 05 2012 09:26:13 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2851639.LastLogin_3.12.2.3", "Wed May 30 2012 06:06:54 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2851639.LastLogin_3.13.0.6", "Thu Jul 19 2012 12:36:21 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2851639.LastLogin_3.14.1.0", "Fri Jul 20 2012 07:47:16 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2851639.LatestVersion", "3.13.0.6");
Deleted : user_pref("CT2851639.Locale", "fr");
Deleted : user_pref("CT2851639.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2851639.MCDetectTooltipShow", false);
Deleted : user_pref("CT2851639.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2851639.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2851639.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2851639.OriginalFirstVersion", "3.12.0.8");
Deleted : user_pref("CT2851639.RadioLastCheckTime", "0");
Deleted : user_pref("CT2851639.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT2851639.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2851639.RadioShrinked", "shrinked");
Deleted : user_pref("CT2851639.RadioShrinkedFromSetup", true);
Deleted : user_pref("CT2851639.SHRINK_TOOLBAR", 0);
Deleted : user_pref("CT2851639.SearchBackToDefaultEngine", false);
Deleted : user_pref("CT2851639.SearchBoxWidth", 150);
Deleted : user_pref("CT2851639.SearchCaption", "uTorrentBar_FR Customized Web Search");
Deleted : user_pref("CT2851639.SearchEngine", "Logiciel||hxxp://www.softonic.com/s/UCM_SEARCH_TERM?ptn=conduit[...]
Deleted : user_pref("CT2851639.SearchEngineBeforeUnload", "Google");
Deleted : user_pref("CT2851639.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2851639.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]
Deleted : user_pref("CT2851639.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2851639.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2851639.SearchInNewTabLastCheckTime", "Thu Jul 19 2012 16:04:38 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT2851639.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2851639.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2851639.SearchProtectorEnabled", false);
Deleted : user_pref("CT2851639.SearchProtectorToolbarDisabled", true);
Deleted : user_pref("CT2851639.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2851639.ServiceMapLastCheckTime", "Thu Jul 19 2012 16:04:38 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT2851639.SettingsLastCheckTime", "Fri Jul 20 2012 07:47:16 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2851639.SettingsLastUpdate", "1340630740");
Deleted : user_pref("CT2851639.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2851639&SearchSource=13");
Deleted : user_pref("CT2851639.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2851639.ThirdPartyComponentsLastCheck", "Sat May 05 2012 09:26:09 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT2851639.ThirdPartyComponentsLastUpdate", "1331805999");
Deleted : user_pref("CT2851639.ToolbarDisabled", true);
Deleted : user_pref("CT2851639.ToolbarShrinkedFromSetup", true);
Deleted : user_pref("CT2851639.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2851639");
Deleted : user_pref("CT2851639.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2851639.UserID", "UN30655527919976290");
Deleted : user_pref("CT2851639.ValidationData_Search", 1);
Deleted : user_pref("CT2851639.ValidationData_Toolbar", 1);
Deleted : user_pref("CT2851639.WeatherNetwork", "");
Deleted : user_pref("CT2851639.WeatherPollDate", "Sat May 05 2012 09:26:13 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2851639.WeatherUnit", "C");
Deleted : user_pref("CT2851639.alertChannelId", "1243674");
Deleted : user_pref("CT2851639.approveUntrustedApps", true);
Deleted : user_pref("CT2851639.autoDisableScopes", -1);
Deleted : user_pref("CT2851639.backendstorage.cbcountry_000", "4341");
Deleted : user_pref("CT2851639.backendstorage.cbfirsttime", "536174204D617920303520323031322030393A32363A31352[...]
Deleted : user_pref("CT2851639.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Deleted : user_pref("CT2851639.componentAlertEnabled", false);
Deleted : user_pref("CT2851639.components.1000034", false);
Deleted : user_pref("CT2851639.components.1000234", false);
Deleted : user_pref("CT2851639.components.129351529701212556", false);
Deleted : user_pref("CT2851639.components.129351529703087570", false);
Deleted : user_pref("CT2851639.components.129351529703087571", false);
Deleted : user_pref("CT2851639.components.129422840102831305", false);
Deleted : user_pref("CT2851639.components.129544678881551249", false);
Deleted : user_pref("CT2851639.components.129791404828153723", false);
Deleted : user_pref("CT2851639.components.2548968607390276962", false);
Deleted : user_pref("CT2851639.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2851639.globalFirstTimeInfoLastCheckTime", "Sat May 05 2012 09:26:10 GMT-0400 (Eastern [...]
Deleted : user_pref("CT2851639.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2851639.initDone", true);
Deleted : user_pref("CT2851639.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2851639.isFirstRadioInstallation", false);
Deleted : user_pref("CT2851639.isSearchProtectorNotifyChanges", false);
Deleted : user_pref("CT2851639.myStuffEnabled", true);
Deleted : user_pref("CT2851639.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2851639.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2851639.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2851639.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2851639.navigateToUrlOnSearch", false);
Deleted : user_pref("CT2851639.revertSettingsEnabled", false);
Deleted : user_pref("CT2851639.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2851639.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2851639.testingCtid", "");
Deleted : user_pref("CT2851639.toolbarAppMetaDataLastCheckTime", "Thu Jul 19 2012 16:04:38 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2851639.toolbarContextMenuLastCheckTime", "Sat May 05 2012 09:26:13 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2851639.usageEnabled", false);
Deleted : user_pref("CT2851639.usagesFlag", 2);
Deleted : user_pref("CT3101810.1000082.isDisplayHidden", "true");
Deleted : user_pref("CT3101810.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT3101810.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Deleted : user_pref("CT3101810.1000234.TWC_TMP_city", "MONTREAL");
Deleted : user_pref("CT3101810.1000234.TWC_TMP_country", "CA");
Deleted : user_pref("CT3101810.1000234.TWC_locId", "CAXX0301");
Deleted : user_pref("CT3101810.1000234.TWC_location", "Montreal, Canada");
Deleted : user_pref("CT3101810.1000234.TWC_region", "OT");
Deleted : user_pref("CT3101810.1000234.TWC_temp_dis", "c");
Deleted : user_pref("CT3101810.1000234.TWC_wind_dis", "kmh");
Deleted : user_pref("CT3101810.1000234.weatherData", "{\"icon\":\"26.png\",\"temperature\":\"-8°C\",\"temperat[...]
Deleted : user_pref("CT3101810.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3101810.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3101810.FirstTime", "true");
Deleted : user_pref("CT3101810.FirstTimeFF3", "true");
Deleted : user_pref("CT3101810.LoginRevertSettingsEnabled", false);
Deleted : user_pref("CT3101810.RevertSettingsEnabled", false);
Deleted : user_pref("CT3101810.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT310[...]
Deleted : user_pref("CT3101810.UserID", "UN65914547747169693");
Deleted : user_pref("CT3101810.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3101810.autoDisableScopes", -1);
Deleted : user_pref("CT3101810.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT3101810.defaultSearch", "true");
Deleted : user_pref("CT3101810.embeddedsData", "[{\"appId\":\"129610751169335742\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3101810.enableAlerts", "false");
Deleted : user_pref("CT3101810.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT3101810.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3101810.fixPageNotFoundError", "true");
Deleted : user_pref("CT3101810.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3101810.fixUrls", true);
Deleted : user_pref("CT3101810.installId", "ConduitNSISIntegration");
Deleted : user_pref("CT3101810.installType", "ConduitNSISIntegration");
Deleted : user_pref("CT3101810.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3101810.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3101810.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3101810.isNewTabEnabled", false);
Deleted : user_pref("CT3101810.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3101810.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3101810.keyword", true);
Deleted : user_pref("CT3101810.migrateAppsAndComponents", true);
Deleted : user_pref("CT3101810.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Deleted : user_pref("CT3101810.openThankYouPage", "false");
Deleted : user_pref("CT3101810.openUninstallPage", "true");
Deleted : user_pref("CT3101810.search.searchAppId", "129610751169335742");
Deleted : user_pref("CT3101810.search.searchCount", "0");
Deleted : user_pref("CT3101810.searchInNewTabEnabled", "false");
Deleted : user_pref("CT3101810.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3101810.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3101810.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3101810.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3101810.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3101810.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3101810.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3101810.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3101810.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT3101810.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1346709838755");
Deleted : user_pref("CT3101810.serviceLayer_services_appsMetadata_lastUpdate", "1346709838723");
Deleted : user_pref("CT3101810.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1346709839050");
Deleted : user_pref("CT3101810.serviceLayer_services_login_10.10.27.6_lastUpdate", "1352322634292");
Deleted : user_pref("CT3101810.serviceLayer_services_login_10.13.40.15_lastUpdate", "1354828584555");
Deleted : user_pref("CT3101810.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1346709839656");
Deleted : user_pref("CT3101810.serviceLayer_services_searchAPI_lastUpdate", "1346709836849");
Deleted : user_pref("CT3101810.serviceLayer_services_serviceMap_lastUpdate", "1354747351236");
Deleted : user_pref("CT3101810.serviceLayer_services_toolbarContextMenu_lastUpdate", "1346709839331");
Deleted : user_pref("CT3101810.serviceLayer_services_toolbarSettings_lastUpdate", "1354828584299");
Deleted : user_pref("CT3101810.serviceLayer_services_translation_lastUpdate", "1354747351292");
Deleted : user_pref("CT3101810.settingsINI", true);
Deleted : user_pref("CT3101810.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3101810.smartbar.CTID", "CT3101810");
Deleted : user_pref("CT3101810.smartbar.Uninstall", "0");
Deleted : user_pref("CT3101810.smartbar.homepage", true);
Deleted : user_pref("CT3101810.smartbar.isHidden", true);
Deleted : user_pref("CT3101810.smartbar.toolbarName", "Somoto ");
Deleted : user_pref("CT3101810.startPage", "userChanged");
Deleted : user_pref("CT3101810.toolbarBornServerTime", "4-9-2012");
Deleted : user_pref("CT3101810.toolbarCurrentServerTime", "7-12-2012");
Deleted : user_pref("CT3101810.upgradeFromClearSBVersion", true);
Deleted : user_pref("CT3101810_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("CT3184201..clientLogIsEnabled", true);
Deleted : user_pref("CT3184201..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT3184201..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT3184201.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT3184201.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_129724205037270565", true);
Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_129724205037426813", true);
Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_1330956386000", true);
Deleted : user_pref("CT3184201.BrowserCompStateIsOpen_6565815752657123216", true);
Deleted : user_pref("CT3184201.CTID", "CT3184201");
Deleted : user_pref("CT3184201.CurrentServerDate", "20-7-2012");
Deleted : user_pref("CT3184201.DSInstall", true);
Deleted : user_pref("CT3184201.DialogsAlignMode", "LTR");
Deleted : user_pref("CT3184201.DialogsGetterLastCheckTime", "Thu Jul 19 2012 21:53:13 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT3184201.DownloadReferralCookieData", "");
Deleted : user_pref("CT3184201.EMailNotifierPollDate", "Fri Jul 20 2012 07:47:16 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT3184201.EnableClickToSearchBox", false);
Deleted : user_pref("CT3184201.EnableSearchHistory", false);
Deleted : user_pref("CT3184201.EnableSearchSuggest", false);
Deleted : user_pref("CT3184201.ExternalComponentPollDate5342832749374672449", "Fri Jul 20 2012 07:48:54 GMT-04[...]
Deleted : user_pref("CT3184201.FeedLastCount129724205037739308", 217);
Deleted : user_pref("CT3184201.FeedPollDate129237173390688207", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT3184201.FeedPollDate129237173390688210", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT3184201.FeedPollDate129238703378572556", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT3184201.FeedPollDate129238703378572557", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT3184201.FeedPollDate129238703378572558", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT3184201.FeedPollDate129238703378572559", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT3184201.FeedPollDate129238703378572560", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT3184201.FeedPollDate129238824209885828", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT3184201.FeedPollDate129238824209885829", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT3184201.FeedPollDate129238824209885830", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT3184201.FeedTTL129237173390688207", 40);
Deleted : user_pref("CT3184201.FeedTTL129237173390688210", 40);
Deleted : user_pref("CT3184201.FeedTTL129238703378572556", 40);
Deleted : user_pref("CT3184201.FeedTTL129238703378572557", 40);
Deleted : user_pref("CT3184201.FeedTTL129238703378572558", 40);
Deleted : user_pref("CT3184201.FeedTTL129238703378572559", 40);
Deleted : user_pref("CT3184201.FeedTTL129238703378572560", 40);
Deleted : user_pref("CT3184201.FeedTTL129238824209885828", 40);
Deleted : user_pref("CT3184201.FeedTTL129238824209885829", 40);
Deleted : user_pref("CT3184201.FeedTTL129238824209885830", 40);
Deleted : user_pref("CT3184201.FirstServerDate", "20-7-2012");
Deleted : user_pref("CT3184201.FirstTime", true);
Deleted : user_pref("CT3184201.FirstTimeFF3", true);
Deleted : user_pref("CT3184201.FirstTimeHiddenVer", true);
Deleted : user_pref("CT3184201.FixPageNotFoundErrors", false);
Deleted : user_pref("CT3184201.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT3184201.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT3184201.HPInstall", true);
Deleted : user_pref("CT3184201.HasUserGlobalKeys", true);
Deleted : user_pref("CT3184201.HomePageProtectorEnabled", false);
Deleted : user_pref("CT3184201.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT3184201&SearchSource=[...]
Deleted : user_pref("CT3184201.Initialize", true);
Deleted : user_pref("CT3184201.InitializeCommonPrefs", true);
Deleted : user_pref("CT3184201.InstallationAndCookieDataSentCount", 2);
Deleted : user_pref("CT3184201.InstallationId", "ConduitNSISIntegration");
Deleted : user_pref("CT3184201.InstallationType", "ConduitNSISIntegration");
Deleted : user_pref("CT3184201.InstalledDate", "Thu Jul 19 2012 21:53:14 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT3184201.InvalidateCache", false);
Deleted : user_pref("CT3184201.IsAlertDBUpdated", true);
Deleted : user_pref("CT3184201.IsGrouping", false);
Deleted : user_pref("CT3184201.IsInitSetupIni", true);
Deleted : user_pref("CT3184201.IsMulticommunity", false);
Deleted : user_pref("CT3184201.IsOpenThankYouPage", false);
Deleted : user_pref("CT3184201.IsOpenUninstallPage", false);
Deleted : user_pref("CT3184201.IsProtectorsInit", true);
Deleted : user_pref("CT3184201.LanguagePackLastCheckTime", "Thu Jul 19 2012 21:53:14 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT3184201.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT3184201.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT3184201.LastLogin_3.14.1.0", "Fri Jul 20 2012 07:47:16 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT3184201.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT3184201.Locale", "en");
Deleted : user_pref("CT3184201.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT3184201.MCDetectTooltipShow", false);
Deleted : user_pref("CT3184201.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT3184201.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT3184201.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT3184201.OriginalFirstVersion", "3.14.1.0");
Deleted : user_pref("CT3184201.RadioIsPodcast", false);
Deleted : user_pref("CT3184201.RadioLastCheckTime", "Thu Jul 19 2012 21:53:14 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT3184201.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT3184201.RadioLastUpdateServer", "3");
Deleted : user_pref("CT3184201.RadioMediaID", "9962");
Deleted : user_pref("CT3184201.RadioMediaType", "Media Player");
Deleted : user_pref("CT3184201.RadioMenuSelectedID", "EBRadioMenu_CT31842019962");
Deleted : user_pref("CT3184201.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT3184201.RadioStationName", "California%20Rock");
Deleted : user_pref("CT3184201.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT3184201.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT3184201.SavedHomepage", "hxxp://www.cinoche.com/concours.html");
Deleted : user_pref("CT3184201.SearchBackToDefaultEngine", false);
Deleted : user_pref("CT3184201.SearchCaption", "midicairus Customized Web Search");
Deleted : user_pref("CT3184201.SearchEngineBeforeUnload", "midicairus Customized Web Search");
Deleted : user_pref("CT3184201.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT3184201.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT318[...]
Deleted : user_pref("CT3184201.SearchInNewTabEnabled", true);
Deleted : user_pref("CT3184201.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT3184201.SearchInNewTabLastCheckTime", "Thu Jul 19 2012 21:53:14 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT3184201.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT3184201.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT3184201.SearchProtectorEnabled", true);
Deleted : user_pref("CT3184201.SearchProtectorToolbarDisabled", true);
Deleted : user_pref("CT3184201.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT3184201.ServiceMapLastCheckTime", "Thu Jul 19 2012 21:53:13 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT3184201.SettingsLastCheckTime", "Fri Jul 20 2012 07:47:16 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT3184201.SettingsLastUpdate", "1342354837");
Deleted : user_pref("CT3184201.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3184201&SearchSource=13");
Deleted : user_pref("CT3184201.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT3184201.ThirdPartyComponentsLastCheck", "Thu Jul 19 2012 21:53:13 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT3184201.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT3184201.ToolbarDisabled", true);
Deleted : user_pref("CT3184201.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT3184201.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3184201");
Deleted : user_pref("CT3184201.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT3184201.UserID", "UN33790472046470343");
Deleted : user_pref("CT3184201.WeatherNetwork", "");
Deleted : user_pref("CT3184201.WeatherPollDate", "Fri Jul 20 2012 07:47:18 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT3184201.WeatherUnit", "C");
Deleted : user_pref("CT3184201.alertChannelId", "1594758");
Deleted : user_pref("CT3184201.approveUntrustedApps", false);
Deleted : user_pref("CT3184201.autoDisableScopes", -1);
Deleted : user_pref("CT3184201.backendstorage.c2p_iframe_md5", "6537663536626130396366633837326231393531333264[...]
Deleted : user_pref("CT3184201.backendstorage.cbcountry_001", "4341");
Deleted : user_pref("CT3184201.backendstorage.cbfirsttime", "546875204A756C20313920323031322032313A35333A31372[...]
Deleted : user_pref("CT3184201.backendstorage.installationdate14cd7187-6ab1-4fa7-a5ac-ddfa5773148a", "31333432[...]
Deleted : user_pref("CT3184201.backendstorage.shoppingapp.gk.exipres", "547565204A756C20323420323031322032313A[...]
Deleted : user_pref("CT3184201.backendstorage.shoppingapp.gk.geolocation", "63616E616461");
Deleted : user_pref("CT3184201.backendstorage.toolbarappheartbeat", "7B2231346364373138372D366162312D346661372[...]
Deleted : user_pref("CT3184201.backendstorage.toolbarnotificationheartbeat", "7B2274797065223A2268656172746265[...]
Deleted : user_pref("CT3184201.backendstorage.toolbarnotificationqueue", "5B7B22617070223A2231346364373138372D[...]
Deleted : user_pref("CT3184201.backendstorage.toolbarnotificationsettings", "7B2273656E644E6F74696669636174696[...]
Deleted : user_pref("CT3184201.backendstorage.toolbarnotificationuserid", "34313434313238373037");
Deleted : user_pref("CT3184201.components.1000034", false);
Deleted : user_pref("CT3184201.components.1000080", false);
Deleted : user_pref("CT3184201.components.1000082", false);
Deleted : user_pref("CT3184201.components.1000234", false);
Deleted : user_pref("CT3184201.components.129724205034145620", false);
Deleted : user_pref("CT3184201.components.129724205036020587", false);
Deleted : user_pref("CT3184201.components.129724205037114317", false);
Deleted : user_pref("CT3184201.components.129724205037270565", false);
Deleted : user_pref("CT3184201.components.129724205037426813", false);
Deleted : user_pref("CT3184201.components.129724205037739308", false);
Deleted : user_pref("CT3184201.components.129724205038051804", false);
Deleted : user_pref("CT3184201.components.129724205038520546", false);
Deleted : user_pref("CT3184201.components.129724205039301782", false);
Deleted : user_pref("CT3184201.components.129724205040551760", false);
Deleted : user_pref("CT3184201.components.129822632744715898", false);
Deleted : user_pref("CT3184201.components.1330956386000", false);
Deleted : user_pref("CT3184201.components.1958179879799928720", false);
Deleted : user_pref("CT3184201.components.4950963945127914423", false);
Deleted : user_pref("CT3184201.components.5342832749374672449", false);
Deleted : user_pref("CT3184201.components.6565815752657123216", false);
Deleted : user_pref("CT3184201.components.8446616961328789392", false);
Deleted : user_pref("CT3184201.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT3184201.globalFirstTimeInfoLastCheckTime", "Thu Jul 19 2012 21:53:13 GMT-0400 (Eastern [...]
Deleted : user_pref("CT3184201.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT3184201.initDone", true);
Deleted : user_pref("CT3184201.isAppTrackingManagerOn", true);
Deleted : user_pref("CT3184201.isFirstRadioInstallation", false);
Deleted : user_pref("CT3184201.isSearchProtectorNotifyChanges", false);
Deleted : user_pref("CT3184201.myStuffEnabled", true);
Deleted : user_pref("CT3184201.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT3184201.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT3184201.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT3184201.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT3184201.navigateToUrlOnSearch", false);
Deleted : user_pref("CT3184201.revertSettingsEnabled", false);
Deleted : user_pref("CT3184201.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT3184201.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT3184201.testingCtid", "");
Deleted : user_pref("CT3184201.toolbarAppMetaDataLastCheckTime", "Thu Jul 19 2012 21:53:13 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT3184201.toolbarContextMenuLastCheckTime", "Thu Jul 19 2012 21:53:14 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT3184201.usageEnabled", false);
Deleted : user_pref("CT3184201.usagesFlag", 2);
Deleted : user_pref("CT3198785.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT3198785.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Deleted : user_pref("CT3198785.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3198785.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3198785.FirstTime", "true");
Deleted : user_pref("CT3198785.FirstTimeFF3", "true");
Deleted : user_pref("CT3198785.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT319[...]
Deleted : user_pref("CT3198785.UserID", "UN40969759615022470");
Deleted : user_pref("CT3198785.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3198785.autoDisableScopes", -1);
Deleted : user_pref("CT3198785.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT3198785.cbcountry_001", "CA");
Deleted : user_pref("CT3198785.cbfirsttime", "Fri Jul 20 2012 08:37:26 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT3198785.defaultSearch", "true");
Deleted : user_pref("CT3198785.embeddedsData", "[{\"appId\":\"129761883813986480\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3198785.enableAlerts", "always");
Deleted : user_pref("CT3198785.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT3198785.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3198785.first_time_search", "1");
Deleted : user_pref("CT3198785.fixPageNotFoundError", "true");
Deleted : user_pref("CT3198785.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3198785.fixUrls", true);
Deleted : user_pref("CT3198785.installId", "ConduitNSISIntegration");
Deleted : user_pref("CT3198785.installType", "ConduitNSISIntegration");
Deleted : user_pref("CT3198785.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3198785.isNewTabEnabled", true);
Deleted : user_pref("CT3198785.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3198785.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3198785.keyword", true);
Deleted : user_pref("CT3198785.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\" Ican’tuninstallthemidicairustoo[...]
Deleted : user_pref("CT3198785.openThankYouPage", "false");
Deleted : user_pref("CT3198785.openUninstallPage", "true");
Deleted : user_pref("CT3198785.search.searchAppId", "129761883813986480");
Deleted : user_pref("CT3198785.search.searchCount", "0");
Deleted : user_pref("CT3198785.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3198785.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3198785.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3198785.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3198785.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3198785.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3198785.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3198785.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3198785.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1342787844463");
Deleted : user_pref("CT3198785.serviceLayer_services_appTracking_lastUpdate", "1342787845443");
Deleted : user_pref("CT3198785.serviceLayer_services_appsMetadata_lastUpdate", "1342787844425");
Deleted : user_pref("CT3198785.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1342787844616");
Deleted : user_pref("CT3198785.serviceLayer_services_login_10.10.20.14_lastUpdate", "1342787845351");
Deleted : user_pref("CT3198785.serviceLayer_services_optimizer_lastUpdate", "1342787844920");
Deleted : user_pref("CT3198785.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1342787844638");
Deleted : user_pref("CT3198785.serviceLayer_services_searchAPI_lastUpdate", "1342787844207");
Deleted : user_pref("CT3198785.serviceLayer_services_serviceMap_lastUpdate", "1342787844085");
Deleted : user_pref("CT3198785.serviceLayer_services_toolbarContextMenu_lastUpdate", "1342787844594");
Deleted : user_pref("CT3198785.serviceLayer_services_toolbarSettings_lastUpdate", "1342787844166");
Deleted : user_pref("CT3198785.serviceLayer_services_translation_lastUpdate", "1342787844455");
Deleted : user_pref("CT3198785.settingsINI", true);
Deleted : user_pref("CT3198785.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3198785.smartbar.CTID", "CT3198785");
Deleted : user_pref("CT3198785.smartbar.Uninstall", "0");
Deleted : user_pref("CT3198785.smartbar.homepage", true);
Deleted : user_pref("CT3198785.smartbar.toolbarName", "WhiteSmoke US ");
Deleted : user_pref("CT3198785.toolbarBornServerTime", "20-7-2012");
Deleted : user_pref("CT3198785.toolbarCurrentServerTime", "20-7-2012");
Deleted : user_pref("CT3198785.toolbarDisabled", "true");
Deleted : user_pref("CT3198785.url_history0001", "hxxp://midicairus.greattoolbars.com/Support/:::clickhandler:[...]
Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3184201&Search[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "midicairus Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2851639/CT2851639[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3184201/CT3184201[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851639", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3184201", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851639",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3184201",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"229[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr", "\"94c[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/15846407.xml", "\"3d36fae8fd045e032a3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16190898.xml", "\"0fb5a65e76c56a3f742[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16727535.xml", "\"ab5747e131316fa87e5[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17461978.xml", "\"81a741377008a8d8623[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/18676177.xml", "\"19d7dd0161dd903a41a[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19058681.xml", "\"62b1fc7bf1e0aa64f65[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19554706.xml", "\"7858ac99a8fe3bf33c6[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/21324258.xml", "\"a08cf1ccad4190504d2[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/21879024.xml", "\"2e3b9f6288c53981918[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/2883841.xml", "\"d87f19d00afba49a29cf[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Fred\\AppData\\Roaming\\Mozilla\\Fi[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.searchqu.com/web?src=ffb&appi[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2851639,CT3184201");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2851639,CT3184201");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2851639,CT3184201");
Deleted : user_pref("CommunityToolbar.globalUserId", "95b919b6-20de-4ac5-8593-4273f7bebf1c");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Jul 20 2012 07:47:1[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Jul 20 2012 07:47:17 GMT-0400 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "95581675-5f71-49e4-91e2-9c60dedba8fd");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.cinoche.com/concours.html");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Deleted : user_pref("CommunityToolbar.twitter.user_15846407.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400[...]
Deleted : user_pref("CommunityToolbar.twitter.user_16190898.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400[...]
Deleted : user_pref("CommunityToolbar.twitter.user_16727535.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400[...]
Deleted : user_pref("CommunityToolbar.twitter.user_17461978.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400[...]
Deleted : user_pref("CommunityToolbar.twitter.user_18676177.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400[...]
Deleted : user_pref("CommunityToolbar.twitter.user_19058681.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400[...]
Deleted : user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400[...]
Deleted : user_pref("CommunityToolbar.twitter.user_21324258.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400[...]
Deleted : user_pref("CommunityToolbar.twitter.user_21879024.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400[...]
Deleted : user_pref("CommunityToolbar.twitter.user_2883841.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400 [...]
Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://www.searchqu.com/web?src=ffb&appid=102&sy[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3101810");
Deleted : user_pref("browser.search.defaultthis.engineName", "midicairus Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3184201&Sea[...]
Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.id", "9651078d000000000000180373df3cec");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15675");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "irhnew");
Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110824&tt=4812_[...]
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.822:56:01");
Deleted : user_pref("extensions.Softonic.admin", false);
Deleted : user_pref("extensions.Softonic.aflt", "SD");
Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
Deleted : user_pref("extensions.Softonic.cntry", "CA");
Deleted : user_pref("extensions.Softonic.cv", "cv5");
Deleted : user_pref("extensions.Softonic.dfltLng", "fr");
Deleted : user_pref("extensions.Softonic.dfltSrch", true);
Deleted : user_pref("extensions.Softonic.dfltlng", "fr");
Deleted : user_pref("extensions.Softonic.dfltsrch", true);
Deleted : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");
Deleted : user_pref("extensions.Softonic.dspOld", "Google");
Deleted : user_pref("extensions.Softonic.envrmnt", "production");
Deleted : user_pref("extensions.Softonic.excTlbr", false);
Deleted : user_pref("extensions.Softonic.hdrMd5", "B5F9D31495CB115494A35C915C62BAE1");
Deleted : user_pref("extensions.Softonic.hmpg", true);
Deleted : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF00043/tb_v1?SearchSource=13&[...]
Deleted : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/INF00043/tb_v1?SearchSource=13&cc[...]
Deleted : user_pref("extensions.Softonic.hpOld", "hxxp://www.cyberpresse.ca/");
Deleted : user_pref("extensions.Softonic.hrdid", "9651078d000000000000180373df3cec");
Deleted : user_pref("extensions.Softonic.id", "9651078d000000000000180373df3cec");
Deleted : user_pref("extensions.Softonic.instlDay", "15674");
Deleted : user_pref("extensions.Softonic.instlRef", "INF00043");
Deleted : user_pref("extensions.Softonic.instlday", "15674");
Deleted : user_pref("extensions.Softonic.instlref", "INF00043");
Deleted : user_pref("extensions.Softonic.isdcmntcmplt", "false");
Deleted : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/INF00043/tb_v1?SearchSource=[...]
Deleted : user_pref("extensions.Softonic.keywordurl", "hxxp://search.softonic.com/INF00043/tb_v1?SearchSource=[...]
Deleted : user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.47:01:52");
Deleted : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Deleted : user_pref("extensions.Softonic.newTab", true);
Deleted : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF00043/tb_v1?SearchSource=1[...]
Deleted : user_pref("extensions.Softonic.newtab", true);
Deleted : user_pref("extensions.Softonic.newtaburl", "hxxp://search.softonic.com/INF00043/tb_v1?SearchSource=1[...]
Deleted : user_pref("extensions.Softonic.prdct", "Softonic");
Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");
Deleted : user_pref("extensions.Softonic.prtnrid", "softonic");
Deleted : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Deleted : user_pref("extensions.Softonic.savedVrsnTs", "1");
Deleted : user_pref("extensions.Softonic.sg", "az");
Deleted : user_pref("extensions.Softonic.smplGrp", "none");
Deleted : user_pref("extensions.Softonic.smplgrp", "none");
Deleted : user_pref("extensions.Softonic.srch", "");
Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Deleted : user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)");
Deleted : user_pref("extensions.Softonic.tlbrId", "BASEirobinhoodActive");
Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF00043/tb_v1?SearchSource[...]
Deleted : user_pref("extensions.Softonic.tlbrid", "BASEirobinhoodActive");
Deleted : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/INF00043/tb_v1?SearchSource[...]
Deleted : user_pref("extensions.Softonic.vrsn", "1.6.7.4");
Deleted : user_pref("extensions.Softonic.vrsnTs", "1.6.7.47:01:52");
Deleted : user_pref("extensions.Softonic.vrsni", "1.6.7.4");
Deleted : user_pref("extensions.Softonic.vrsnts", "1.6.7.47:01:52");
Deleted : user_pref("extensions.Softonic_i.dnsErr", true);
Deleted : user_pref("extensions.Softonic_i.hmpg", true);
Deleted : user_pref("extensions.Softonic_i.newTab", true);
Deleted : user_pref("extensions.Softonic_i.smplGrp", "none");
Deleted : user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.47:01:52");
Deleted : user_pref("extensions.defaulttab.config", "{\"status\": \"ok\", \"config\": {\"dns_error_handling\":[...]
Deleted : user_pref("extensions.enabledAddons", "%7B5D3F3872-91E9-4d59-AD9F-AA174A3145DD%7D:2.00,ffxtlbra%40so[...]
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3101810&SearchSource=2&q=[...]
Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT310[...]

fbriss

Rookie Surfer
Rookie Surfer

Posts : 52
Joined : 2008-12-01
Operating System : XP

View user profile

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by fbriss on Fri 07 Dec 2012, 3:38 pm

Profile name : default
File : C:\Users\Audrey\AppData\Roaming\Mozilla\Firefox\Profiles\40dpmmem.default\prefs.js

Deleted : user_pref("CT3196716..clientLogIsEnabled", false);
Deleted : user_pref("CT3196716..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT3196716..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT3196716.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT3196716.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT3196716.AppTrackingLastCheckTime", "Mon Aug 06 2012 23:56:52 GMT-0400 (Eastern Daylight[...]
Deleted : user_pref("CT3196716.BrowserCompStateIsOpen_129774122767598898", true);
Deleted : user_pref("CT3196716.BrowserCompStateIsOpen_3263554499264134319", true);
Deleted : user_pref("CT3196716.BrowserCompStateIsOpen_4711547172607932304", true);
Deleted : user_pref("CT3196716.CT3196716", "CT3196716");
Deleted : user_pref("CT3196716.CurrentServerDate", "11-9-2012");
Deleted : user_pref("CT3196716.DSInstall", false);
Deleted : user_pref("CT3196716.DialogsAlignMode", "LTR");
Deleted : user_pref("CT3196716.DialogsGetterLastCheckTime", "Sun Sep 09 2012 09:06:13 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT3196716.DownloadReferralCookieData", "");
Deleted : user_pref("CT3196716.EMailNotifierPollDate", "Thu Jul 19 2012 21:55:59 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT3196716.ExternalComponentPollDate129755756828511878", "Sun Sep 09 2012 09:06:12 GMT-040[...]
Deleted : user_pref("CT3196716.ExternalComponentPollDate129757581393447276", "Sun Sep 09 2012 09:06:12 GMT-040[...]
Deleted : user_pref("CT3196716.ExternalComponentPollDate129844886196746599", "Thu Jul 19 2012 21:47:15 GMT-040[...]
Deleted : user_pref("CT3196716.ExternalComponentPollDate129844886197059098", "Sun Aug 05 2012 23:15:50 GMT-040[...]
Deleted : user_pref("CT3196716.FirstServerDate", "20-7-2012");
Deleted : user_pref("CT3196716.FirstTime", true);
Deleted : user_pref("CT3196716.FirstTimeFF3", true);
Deleted : user_pref("CT3196716.FirstTimeHiddenVer", true);
Deleted : user_pref("CT3196716.FixPageNotFoundErrors", true);
Deleted : user_pref("CT3196716.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT3196716.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT3196716.HPInstall", false);
Deleted : user_pref("CT3196716.HasUserGlobalKeys", true);
Deleted : user_pref("CT3196716.HomePageProtectorEnabled", false);
Deleted : user_pref("CT3196716.HomepageBeforeUnload", "hxxp://g.msn.com/USCON/23");
Deleted : user_pref("CT3196716.Initialize", true);
Deleted : user_pref("CT3196716.InitializeCommonPrefs", true);
Deleted : user_pref("CT3196716.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT3196716.InstallationType", "Unknown");
Deleted : user_pref("CT3196716.InstalledDate", "Thu Jul 19 2012 21:47:16 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT3196716.InvalidateCache", false);
Deleted : user_pref("CT3196716.IsAlertDBUpdated", true);
Deleted : user_pref("CT3196716.IsGrouping", false);
Deleted : user_pref("CT3196716.IsInitSetupIni", true);
Deleted : user_pref("CT3196716.IsMulticommunity", false);
Deleted : user_pref("CT3196716.IsOpenThankYouPage", true);
Deleted : user_pref("CT3196716.IsOpenUninstallPage", true);
Deleted : user_pref("CT3196716.IsProtectorsInit", true);
Deleted : user_pref("CT3196716.LanguagePackLastCheckTime", "Mon Sep 10 2012 17:48:23 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT3196716.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT3196716.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT3196716.LastLogin_3.14.1.0", "Tue Sep 11 2012 07:59:41 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT3196716.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT3196716.Locale", "en");
Deleted : user_pref("CT3196716.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT3196716.MCDetectTooltipShow", false);
Deleted : user_pref("CT3196716.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT3196716.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT3196716.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT3196716.OriginalFirstVersion", "3.14.1.0");
Deleted : user_pref("CT3196716.RadioIsPodcast", false);
Deleted : user_pref("CT3196716.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT3196716.RadioLastUpdateServer", "3");
Deleted : user_pref("CT3196716.RadioMediaID", "9962");
Deleted : user_pref("CT3196716.RadioMediaType", "Media Player");
Deleted : user_pref("CT3196716.RadioMenuSelectedID", "EBRadioMenu_CT31967169962");
Deleted : user_pref("CT3196716.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT3196716.RadioStationName", "California%20Rock");
Deleted : user_pref("CT3196716.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT3196716.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT3196716.SearchCaption", "WiseConvert Customized Web Search");
Deleted : user_pref("CT3196716.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Deleted : user_pref("CT3196716.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT3196716.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT323[...]
Deleted : user_pref("CT3196716.SearchInNewTabEnabled", true);
Deleted : user_pref("CT3196716.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT3196716.SearchInNewTabLastCheckTime", "Mon Sep 10 2012 17:48:23 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT3196716.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT3196716.SearchProtectorEnabled", false);
Deleted : user_pref("CT3196716.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT3196716.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT3196716.ServiceMapLastCheckTime", "Mon Sep 10 2012 17:48:23 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT3196716.SettingsLastCheckTime", "Tue Sep 11 2012 07:59:41 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT3196716.SettingsLastUpdate", "1347263642");
Deleted : user_pref("CT3196716.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3230028&SearchSource=13");
Deleted : user_pref("CT3196716.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT3196716.ThirdPartyComponentsLastCheck", "Tue Sep 04 2012 18:47:55 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT3196716.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT3196716.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT3196716.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3196716");
Deleted : user_pref("CT3196716.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT3196716.UserID", "UN16838289803665133");
Deleted : user_pref("CT3196716.ValidationData_Search", 2);
Deleted : user_pref("CT3196716.ValidationData_Toolbar", 2);
Deleted : user_pref("CT3196716.WeatherNetwork", "");
Deleted : user_pref("CT3196716.WeatherPollDate", "Thu Jul 19 2012 21:47:15 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT3196716.WeatherUnit", "C");
Deleted : user_pref("CT3196716.alertChannelId", "1613210");
Deleted : user_pref("CT3196716.approveUntrustedApps", false);
Deleted : user_pref("CT3196716.backendstorage.cb_experience_000", "3132");
Deleted : user_pref("CT3196716.backendstorage.cb_firstuse0100", "31");
Deleted : user_pref("CT3196716.backendstorage.cb_user_id_000", "43423334383939303631363639395F46697265666F78")[...]
Deleted : user_pref("CT3196716.backendstorage.cbcountry_001", "4341");
Deleted : user_pref("CT3196716.backendstorage.cbfirsttime", "546875204A756C20313920323031322032313A34373A32392[...]
Deleted : user_pref("CT3196716.backendstorage.event_data", "253542253544");
Deleted : user_pref("CT3196716.backendstorage.facebook_mode", "32");
Deleted : user_pref("CT3196716.backendstorage.facebook_user_locale", "6672");
Deleted : user_pref("CT3196716.backendstorage.fired_events", "");
Deleted : user_pref("CT3196716.backendstorage.key_date", "3131");
Deleted : user_pref("CT3196716.backendstorage.shoppingapp.gk.exipres", "5361742053657020313520323031322030383A[...]
Deleted : user_pref("CT3196716.backendstorage.shoppingapp.gk.geolocation", "63616E616461");
Deleted : user_pref("CT3196716.backendstorage.url_history0001", "687474703A2F2F7777772E67617063616E6164612E636[...]
Deleted : user_pref("CT3196716.components.1000034", false);
Deleted : user_pref("CT3196716.components.1000082", false);
Deleted : user_pref("CT3196716.components.1000234", false);
Deleted : user_pref("CT3196716.components.129844886196746599", false);
Deleted : user_pref("CT3196716.components.129844886198309094", false);
Deleted : user_pref("CT3196716.components.129844886198621593", false);
Deleted : user_pref("CT3196716.components.129844886198934093", false);
Deleted : user_pref("CT3196716.components.129844886199559091", false);
Deleted : user_pref("CT3196716.components.3263554499264134319", false);
Deleted : user_pref("CT3196716.components.4711547172607932304", false);
Deleted : user_pref("CT3196716.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT3196716.globalFirstTimeInfoLastCheckTime", "Tue Sep 04 2012 18:47:56 GMT-0400 (Eastern [...]
Deleted : user_pref("CT3196716.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT3196716.initDone", true);
Deleted : user_pref("CT3196716.isAppTrackingManagerOn", false);
Deleted : user_pref("CT3196716.isFirstRadioInstallation", false);
Deleted : user_pref("CT3196716.isRevertToBase", true);
Deleted : user_pref("CT3196716.myStuffEnabled", true);
Deleted : user_pref("CT3196716.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT3196716.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT3196716.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT3196716.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT3196716.navigateToUrlOnSearch", false);
Deleted : user_pref("CT3196716.oldAppsList", "129755756823355459,129755756826636815,111,129757581393447276,129[...]
Deleted : user_pref("CT3196716.revertSettingsEnabled", false);
Deleted : user_pref("CT3196716.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT3196716.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT3196716.testingCtid", "CT3230028");
Deleted : user_pref("CT3196716.toolbarAppMetaDataLastCheckTime", "Mon Sep 10 2012 17:48:23 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT3196716.toolbarContextMenuLastCheckTime", "Fri Aug 31 2012 19:08:35 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT3196716.usagesFlag", 2);
Deleted : user_pref("CT3230028.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3196716/CT3196716[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3230028/CT3230028[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1667895/1660359/CA", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3196716", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3230028", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3196716",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3230028",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"05b[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Audrey\\AppData\\Roaming\\Mozilla\\[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://facebook.conduitapps.com/v3.13/gadget.html", [...]
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3196716");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3196716");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3196716");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Jul 19 2012 22:03:30 GMT-0400 (Eas[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "8a1890e4-6e06-4fff-9786-bb8f20ce1509");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Sep 09 2012 09:06:1[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Jul 19 2012 21:47:24 GMT-040[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Sep 10 2012 17:48:23 GMT-0400 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "b268e0ee-a1d5-4601-aac0-5e3153b67d1e");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://g.msn.com/USCON/23");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]

*************************

AdwCleaner[S1].txt - [75085 octets] - [06/12/2012 23:19:50]

########## EOF - C:\AdwCleaner[S1].txt - [75146 octets] ##########

fbriss

Rookie Surfer
Rookie Surfer

Posts : 52
Joined : 2008-12-01
Operating System : XP

View user profile

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by DragonMaster Jay on Fri 07 Dec 2012, 5:53 pm

Hi there!

ComboFix scan

Please download ComboFix by sUBs
From BleepingComputer.com

Please save the file to your Desktop.

Important information about ComboFix


After the download:

  • Close any open browsers.
  • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.

Running ComboFix:

  • Double click on ComboFix.exe & follow the prompts.
  • When ComboFix finishes, it will produce a report for you.
  • Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.

Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by fbriss on Fri 07 Dec 2012, 10:08 pm

ComboFix 12-12-04.01 - Fred 2012-12-07 5:55.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.12270.7721 [GMT -5:00]
Lancé depuis: c:\users\Fred\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6032\AddOnDownloaded\016060e8-e1de-4d82-bd11-b667007b1f12.dll
c:\programdata\PCDr\6032\AddOnDownloaded\111e1115-314f-4404-be4a-ad58e8e2423d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\1b075935-6b9c-41c2-8914-643bfe886db8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\1d151f53-1500-414d-85b4-ab85d24f0785.dll
c:\programdata\PCDr\6032\AddOnDownloaded\21eb1c2f-b0d8-40e6-96dd-163437759b68.dll
c:\programdata\PCDr\6032\AddOnDownloaded\2390e056-e2db-44ed-91a5-5ca43aefea83.dll
c:\programdata\PCDr\6032\AddOnDownloaded\2f733848-355c-4a6f-89a5-08a4dcc89c5c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\35445406-e7ed-4a0e-9922-45505e71594b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\358ba71b-117f-40d5-95aa-57de622719b7.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3d656744-60b2-4576-8124-a39729f8b522.dll
c:\programdata\PCDr\6032\AddOnDownloaded\406007ac-5ba8-43e6-97b6-0c6ed58bb6e8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\468d25c7-baa8-4db4-a17f-ceac895a9bc8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\489f121a-4538-4839-9d1d-3c48e590be59.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4cfdf1e7-d0b2-449c-bd2d-084cd975e5d8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4f1c58d6-ca02-4906-b156-709481baca61.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4f64943e-d62a-4f2e-a3cd-98fb91e30469.dll
c:\programdata\PCDr\6032\AddOnDownloaded\59bb1a7b-2122-4c71-82b0-30bee96f063e.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7119bf4b-d404-4b31-8779-44fac71761fa.dll
c:\programdata\PCDr\6032\AddOnDownloaded\72f0dc20-5af7-4221-9657-442597ce030b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\73a14ca6-4567-413f-a60f-d04159cb72eb.dll
c:\programdata\PCDr\6032\AddOnDownloaded\75c8751b-fcad-4846-80ce-3a2efec60612.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7779c9df-2dc0-4fd5-92bb-c64027285f8b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7873d595-5f4a-443e-b464-7a2503a87d74.dll
c:\programdata\PCDr\6032\AddOnDownloaded\788ad19e-7745-402f-a5a5-20d2ab8b5f1b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\8a7e779d-1e14-4f91-a1b0-82dc746441b1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\9881c561-a45a-4c53-9d45-de93a99e2898.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b72409f9-df97-4592-bbfd-fff1ce0a9559.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ba58cab8-833c-4868-95e2-cff538a852a7.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bbd4d2b0-9dc6-46d0-a352-dbcd92f63c4d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\cb7af81b-44d9-4f99-b223-18a71e8c85b6.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d220b53c-6a3c-4b5d-8797-965d39e82fff.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d3ef65ec-842a-4640-b428-aca2f4a966e6.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d78fa15b-2d61-4303-adaa-edec9ebbb2b3.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e16f2788-babe-4a60-93d0-d507a5228753.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ff24953d-0c6e-4af9-a727-84ce58c99035.dll
c:\users\Audrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\{08365F33-1BEE-4556-BA82-64408B15683B}.xps
c:\users\Audrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\{19F9F246-98E3-4677-8AC7-4507B7D1EC34}.xps
c:\users\Audrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\{1AB2565D-D719-456C-B406-014A2A44C554}.xps
c:\users\Audrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\{2E15A563-9C6D-419F-8633-93FB4640F161}.xps
c:\users\Audrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\{32859463-6CA9-4B93-8A75-D4686C082914}.xps
c:\users\Audrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\{33C84FC4-3753-49B2-9CC1-8D491CF285CA}.xps
c:\users\Audrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\{754EF63F-E044-4FC5-A8F1-C2372D308619}.xps
c:\users\Audrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\{768650EB-70DF-44F4-A4DF-FE91E9AF986F}.xps
c:\users\Audrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\{78F3ECE6-A5AC-4A0F-99CE-0297170453D7}.xps
c:\users\Audrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\{889642EB-D7A6-401A-8990-5E8A8431E90C}.xps
c:\users\Audrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\{8D7EF96F-6969-4990-8BDC-19CB8A085F2D}.xps
c:\users\Audrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\{BA446261-0690-4880-B3CD-91ED3368C2EF}.xps
c:\users\Fred\AppData\Roaming\Fredlog.dat
c:\users\Fred\AppData\Roaming\install\server.exe
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-11-07 au 2012-12-07 ))))))))))))))))))))))))))))))))))))
.
.
2012-12-07 11:00 . 2012-12-07 11:00 -------- d-----w- c:\users\Mcx1-FRED-PC\AppData\Local\temp
2012-12-07 11:00 . 2012-12-07 11:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-07 04:02 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E2955EF6-5798-413B-A61B-03E040C5ADC6}\mpengine.dll
2012-12-06 00:45 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-01 03:55 . 2012-12-01 03:55 -------- d-----w- c:\users\Audrey\PDFCreator
2012-11-28 02:46 . 2012-11-28 02:45 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4A494BC1-08A7-410D-9781-E59E3C32DD41}\gapaengine.dll
2012-11-16 08:07 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-16 08:07 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-16 08:07 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-16 08:07 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-16 08:02 . 2012-10-08 11:31 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-16 08:01 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-16 08:01 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-16 08:01 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-16 08:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 08:01 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-16 08:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-16 08:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-16 02:29 . 2012-11-16 02:29 -------- d-----w- C:\Maison
2012-11-15 11:29 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-15 11:29 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-15 11:29 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-11-15 11:29 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-16 11:49 . 2012-04-02 10:30 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-16 11:49 . 2011-09-29 00:45 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-16 08:01 . 2011-10-05 02:12 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-10-16 08:38 . 2012-11-28 12:02 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 12:02 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 12:02 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-03 02:40 . 2012-02-10 11:44 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-24 19:32 . 2012-08-17 20:04 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-24 19:32 . 2011-09-29 00:51 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-19 14:02 . 2012-09-19 14:02 102368 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-09-19 14:02 . 2012-09-19 14:02 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-09-14 19:19 . 2012-10-10 07:05 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 07:05 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-08-31 964024]
"HP Officejet Pro 8600 (NET)"="c:\program files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2011-09-09 2676584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2010-03-10 237568]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-05 336384]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048]
"Garmin Lifetime Updater"="c:\program files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe" [2012-05-23 1466760]
"AllShareAgent"="c:\program files (x86)\Samsung\AllShare\AllShareAgent.exe" [2012-03-02 285072]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-08-31 3524536]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-11-22 3290304]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 cpuz130;cpuz130;c:\users\Fred\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368]
R3 flashusb;flashusb;c:\windows\system32\DRIVERS\flashusb.sys [2012-02-27 19968]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
R3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0;PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-08-17 25584]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-05 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-04-20 203776]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys [2011-07-27 14952]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-16 317440]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-06-08 406056]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-12-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 11:49]
.
2012-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 01:25]
.
2012-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 01:25]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-23 10920552]
"RunDLLEntry_THXCfg"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"RunDLLEntry_EptMon"="c:\windows\system32\EptMon64.dll" [2009-10-15 21504]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1744152]
"LogiScrollApp"="c:\program files\Logitech\ScrollApp\KhalScroll.exe" [2011-09-16 50456]
"VX3000"="c:\windows\vVX3000.exe" [2010-05-20 762736]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = [You must be registered and logged in to see this link.]
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-24 12:22; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - (no file)
URLSearchHooks-{efb1e45a-148d-40f9-a3f0-09d5577f9970} - (no file)
BHO-{7F6AFBF1-E065-4627-A2FD-810366367D01} - c:\users\Fred\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-KiesAirMessage - c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe
Wow6432Node-HKLM-Run- - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
WebBrowser-{EFB1E45A-148D-40F9-A3F0-09D5577F9970} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020200}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-12-07 06:02:43
ComboFix-quarantined-files.txt 2012-12-07 11:02
.
Avant-CF: 789 673 279 488 bytes free
Après-CF: 790 927 093 760 bytes free
.
- - End Of File - - DA248F80ADCBA86B4C839766F59C1A9B

fbriss

Rookie Surfer
Rookie Surfer

Posts : 52
Joined : 2008-12-01
Operating System : XP

View user profile

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by DragonMaster Jay on Fri 07 Dec 2012, 10:12 pm

ESET Online Scan

Please run a free online scan with the ESET Online Scanner

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
  • Click Start or wait for the scanner to load.
  • Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, there are a couple of things to keep in mind:
  • 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
  • 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
  • Open the logfile from wherever you saved it
  • Copy and paste the contents in your next reply.



DDS Scanning

Please download DDS by sUBs from BleepingComputer.com or Forospyware.com and save it to your Desktop.

Note: Before scanning, make sure all other running programs are closed. There shouldn't be any scheduled antivirus scans running while the scan is being performed. Do not use your computer for anything else during the scan.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click Yes to the Optional_Scan
  • Please follow the instructions that pop up for posting the results. Post only the contents of both logs.
  • Close the program window, and delete the program from your Desktop.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by fbriss on Sun 09 Dec 2012, 5:14 am

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 1.6.0_37
Run by Fred at 13:12:14 on 2012-12-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.12270.7530 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Logitech\ScrollApp\KhalScroll.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
C:\Program Files\Microsoft Security Client\msseces.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = [You must be registered and logged in to see this link.]
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PodcastBHO Class: {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} -
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: WinZip Courier BHO: {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\Program Files (x86)\WinZip Courier\wzwmcie.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Logitech Scroll App: {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\ScrollApp\32-bit\LogiSmooth.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN221AS62B05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
mRun: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{2E9762D9-BC57-4F52-A351-758BF49E89BA} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: Logitech Scroll App: {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\ScrollApp\LogiSmooth.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RunDLLEntry_THXCfg] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [RunDLLEntry_EptMon] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\EptMon64.dll,RunDLLEntry EptMon64
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [LogiScrollApp] C:\Program Files\Logitech\ScrollApp\KhalScroll.exe
x64-Run: [VX3000] C:\Windows\vVX3000.exe
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} -
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck -
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files (x86)\WinZip Courier\npwzwmc.dll
FF - plugin: C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-10-24 12:22; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-9-28 55856]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-28 203776]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-9-28 13336]
R2 iPodDrv;iPodDrv;C:\Windows\System32\drivers\iPodDrv.sys [2011-7-27 14952]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456]
R2 SamsungAllShareV2.0;Samsung AllShare PC;C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-3-2 25504]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-9-28 1692480]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-9-28 115216]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-9-28 317440]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-9-28 406056]
R3 LgBttPort;LGE Bluetooth TransPort;C:\Windows\System32\drivers\lgbtpt64.sys [2009-9-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator;C:\Windows\System32\drivers\lgbtbs64.sys [2009-9-29 14848]
R3 LGVMODEM;LGE Virtual Modem;C:\Windows\System32\drivers\lgvmdm64.sys [2009-9-29 17408]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-11-22 3290304]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-9-19 102368]
S3 flashusb;flashusb;C:\Windows\System32\drivers\flashusb.sys [2012-6-17 19968]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-27 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-9-28 158976]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-28 19456]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 SimpleSlideShowServer;SimpleSlideShowServer;C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-3-2 27584]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-9-19 203104]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-28 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-28 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-4 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-12-08 04:57:35 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A923905D-0BE9-4EBA-B4E7-A9DCC6094BD4}\mpengine.dll
2012-12-07 11:17:12 -------- d-----w- C:\Program Files (x86)\ESET
2012-12-07 11:11:38 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-07 11:10:15 -------- d-sh--w- C:\$RECYCLE.BIN
2012-12-07 10:55:11 98816 ----a-w- C:\Windows\sed.exe
2012-12-07 10:55:11 256000 ----a-w- C:\Windows\PEV.exe
2012-12-07 10:55:11 208896 ----a-w- C:\Windows\MBR.exe
2012-12-07 10:55:05 -------- d-----w- C:\ComboFix
2012-12-06 00:49:56 -------- d-----w- C:\Users\Fred\AppData\Local\{522E44C7-52DA-4820-B8F1-404DAC3AE347}
2012-12-05 12:49:45 -------- d-----w- C:\Users\Fred\AppData\Local\{688F0AAB-1D6C-4972-BB23-46376B5AEF20}
2012-12-05 00:49:33 -------- d-----w- C:\Users\Fred\AppData\Local\{9321EE22-236D-435D-9866-F7B17683301B}
2012-12-04 12:49:22 -------- d-----w- C:\Users\Fred\AppData\Local\{1B232E20-B358-4850-A596-7D5116D4143A}
2012-12-04 00:49:10 -------- d-----w- C:\Users\Fred\AppData\Local\{4550AE31-4A34-4559-B46C-7E9668FF5413}
2012-11-29 11:51:14 -------- d-----w- C:\Users\Fred\AppData\Local\{8DCE6C80-586A-4303-B167-2BABCDBFF7C3}
2012-11-28 22:51:51 -------- d-----w- C:\Users\Fred\AppData\Local\{EF03C883-4383-47F7-AA8F-17F8A16E6C8C}
2012-11-28 02:46:08 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A494BC1-08A7-410D-9781-E59E3C32DD41}\gapaengine.dll
2012-11-27 11:28:15 -------- d-----w- C:\Users\Fred\AppData\Local\{69C74528-951F-409D-BBDB-5CC7BE11E136}
2012-11-26 23:28:03 -------- d-----w- C:\Users\Fred\AppData\Local\{5DC5DD9E-6D45-47A4-A782-C09F02305C45}
2012-11-26 11:27:52 -------- d-----w- C:\Users\Fred\AppData\Local\{F798FA9F-A1E1-4CAA-93FC-2059785792E0}
2012-11-25 23:27:40 -------- d-----w- C:\Users\Fred\AppData\Local\{6004F810-2FDE-445F-A986-249472A1A3C5}
2012-11-25 11:27:29 -------- d-----w- C:\Users\Fred\AppData\Local\{A37C8C8E-DEA7-4F4F-AD5C-8241DAB73615}
2012-11-24 10:36:13 -------- d-----w- C:\Users\Fred\AppData\Local\{BD0C3399-E75C-426F-9876-8E4E421BFFD6}
2012-11-23 15:02:49 -------- d-----w- C:\Users\Fred\AppData\Local\{7797536C-7FA8-41E4-9ECD-5A1398771772}
2012-11-23 03:02:37 -------- d-----w- C:\Users\Fred\AppData\Local\{8B312F4D-E195-40B5-8301-90F6C6D4754D}
2012-11-22 15:02:26 -------- d-----w- C:\Users\Fred\AppData\Local\{0434125E-8684-46F7-AA1E-A741E46CA01E}
2012-11-22 03:02:14 -------- d-----w- C:\Users\Fred\AppData\Local\{349E8A81-F39E-46C0-A80A-8AB203F3A59B}
2012-11-21 15:02:03 -------- d-----w- C:\Users\Fred\AppData\Local\{3376DEF1-21DD-497C-8FDA-836C29B67184}
2012-11-21 03:01:51 -------- d-----w- C:\Users\Fred\AppData\Local\{3D6D3F47-269D-4D48-A17C-32C351DB412A}
2012-11-20 15:01:39 -------- d-----w- C:\Users\Fred\AppData\Local\{DE6C860E-C039-4564-8396-A69DE8CC0139}
2012-11-20 03:01:28 -------- d-----w- C:\Users\Fred\AppData\Local\{977C8766-91CF-421E-9256-6F846DB31C16}
2012-11-19 15:01:16 -------- d-----w- C:\Users\Fred\AppData\Local\{067AB4BA-8AAA-4F1A-831D-C4513F73F535}
2012-11-19 03:01:05 -------- d-----w- C:\Users\Fred\AppData\Local\{BBD20644-D616-46B5-ADA8-567768F40B41}
2012-11-18 15:05:07 -------- d-----w- C:\Users\Fred\AppData\Local\{146ACDAB-C24B-4FCD-883B-79490C878E24}
2012-11-18 15:01:17 -------- d-----w- C:\Users\Fred\AppData\Local\{E18A41A4-37BD-495A-95D2-B91DC02AD88D}
2012-11-18 03:01:05 -------- d-----w- C:\Users\Fred\AppData\Local\{86F14206-34B1-477A-A84C-76AC642D179F}
2012-11-16 08:07:22 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-16 08:07:22 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-16 08:07:22 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-16 08:07:22 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-16 08:01:28 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-16 08:01:28 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-16 08:01:27 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-16 08:01:27 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-16 08:01:27 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-16 08:01:26 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-16 08:01:26 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-16 02:29:29 -------- d-----w- C:\Maison
2012-11-16 02:07:39 -------- d-----w- C:\Users\Fred\AppData\Local\{05A511F5-DC6C-4D9C-8C12-11D77EC41F34}
2012-11-15 11:29:00 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-11-15 11:29:00 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-11-15 11:29:00 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-11-15 11:29:00 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-11-15 02:27:41 -------- d-----w- C:\Users\Fred\AppData\Local\{FB9F0460-550F-4D9C-8C22-8F695C08113A}
2012-11-14 11:57:07 -------- d-----w- C:\Users\Fred\AppData\Local\{10EBFA24-1F71-48A4-81EA-61D7FC646C99}
2012-11-13 23:36:30 -------- d-----w- C:\Users\Fred\AppData\Local\{1CA70FB6-16EC-4854-BDE9-DE2D9E3B5E1A}
2012-11-12 12:58:06 -------- d-----w- C:\Users\Fred\AppData\Local\{D32266FB-3DBA-4D96-859A-BE5E484F4FF1}
2012-11-11 15:24:20 -------- d-----w- C:\Users\Fred\AppData\Local\{A1E8378F-DE93-4216-A5C8-F1DC0F349328}
2012-11-10 12:52:27 -------- d-----w- C:\Users\Fred\AppData\Local\{5F69EE92-FCF8-47B0-9FEA-3C6EE0525420}
2012-11-10 00:52:16 -------- d-----w- C:\Users\Fred\AppData\Local\{D272D964-7579-48B2-A7A9-3DD53EFF2FFE}
2012-11-09 12:52:05 -------- d-----w- C:\Users\Fred\AppData\Local\{60634D4D-8882-4329-AC60-6CC6C0FA998D}
2012-11-09 00:48:58 -------- d-----w- C:\Users\Fred\AppData\Local\{84C840F3-2934-4D8C-BB50-21C6A8F3B105}
.
==================== Find3M ====================
.
2012-11-16 11:49:19 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-16 11:49:19 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-09-24 19:32:24 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-09-24 19:32:20 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-09-19 14:02:08 102368 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2012-09-19 14:02:06 203104 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 13:12:28,53 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2011-10-04 20:20:37
System Uptime: 2012-12-08 05:26:52 (8 hours ago)
.
Motherboard: Dell Inc. | | 0Y2MRG
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz | CPU 1 | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 918 GiB total, 735,721 GiB free.
D: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable
L: is Removable
M: is Removable
N: is Removable
O: is FIXED (FAT32) - 49 GiB total, 7,859 GiB free.
P: is FIXED (NTFS) - 883 GiB total, 620,205 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP223: 2012-12-01 17:16:40 - Windows Update
RP224: 2012-12-04 17:51:26 - Windows Update
RP225: 2012-12-06 22:56:19 - Removed Bonjour
RP226: 2012-12-06 22:58:32 - Removed Bonjour
RP227: 2012-12-06 22:59:22 - Removed Apple Application Support
RP228: 2012-12-06 23:00:05 - Removed Apple Mobile Device Support
RP229: 2012-12-06 23:00:24 - Removed Apple Mobile Device Support
RP230: 2012-12-06 23:01:09 - Removed Apple Software Update
RP231: 2012-12-06 23:07:50 - OTL Restore Point - 12/6/2012 11:07:50 PM
RP232: 2012-12-06 23:39:59 - Removed iTunes
RP233: 2012-12-07 23:57:07 - Windows Update
.
==== Installed Programs ======================
.
3DMark06
4Media MP4 to MP3 Converter 6
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4) MUI
ATI AVIVO64 Codecs
ATI Catalyst Install Manager
µTorrent
Burn4Free DVD Burning 6.0.0.0
Catalyst Control Center - Branding
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Citrix Online Plug-in (DV)
Citrix Online Plug-in (HDX)
Citrix Online Plug-in (Web)
Complément Messenger
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Cozi
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Edoc Viewer
Dell Getting Started Guide
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell Support Center
Dell VideoStage
DirectX 9 Runtime
doubleTwist
DVD-Cloner V9.60 Build 1113
eReg
ffdshow v1.2.4422 [2012-04-09]
Futuremark SystemInfo
Galerie de photos Windows Live
Garmin Lifetime Updater
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Google Earth
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HP FWUpdateEDO2
HP Officejet Pro 8600 Basic Device Software
HP Officejet Pro 8600 Help
HP Officejet Pro 8600 Product Improvement Study
HP Update
I.R.I.S. OCR
ImpotExpert 2011
ImpotExpert Updater 2011
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 24 (64-bit)
Java(TM) 6 Update 37
Junk Mail filter update
LG Bluetooth Drivers
LG United Mobile Drivers
Logitech Harmony Remote Software 7
Logitech Scroll App 2.0
Logitech SetPoint 6.30
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Antimalware Service FR-FR Language Pack
Microsoft Application Error Reporting
Microsoft Corporation
Microsoft LifeCam
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Client FR-FR Language Pack
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 17.0.1 (x86 fr)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML4SP2
Multimedia Card Reader
MyFreeCodec
PhotoShowExpress
RBVirtualFolder64Inst
Realtek High Definition Audio Driver
Remote Control USB Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Roxio File Backup
Samsung AllShare
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
Skype Click to Call
Skype™ 5.10
Sonic CinePlayer Decoder Pack
THX TruStudio PC
Unified Remote
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinZip 16.0
WinZip Courier
.
==== Event Viewer Messages From Past Week ========
.
2012-12-08 13:09:17, Error: srv [2017] - The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.
2012-12-08 12:05:56, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
2012-12-07 16:50:47, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
2012-12-07 06:01:18, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
2012-12-07 06:00:10, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
2012-12-07 05:54:51, Error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).
2012-12-06 23:00:18, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-12-01 04:38:55, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000116 (0xfffffa800a4d54e0, 0xfffff88004ac245c, 0x0000000000000000, 0x0000000000000002). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 120112-25318-01.
2012-12-01 04:32:38, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000116 (0xfffffa800fa344e0, 0xfffff880046d545c, 0x0000000000000000, 0x0000000000000002). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 120112-22573-01.
.
==== End Of File ===========================

fbriss

Rookie Surfer
Rookie Surfer

Posts : 52
Joined : 2008-12-01
Operating System : XP

View user profile

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by DragonMaster Jay on Sun 09 Dec 2012, 6:02 am

Please remove this old Java version: Java(TM) 6 Update 24 (64-bit)




ComboFix Script


  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Open notepad and copy/paste the text in the codebox below into it:
    ClearJavaCache::

    DDS::
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
    x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]

    Firefox::
    FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
    FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
    FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
  • Save this as CFScript.txt, in the same location as ComboFix.exe

  • Referring to the picture above, drag CFScript into ComboFix.exe
  • When finished, it shall produce a log for you at C:\ComboFix.txt
  • Please post the contents of the log in your next reply.



Junkware Removal Tool

Please download Junkware Removal Tool to your desktop.
  • Warning! Once the scan is complete JRT will shut down your browser with NO warning.

  • Shut down your protection software now to avoid potential conflicts.
  • Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Copy and Paste the JRT.txt log into your next message.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by fbriss on Sun 09 Dec 2012, 6:57 am

ComboFix 12-12-07.01 - Fred 2012-12-08 14:51:49.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.12270.7589 [GMT -5:00]
Lancé depuis: c:\users\Fred\Downloads\ComboFix.exe
Commutateurs utilisés :: c:\users\Fred\Downloads\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6032\AddOnDownloaded\016060e8-e1de-4d82-bd11-b667007b1f12.dll
c:\programdata\PCDr\6032\AddOnDownloaded\111e1115-314f-4404-be4a-ad58e8e2423d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\1b075935-6b9c-41c2-8914-643bfe886db8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\1d151f53-1500-414d-85b4-ab85d24f0785.dll
c:\programdata\PCDr\6032\AddOnDownloaded\21eb1c2f-b0d8-40e6-96dd-163437759b68.dll
c:\programdata\PCDr\6032\AddOnDownloaded\2390e056-e2db-44ed-91a5-5ca43aefea83.dll
c:\programdata\PCDr\6032\AddOnDownloaded\2f733848-355c-4a6f-89a5-08a4dcc89c5c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\35445406-e7ed-4a0e-9922-45505e71594b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\358ba71b-117f-40d5-95aa-57de622719b7.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3d656744-60b2-4576-8124-a39729f8b522.dll
c:\programdata\PCDr\6032\AddOnDownloaded\406007ac-5ba8-43e6-97b6-0c6ed58bb6e8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\468d25c7-baa8-4db4-a17f-ceac895a9bc8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\489f121a-4538-4839-9d1d-3c48e590be59.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4cfdf1e7-d0b2-449c-bd2d-084cd975e5d8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4f1c58d6-ca02-4906-b156-709481baca61.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4f64943e-d62a-4f2e-a3cd-98fb91e30469.dll
c:\programdata\PCDr\6032\AddOnDownloaded\59bb1a7b-2122-4c71-82b0-30bee96f063e.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7119bf4b-d404-4b31-8779-44fac71761fa.dll
c:\programdata\PCDr\6032\AddOnDownloaded\72f0dc20-5af7-4221-9657-442597ce030b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\73a14ca6-4567-413f-a60f-d04159cb72eb.dll
c:\programdata\PCDr\6032\AddOnDownloaded\75c8751b-fcad-4846-80ce-3a2efec60612.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7779c9df-2dc0-4fd5-92bb-c64027285f8b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\788ad19e-7745-402f-a5a5-20d2ab8b5f1b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\8a7e779d-1e14-4f91-a1b0-82dc746441b1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\9881c561-a45a-4c53-9d45-de93a99e2898.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b72409f9-df97-4592-bbfd-fff1ce0a9559.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ba58cab8-833c-4868-95e2-cff538a852a7.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bbd4d2b0-9dc6-46d0-a352-dbcd92f63c4d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\cb7af81b-44d9-4f99-b223-18a71e8c85b6.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d220b53c-6a3c-4b5d-8797-965d39e82fff.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d3ef65ec-842a-4640-b428-aca2f4a966e6.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d78fa15b-2d61-4303-adaa-edec9ebbb2b3.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e16f2788-babe-4a60-93d0-d507a5228753.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ff24953d-0c6e-4af9-a727-84ce58c99035.dll
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-11-08 au 2012-12-08 ))))))))))))))))))))))))))))))))))))
.
.
2012-12-08 19:55 . 2012-12-08 19:55 -------- d-----w- c:\users\Mcx1-FRED-PC\AppData\Local\temp
2012-12-08 19:55 . 2012-12-08 19:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-08 19:55 . 2012-12-08 19:55 -------- d-----w- c:\users\Audrey\AppData\Local\temp
2012-12-08 04:57 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A923905D-0BE9-4EBA-B4E7-A9DCC6094BD4}\mpengine.dll
2012-12-07 11:17 . 2012-12-07 11:17 -------- d-----w- c:\program files (x86)\ESET
2012-12-07 11:11 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-01 03:55 . 2012-12-07 22:18 -------- d-----w- c:\users\Audrey\PDFCreator
2012-11-28 02:46 . 2012-11-28 02:45 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4A494BC1-08A7-410D-9781-E59E3C32DD41}\gapaengine.dll
2012-11-16 08:07 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-16 08:07 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-16 08:07 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-16 08:07 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-16 08:02 . 2012-10-08 11:31 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-16 08:01 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-16 08:01 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-16 08:01 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-16 08:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 08:01 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-16 08:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-16 08:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-16 02:29 . 2012-11-16 02:29 -------- d-----w- C:\Maison
2012-11-15 11:29 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-15 11:29 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-15 11:29 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-11-15 11:29 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-16 11:49 . 2012-04-02 10:30 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-16 11:49 . 2011-09-29 00:45 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-16 08:01 . 2011-10-05 02:12 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-10-16 08:38 . 2012-11-28 12:02 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 12:02 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 12:02 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-03 02:40 . 2012-02-10 11:44 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-24 19:32 . 2012-08-17 20:04 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-24 19:32 . 2011-09-29 00:51 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-19 14:02 . 2012-09-19 14:02 102368 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-09-19 14:02 . 2012-09-19 14:02 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-09-14 19:19 . 2012-10-10 07:05 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 07:05 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]
c:\users\Fred\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [BU]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-08-31 964024]
"HP Officejet Pro 8600 (NET)"="c:\program files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2011-09-09 2676584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2010-03-10 237568]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-05 336384]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048]
"Garmin Lifetime Updater"="c:\program files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe" [2012-05-23 1466760]
"AllShareAgent"="c:\program files (x86)\Samsung\AllShare\AllShareAgent.exe" [2012-03-02 285072]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-08-31 3524536]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-11-22 3290304]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 cpuz130;cpuz130;c:\users\Fred\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368]
R3 flashusb;flashusb;c:\windows\system32\DRIVERS\flashusb.sys [2012-02-27 19968]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-05 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-04-20 203776]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys [2011-07-27 14952]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-16 317440]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-06-08 406056]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*Deregistered* - PCDSRVC{1E208CE0-FB7451FF-06020200}_0
.
Contenu du dossier 'Tâches planifiées'
.
2012-12-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 11:49]
.
2012-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 01:25]
.
2012-12-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 01:25]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-23 10920552]
"RunDLLEntry_THXCfg"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"RunDLLEntry_EptMon"="c:\windows\system32\EptMon64.dll" [2009-10-15 21504]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1744152]
"LogiScrollApp"="c:\program files\Logitech\ScrollApp\KhalScroll.exe" [2011-09-16 50456]
"VX3000"="c:\windows\vVX3000.exe" [2010-05-20 762736]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = [You must be registered and logged in to see this link.]
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-24 12:22; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run- - (no file)
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-12-08 14:56:45
ComboFix-quarantined-files.txt 2012-12-08 19:56
ComboFix2.txt 2012-12-07 11:02
.
Avant-CF: 830 660 419 584 bytes free
Après-CF: 830 352 576 512 bytes free
.
- - End Of File - - F54251E19B816718BD3D7FDE831FEC3B

fbriss

Rookie Surfer
Rookie Surfer

Posts : 52
Joined : 2008-12-01
Operating System : XP

View user profile

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by fbriss on Sun 09 Dec 2012, 7:24 am

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.9.9 (12.08.2012:3)
OS: Windows 7 Home Premium x64
Ran by Fred on 2012-12-08 at 15:20:25,42
Blog: [You must be registered and logged in to see this link.]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{7f6afbf1-e065-4627-a2fd-810366367d01}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{7f6afbf1-e065-4627-a2fd-810366367d01}



~~~ Files

Successfully deleted: [File] C:\Users\Fred\appdata\local\{B4DC8AAD-D0EA-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul [Trojan:JS/Medfos.A]



~~~ Folders

Successfully deleted: [Folder] C:\Users\Fred\appdata\local\{B4DC8AAD-D0EA-11E1-8270-B8AC6F996F26} [Trojan:JS/Medfos.A]



~~~ FireFox

Successfully deleted the following from C:\Users\Fred\AppData\Roaming\mozilla\firefox\profiles\uku4ryj6.default\prefs.js

user_pref("CT2851639..clientLogIsEnabled", false);
user_pref("CT2851639..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2851639..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2851639.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2851639.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");
user_pref("CT2851639.CTID", "CT2851639");
user_pref("CT2851639.CommunitiesChangesLastCheckTime", "0");
user_pref("CT2851639.CurrentServerDate", "20-7-2012");
user_pref("CT2851639.DSInstall", false);
user_pref("CT2851639.DialogsAlignMode", "LTR");
user_pref("CT2851639.DialogsGetterLastCheckTime", "Thu Jul 19 2012 16:04:38 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.DownloadReferralCookieData", "");
user_pref("CT2851639.EMailNotifierPollDate", "Sat May 05 2012 09:26:10 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.EnableClickToSearchBox", false);
user_pref("CT2851639.EnableSearchHistory", false);
user_pref("CT2851639.EnableSearchSuggest", false);
user_pref("CT2851639.FeedLastCount2548968607390276962", 177);
user_pref("CT2851639.FeedPollDate2429156812186649977", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.FeedPollDate2429156813040823546", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.FeedPollDate2429156813130095866", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.FeedPollDate2429156813224203613", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.FeedPollDate2429156813230837251", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.FeedPollDate2429156813454291735", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.FeedPollDate2429156813729834876", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.FeedPollDate2429156813860870021", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.FeedPollDate2429156814264681793", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.FeedPollDate2429156814863075366", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.FeedPollDate2429156815257761081", "Sat May 05 2012 09:26:11 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.FeedTTL2429156813040823546", 15);
user_pref("CT2851639.FeedTTL2429156813130095866", 10);
user_pref("CT2851639.FeedTTL2429156813454291735", 5);
user_pref("CT2851639.FeedTTL2429156814264681793", 5);
user_pref("CT2851639.FirstServerDate", "5-5-2012");
user_pref("CT2851639.FirstTime", true);
user_pref("CT2851639.FirstTimeFF3", true);
user_pref("CT2851639.FixPageNotFoundErrors", true);
user_pref("CT2851639.GroupingInvalidateCache", false);
user_pref("CT2851639.GroupingLastCheckTime", "0");
user_pref("CT2851639.GroupingLastServerUpdateTime", "0");
user_pref("CT2851639.GroupingServerCheckInterval", 1440);
user_pref("CT2851639.GroupingServiceUrl", "http://grouping.services.conduit.com/");
user_pref("CT2851639.HPInstall", false);
user_pref("CT2851639.HasUserGlobalKeys", true);
user_pref("CT2851639.HomePageProtectorEnabled", false);
user_pref("CT2851639.HomepageBeforeUnload", "http://www.cinoche.com/concours.html");
user_pref("CT2851639.Initialize", true);
user_pref("CT2851639.InitializeCommonPrefs", true);
user_pref("CT2851639.InstallationAndCookieDataSentCount", 3);
user_pref("CT2851639.InstallationId", "fftDF42.tmp.exe");
user_pref("CT2851639.InstallationType", "XPE");
user_pref("CT2851639.InstalledDate", "Sat May 05 2012 09:26:10 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.InvalidateCache", false);
user_pref("CT2851639.IsAlertDBUpdated", true);
user_pref("CT2851639.IsGrouping", false);
user_pref("CT2851639.IsInitSetupIni", true);
user_pref("CT2851639.IsMulticommunity", false);
user_pref("CT2851639.IsOpenThankYouPage", true);
user_pref("CT2851639.IsOpenUninstallPage", false);
user_pref("CT2851639.LanguagePackLastCheckTime", "Thu Jul 19 2012 12:38:06 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2851639.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
user_pref("CT2851639.LastLogin_3.12.0.8", "Sat May 05 2012 09:26:13 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.LastLogin_3.12.2.3", "Wed May 30 2012 06:06:54 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.LastLogin_3.13.0.6", "Thu Jul 19 2012 12:36:21 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.LastLogin_3.14.1.0", "Fri Jul 20 2012 07:47:16 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.LatestVersion", "3.13.0.6");
user_pref("CT2851639.Locale", "fr");
user_pref("CT2851639.MCDetectTooltipHeight", "83");
user_pref("CT2851639.MCDetectTooltipShow", false);
user_pref("CT2851639.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2851639.MCDetectTooltipWidth", "295");
user_pref("CT2851639.MyStuffEnabledAtInstallation", true);
user_pref("CT2851639.OriginalFirstVersion", "3.12.0.8");
user_pref("CT2851639.RadioLastCheckTime", "0");
user_pref("CT2851639.RadioLastUpdateIPServer", "0");
user_pref("CT2851639.RadioLastUpdateServer", "0");
user_pref("CT2851639.RadioShrinked", "shrinked");
user_pref("CT2851639.RadioShrinkedFromSetup", true);
user_pref("CT2851639.SHRINK_TOOLBAR", 0);
user_pref("CT2851639.SearchBackToDefaultEngine", false);
user_pref("CT2851639.SearchBoxWidth", 150);
user_pref("CT2851639.SearchCaption", "uTorrentBar_FR Customized Web Search");
user_pref("CT2851639.SearchEngine", "Logiciel||http://www.softonic.com/s/UCM_SEARCH_TERM?ptn=conduit");
user_pref("CT2851639.SearchEngineBeforeUnload", "Google");
user_pref("CT2851639.SearchFromAddressBarIsInit", true);
user_pref("CT2851639.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&q=");
user_pref("CT2851639.SearchInNewTabEnabled", true);
user_pref("CT2851639.SearchInNewTabIntervalMM", 1440);
user_pref("CT2851639.SearchInNewTabLastCheckTime", "Thu Jul 19 2012 16:04:38 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2851639.SearchInNewTabUserEnabled", false);
user_pref("CT2851639.SearchProtectorEnabled", false);
user_pref("CT2851639.SearchProtectorToolbarDisabled", true);
user_pref("CT2851639.SendProtectorDataViaLogin", true);
user_pref("CT2851639.ServiceMapLastCheckTime", "Thu Jul 19 2012 16:04:38 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.SettingsLastCheckTime", "Fri Jul 20 2012 07:47:16 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.SettingsLastUpdate", "1340630740");
user_pref("CT2851639.TBHomePageUrl", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13");
user_pref("CT2851639.ThirdPartyComponentsInterval", 504);
user_pref("CT2851639.ThirdPartyComponentsLastCheck", "Sat May 05 2012 09:26:09 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.ThirdPartyComponentsLastUpdate", "1331805999");
user_pref("CT2851639.ToolbarDisabled", true);
user_pref("CT2851639.ToolbarShrinkedFromSetup", true);
user_pref("CT2851639.TrusteLinkUrl", "http://trust.conduit.com/CT2851639");
user_pref("CT2851639.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT2851639.UserID", "UN30655527919976290");
user_pref("CT2851639.ValidationData_Search", 1);
user_pref("CT2851639.ValidationData_Toolbar", 1);
user_pref("CT2851639.WeatherNetwork", "");
user_pref("CT2851639.WeatherPollDate", "Sat May 05 2012 09:26:13 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.WeatherUnit", "C");
user_pref("CT2851639.alertChannelId", "1243674");
user_pref("CT2851639.approveUntrustedApps", true);
user_pref("CT2851639.autoDisableScopes", -1);
user_pref("CT2851639.backendstorage.cbcountry_000", "4341");
user_pref("CT2851639.backendstorage.cbfirsttime", "536174204D617920303520323031322030393A32363A313520474D542D3034303020284561737465726E204461796C696768742054696D6529");
user_pref("CT2851639.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F6775692F");
user_pref("CT2851639.componentAlertEnabled", false);
user_pref("CT2851639.components.1000034", false);
user_pref("CT2851639.components.1000234", false);
user_pref("CT2851639.components.129351529701212556", false);
user_pref("CT2851639.components.129351529703087570", false);
user_pref("CT2851639.components.129351529703087571", false);
user_pref("CT2851639.components.129422840102831305", false);
user_pref("CT2851639.components.129544678881551249", false);
user_pref("CT2851639.components.129791404828153723", false);
user_pref("CT2851639.components.2548968607390276962", false);
user_pref("CT2851639.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2851639.globalFirstTimeInfoLastCheckTime", "Sat May 05 2012 09:26:10 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.homepageProtectorEnableByLogin", true);
user_pref("CT2851639.initDone", true);
user_pref("CT2851639.isAppTrackingManagerOn", true);
user_pref("CT2851639.isFirstRadioInstallation", false);
user_pref("CT2851639.isSearchProtectorNotifyChanges", false);
user_pref("CT2851639.myStuffEnabled", true);
user_pref("CT2851639.myStuffPublihserMinWidth", 400);
user_pref("CT2851639.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2851639.myStuffServiceIntervalMM", 1440);
user_pref("CT2851639.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2851639.navigateToUrlOnSearch", false);
user_pref("CT2851639.revertSettingsEnabled", false);
user_pref("CT2851639.searchProtectorDialogDelayInSec", 10);
user_pref("CT2851639.searchProtectorEnableByLogin", true);
user_pref("CT2851639.testingCtid", "");
user_pref("CT2851639.toolbarAppMetaDataLastCheckTime", "Thu Jul 19 2012 16:04:38 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.toolbarContextMenuLastCheckTime", "Sat May 05 2012 09:26:13 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2851639.usageEnabled", false);
user_pref("CT2851639.usagesFlag", 2);
user_pref("CT3101810.1000082.isDisplayHidden", "true");
user_pref("CT3101810.1000082.isPlayDisplay", "true");
user_pref("CT3101810.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"http://feedlive.net/california.asx\"}");
user_pref("CT3101810.1000234.TWC_TMP_city", "MONTREAL");
user_pref("CT3101810.1000234.TWC_TMP_country", "CA");
user_pref("CT3101810.1000234.TWC_locId", "CAXX0301");
user_pref("CT3101810.1000234.TWC_location", "Montreal, Canada");
user_pref("CT3101810.1000234.TWC_region", "OT");
user_pref("CT3101810.1000234.TWC_temp_dis", "c");
user_pref("CT3101810.1000234.TWC_wind_dis", "kmh");
user_pref("CT3101810.1000234.weatherData", "{\"icon\":\"26.png\",\"temperature\":\"-8°C\",\"temperatureClear\":\"-8°C\",\"highTemperature\":\"-8°C\",\"lowTemperature\":\"-4
user_pref("CT3101810.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3101810.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3101810.FirstTime", "true");
user_pref("CT3101810.FirstTimeFF3", "true");
user_pref("CT3101810.LoginRevertSettingsEnabled", false);
user_pref("CT3101810.RevertSettingsEnabled", false);
user_pref("CT3101810.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3101810&SearchSource=2&q=");
user_pref("CT3101810.UserID", "UN65914547747169693");
user_pref("CT3101810.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT3101810.autoDisableScopes", -1);
user_pref("CT3101810.browser.search.defaultthis.engineName", true);
user_pref("CT3101810.defaultSearch", "true");
user_pref("CT3101810.embeddedsData", "[{\"appId\":\"129610751169335742\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get
user_pref("CT3101810.enableAlerts", "false");
user_pref("CT3101810.enableSearchFromAddressBar", "true");
user_pref("CT3101810.firstTimeDialogOpened", "true");
user_pref("CT3101810.fixPageNotFoundError", "true");
user_pref("CT3101810.fixPageNotFoundErrorInHidden", "true");
user_pref("CT3101810.fixUrls", true);
user_pref("CT3101810.installId", "ConduitNSISIntegration");
user_pref("CT3101810.installType", "ConduitNSISIntegration");
user_pref("CT3101810.isCheckedStartAsHidden", true);
user_pref("CT3101810.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3101810.isFirstTimeToolbarLoading", "false");
user_pref("CT3101810.isNewTabEnabled", false);
user_pref("CT3101810.isPerformedSmartBarTransition", "true");
user_pref("CT3101810.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3101810.keyword", true);
user_pref("CT3101810.migrateAppsAndComponents", true);
user_pref("CT3101810.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"http%3A%2F%2Fwww.GeekPolice.net%2Ft3821-read-this-before-posting\",\"EB_MAIN_FRA
user_pref("CT3101810.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3101810.openThankYouPage", "false");
user_pref("CT3101810.openUninstallPage", "true");
user_pref("CT3101810.search.searchAppId", "129610751169335742");
user_pref("CT3101810.search.searchCount", "0");
user_pref("CT3101810.searchInNewTabEnabled", "false");
user_pref("CT3101810.searchInNewTabEnabledInHidden", "true");
user_pref("CT3101810.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3101810.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3101810.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT3101810.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3101810\"}");
user_pref("CT3101810.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://Somoto.OurToolbar.com//xpi\"}");
user_pref("CT3101810.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Somoto\"}");
user_pref("CT3101810.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3101810.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"1\"}");
user_pref("CT3101810.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1346709838755");
user_pref("CT3101810.serviceLayer_services_appsMetadata_lastUpdate", "1346709838723");
user_pref("CT3101810.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1346709839050");
user_pref("CT3101810.serviceLayer_services_login_10.10.27.6_lastUpdate", "1352322634292");
user_pref("CT3101810.serviceLayer_services_login_10.13.40.15_lastUpdate", "1354853193892");
user_pref("CT3101810.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1346709839656");
user_pref("CT3101810.serviceLayer_services_searchAPI_lastUpdate", "1346709836849");
user_pref("CT3101810.serviceLayer_services_serviceMap_lastUpdate", "1354853193558");
user_pref("CT3101810.serviceLayer_services_toolbarContextMenu_lastUpdate", "1346709839331");
user_pref("CT3101810.serviceLayer_services_toolbarSettings_lastUpdate", "1354853193630");
user_pref("CT3101810.serviceLayer_services_translation_lastUpdate", "1354853193683");
user_pref("CT3101810.settingsINI", true);
user_pref("CT3101810.shouldFirstTimeDialog", "false");
user_pref("CT3101810.smartbar.CTID", "CT3101810");
user_pref("CT3101810.smartbar.Uninstall", "0");
user_pref("CT3101810.smartbar.homepage", true);
user_pref("CT3101810.smartbar.isHidden", true);
user_pref("CT3101810.smartbar.toolbarName", "Somoto ");
user_pref("CT3101810.startPage", "userChanged");
user_pref("CT3101810.toolbarBornServerTime", "4-9-2012");
user_pref("CT3101810.toolbarCurrentServerTime", "7-12-2012");
user_pref("CT3101810.upgradeFromClearSBVersion", true);
user_pref("CT3101810_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1354853073072,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("CT3184201..clientLogIsEnabled", true);
user_pref("CT3184201..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT3184201..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT3184201.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT3184201.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");
user_pref("CT3184201.BrowserCompStateIsOpen_129724205037270565", true);
user_pref("CT3184201.BrowserCompStateIsOpen_129724205037426813", true);
user_pref("CT3184201.BrowserCompStateIsOpen_1330956386000", true);
user_pref("CT3184201.BrowserCompStateIsOpen_6565815752657123216", true);
user_pref("CT3184201.CTID", "CT3184201");
user_pref("CT3184201.CurrentServerDate", "20-7-2012");
user_pref("CT3184201.DSInstall", true);
user_pref("CT3184201.DialogsAlignMode", "LTR");
user_pref("CT3184201.DialogsGetterLastCheckTime", "Thu Jul 19 2012 21:53:13 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.DownloadReferralCookieData", "");
user_pref("CT3184201.EMailNotifierPollDate", "Fri Jul 20 2012 07:47:16 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.EnableClickToSearchBox", false);
user_pref("CT3184201.EnableSearchHistory", false);
user_pref("CT3184201.EnableSearchSuggest", false);
user_pref("CT3184201.ExternalComponentPollDate5342832749374672449", "Fri Jul 20 2012 07:48:54 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.FeedLastCount129724205037739308", 217);
user_pref("CT3184201.FeedPollDate129237173390688207", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.FeedPollDate129237173390688210", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.FeedPollDate129238703378572556", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.FeedPollDate129238703378572557", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.FeedPollDate129238703378572558", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.FeedPollDate129238703378572559", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.FeedPollDate129238703378572560", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.FeedPollDate129238824209885828", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.FeedPollDate129238824209885829", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.FeedPollDate129238824209885830", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.FeedTTL129237173390688207", 40);
user_pref("CT3184201.FeedTTL129237173390688210", 40);
user_pref("CT3184201.FeedTTL129238703378572556", 40);
user_pref("CT3184201.FeedTTL129238703378572557", 40);
user_pref("CT3184201.FeedTTL129238703378572558", 40);
user_pref("CT3184201.FeedTTL129238703378572559", 40);
user_pref("CT3184201.FeedTTL129238703378572560", 40);
user_pref("CT3184201.FeedTTL129238824209885828", 40);
user_pref("CT3184201.FeedTTL129238824209885829", 40);
user_pref("CT3184201.FeedTTL129238824209885830", 40);
user_pref("CT3184201.FirstServerDate", "20-7-2012");
user_pref("CT3184201.FirstTime", true);
user_pref("CT3184201.FirstTimeFF3", true);
user_pref("CT3184201.FirstTimeHiddenVer", true);
user_pref("CT3184201.FixPageNotFoundErrors", false);
user_pref("CT3184201.GroupingServerCheckInterval", 1440);
user_pref("CT3184201.GroupingServiceUrl", "http://grouping.services.conduit.com/");
user_pref("CT3184201.HPInstall", true);
user_pref("CT3184201.HasUserGlobalKeys", true);
user_pref("CT3184201.HomePageProtectorEnabled", false);
user_pref("CT3184201.HomepageBeforeUnload", "http://search.conduit.com/?ctid=CT3184201&SearchSource=13");
user_pref("CT3184201.Initialize", true);
user_pref("CT3184201.InitializeCommonPrefs", true);
user_pref("CT3184201.InstallationAndCookieDataSentCount", 2);
user_pref("CT3184201.InstallationId", "ConduitNSISIntegration");
user_pref("CT3184201.InstallationType", "ConduitNSISIntegration");
user_pref("CT3184201.InstalledDate", "Thu Jul 19 2012 21:53:14 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.InvalidateCache", false);
user_pref("CT3184201.IsAlertDBUpdated", true);
user_pref("CT3184201.IsGrouping", false);
user_pref("CT3184201.IsInitSetupIni", true);
user_pref("CT3184201.IsMulticommunity", false);
user_pref("CT3184201.IsOpenThankYouPage", false);
user_pref("CT3184201.IsOpenUninstallPage", false);
user_pref("CT3184201.IsProtectorsInit", true);
user_pref("CT3184201.LanguagePackLastCheckTime", "Thu Jul 19 2012 21:53:14 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.LanguagePackReloadIntervalMM", 1440);
user_pref("CT3184201.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
user_pref("CT3184201.LastLogin_3.14.1.0", "Fri Jul 20 2012 07:47:16 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.LatestVersion", "3.14.1.0");
user_pref("CT3184201.Locale", "en");
user_pref("CT3184201.MCDetectTooltipHeight", "83");
user_pref("CT3184201.MCDetectTooltipShow", false);
user_pref("CT3184201.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT3184201.MCDetectTooltipWidth", "295");
user_pref("CT3184201.MyStuffEnabledAtInstallation", true);
user_pref("CT3184201.OriginalFirstVersion", "3.14.1.0");
user_pref("CT3184201.RadioIsPodcast", false);
user_pref("CT3184201.RadioLastCheckTime", "Thu Jul 19 2012 21:53:14 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.RadioLastUpdateIPServer", "3");
user_pref("CT3184201.RadioLastUpdateServer", "3");
user_pref("CT3184201.RadioMediaID", "9962");
user_pref("CT3184201.RadioMediaType", "Media Player");
user_pref("CT3184201.RadioMenuSelectedID", "EBRadioMenu_CT31842019962");
user_pref("CT3184201.RadioShrinkedFromSetup", false);
user_pref("CT3184201.RadioStationName", "California%20Rock");
user_pref("CT3184201.RadioStationURL", "http://feedlive.net/california.asx");
user_pref("CT3184201.SHRINK_TOOLBAR", 1);
user_pref("CT3184201.SavedHomepage", "http://www.cinoche.com/concours.html");
user_pref("CT3184201.SearchBackToDefaultEngine", false);
user_pref("CT3184201.SearchCaption", "midicairus Customized Web Search");
user_pref("CT3184201.SearchEngineBeforeUnload", "midicairus Customized Web Search");
user_pref("CT3184201.SearchFromAddressBarIsInit", true);
user_pref("CT3184201.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3184201&SearchSource=2&q=");
user_pref("CT3184201.SearchInNewTabEnabled", true);
user_pref("CT3184201.SearchInNewTabIntervalMM", 1440);
user_pref("CT3184201.SearchInNewTabLastCheckTime", "Thu Jul 19 2012 21:53:14 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT3184201.SearchInNewTabUserEnabled", false);
user_pref("CT3184201.SearchProtectorEnabled", true);
user_pref("CT3184201.SearchProtectorToolbarDisabled", true);
user_pref("CT3184201.SendProtectorDataViaLogin", true);
user_pref("CT3184201.ServiceMapLastCheckTime", "Thu Jul 19 2012 21:53:13 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.SettingsLastCheckTime", "Fri Jul 20 2012 07:47:16 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.SettingsLastUpdate", "1342354837");
user_pref("CT3184201.TBHomePageUrl", "http://search.conduit.com/?ctid=CT3184201&SearchSource=13");
user_pref("CT3184201.ThirdPartyComponentsInterval", 504);
user_pref("CT3184201.ThirdPartyComponentsLastCheck", "Thu Jul 19 2012 21:53:13 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.ThirdPartyComponentsLastUpdate", "1331805997");
user_pref("CT3184201.ToolbarDisabled", true);
user_pref("CT3184201.ToolbarShrinkedFromSetup", false);
user_pref("CT3184201.TrusteLinkUrl", "http://trust.conduit.com/CT3184201");
user_pref("CT3184201.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT3184201.UserID", "UN33790472046470343");
user_pref("CT3184201.WeatherNetwork", "");
user_pref("CT3184201.WeatherPollDate", "Fri Jul 20 2012 07:47:18 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.WeatherUnit", "C");
user_pref("CT3184201.alertChannelId", "1594758");
user_pref("CT3184201.approveUntrustedApps", false);
user_pref("CT3184201.autoDisableScopes", -1);
user_pref("CT3184201.backendstorage.c2p_iframe_md5", "6537663536626130396366633837326231393531333264383732343030346463");
user_pref("CT3184201.backendstorage.cbcountry_001", "4341");
user_pref("CT3184201.backendstorage.cbfirsttime", "546875204A756C20313920323031322032313A35333A313720474D542D3034303020284561737465726E204461796C696768742054696D6529");
user_pref("CT3184201.backendstorage.installationdate14cd7187-6ab1-4fa7-a5ac-ddfa5773148a", "31333432373834383532373039");
user_pref("CT3184201.backendstorage.shoppingapp.gk.exipres", "547565204A756C20323420323031322032313A35333A313520474D542D3034303020284561737465726E204461796C696768742054696D652
user_pref("CT3184201.backendstorage.shoppingapp.gk.geolocation", "63616E616461");
user_pref("CT3184201.backendstorage.toolbarappheartbeat", "7B2231346364373138372D366162312D346661372D613561632D646466613537373331343861223A313334323738343835323730377D");
user_pref("CT3184201.backendstorage.toolbarnotificationheartbeat", "7B2274797065223A22686561727462656174222C2274696D65223A313334323738353032363138322C2275726C223A22687474703A2
user_pref("CT3184201.backendstorage.toolbarnotificationqueue", "5B7B22617070223A2231346364373138372D366162312D346661372D613561632D64646661353737333134386130222C2261726773223A7
user_pref("CT3184201.backendstorage.toolbarnotificationsettings", "7B2273656E644E6F74696669636174696F6E73223A7B22616C6C223A747275652C2261707073223A7B2231346364373138372D366162
user_pref("CT3184201.backendstorage.toolbarnotificationuserid", "34313434313238373037");
user_pref("CT3184201.components.1000034", false);
user_pref("CT3184201.components.1000080", false);
user_pref("CT3184201.components.1000082", false);
user_pref("CT3184201.components.1000234", false);
user_pref("CT3184201.components.129724205034145620", false);
user_pref("CT3184201.components.129724205036020587", false);
user_pref("CT3184201.components.129724205037114317", false);
user_pref("CT3184201.components.129724205037270565", false);
user_pref("CT3184201.components.129724205037426813", false);
user_pref("CT3184201.components.129724205037739308", false);
user_pref("CT3184201.components.129724205038051804", false);
user_pref("CT3184201.components.129724205038520546", false);
user_pref("CT3184201.components.129724205039301782", false);
user_pref("CT3184201.components.129724205040551760", false);
user_pref("CT3184201.components.129822632744715898", false);
user_pref("CT3184201.components.1330956386000", false);
user_pref("CT3184201.components.1958179879799928720", false);
user_pref("CT3184201.components.4950963945127914423", false);
user_pref("CT3184201.components.5342832749374672449", false);
user_pref("CT3184201.components.6565815752657123216", false);
user_pref("CT3184201.components.8446616961328789392", false);
user_pref("CT3184201.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT3184201.globalFirstTimeInfoLastCheckTime", "Thu Jul 19 2012 21:53:13 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.homepageProtectorEnableByLogin", true);
user_pref("CT3184201.initDone", true);
user_pref("CT3184201.isAppTrackingManagerOn", true);
user_pref("CT3184201.isFirstRadioInstallation", false);
user_pref("CT3184201.isSearchProtectorNotifyChanges", false);
user_pref("CT3184201.myStuffEnabled", true);
user_pref("CT3184201.myStuffPublihserMinWidth", 400);
user_pref("CT3184201.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT3184201.myStuffServiceIntervalMM", 1440);
user_pref("CT3184201.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT3184201.navigateToUrlOnSearch", false);
user_pref("CT3184201.revertSettingsEnabled", false);
user_pref("CT3184201.searchProtectorDialogDelayInSec", 10);
user_pref("CT3184201.searchProtectorEnableByLogin", true);
user_pref("CT3184201.testingCtid", "");
user_pref("CT3184201.toolbarAppMetaDataLastCheckTime", "Thu Jul 19 2012 21:53:13 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.toolbarContextMenuLastCheckTime", "Thu Jul 19 2012 21:53:14 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3184201.usageEnabled", false);
user_pref("CT3184201.usagesFlag", 2);
user_pref("CT3198785.1000082.isPlayDisplay", "true");
user_pref("CT3198785.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"http://feedlive.net/california.asx\"}");
user_pref("CT3198785.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3198785.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3198785.FirstTime", "true");
user_pref("CT3198785.FirstTimeFF3", "true");
user_pref("CT3198785.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3198785&SearchSource=2&q=");
user_pref("CT3198785.UserID", "UN40969759615022470");
user_pref("CT3198785.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT3198785.autoDisableScopes", -1);
user_pref("CT3198785.browser.search.defaultthis.engineName", true);
user_pref("CT3198785.cbcountry_001", "CA");
user_pref("CT3198785.cbfirsttime", "Fri Jul 20 2012 08:37:26 GMT-0400 (Eastern Daylight Time)");
user_pref("CT3198785.defaultSearch", "true");
user_pref("CT3198785.embeddedsData", "[{\"appId\":\"129761883813986480\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get
user_pref("CT3198785.enableAlerts", "always");
user_pref("CT3198785.enableSearchFromAddressBar", "true");
user_pref("CT3198785.firstTimeDialogOpened", "true");
user_pref("CT3198785.first_time_search", "1");
user_pref("CT3198785.fixPageNotFoundError", "true");
user_pref("CT3198785.fixPageNotFoundErrorInHidden", "true");
user_pref("CT3198785.fixUrls", true);
user_pref("CT3198785.installId", "ConduitNSISIntegration");
user_pref("CT3198785.installType", "ConduitNSISIntegration");
user_pref("CT3198785.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3198785.isNewTabEnabled", true);
user_pref("CT3198785.isPerformedSmartBarTransition", "true");
user_pref("CT3198785.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3198785.keyword", true);
user_pref("CT3198785.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\" Ican’tuninstallthemidicairustoolbar.\",\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FRAME_TITLE\":
user_pref("CT3198785.openThankYouPage", "false");
user_pref("CT3198785.openUninstallPage", "true");
user_pref("CT3198785.search.searchAppId", "129761883813986480");
user_pref("CT3198785.search.searchCount", "0");
user_pref("CT3198785.searchInNewTabEnabledInHidden", "true");
user_pref("CT3198785.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3198785.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3198785.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT3198785.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3198785\"}");
user_pref("CT3198785.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://WhiteSmokeUSToolbar.OurToolbar.com//xpi\"}");
user_pref("CT3198785.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"WhiteSmoke US\"}");
user_pref("CT3198785.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3198785.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1342787844463");
user_pref("CT3198785.serviceLayer_services_appTracking_lastUpdate", "1342787845443");
user_pref("CT3198785.serviceLayer_services_appsMetadata_lastUpdate", "1342787844425");
user_pref("CT3198785.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1342787844616");
user_pref("CT3198785.serviceLayer_services_login_10.10.20.14_lastUpdate", "1342787845351");
user_pref("CT3198785.serviceLayer_services_optimizer_lastUpdate", "1342787844920");
user_pref("CT3198785.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1342787844638");
user_pref("CT3198785.serviceLayer_services_searchAPI_lastUpdate", "1342787844207");
user_pref("CT3198785.serviceLayer_services_serviceMap_lastUpdate", "1342787844085");
user_pref("CT3198785.serviceLayer_services_toolbarContextMenu_lastUpdate", "1342787844594");
user_pref("CT3198785.serviceLayer_services_toolbarSettings_lastUpdate", "1342787844166");
user_pref("CT3198785.serviceLayer_services_translation_lastUpdate", "1342787844455");
user_pref("CT3198785.settingsINI", true);
user_pref("CT3198785.shouldFirstTimeDialog", "false");
user_pref("CT3198785.smartbar.CTID", "CT3198785");
user_pref("CT3198785.smartbar.Uninstall", "0");
user_pref("CT3198785.smartbar.homepage", true);
user_pref("CT3198785.smartbar.toolbarName", "WhiteSmoke US ");
user_pref("CT3198785.toolbarBornServerTime", "20-7-2012");
user_pref("CT3198785.toolbarCurrentServerTime", "20-7-2012");
user_pref("CT3198785.toolbarDisabled", "true");
user_pref("CT3198785.url_history0001", "http://midicairus.greattoolbars.com/Support/:::clickhandler:::1342788114623,,,http://midicairus.greattoolbars.com/Support/:::clickhandl
user_pref("CommunityToolbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT3184201&SearchSource=13");
user_pref("CommunityToolbar.ConduitSearchList", "midicairus Customized Web Search");
user_pref("CommunityToolbar.ETag.http://Settings.toolbar.search.conduit.com/root/CT2851639/CT2851639", "\"319288524e42bb026cc20c22427af4c82\"");
user_pref("CommunityToolbar.ETag.http://Settings.toolbar.search.conduit.com/root/CT3184201/CT3184201", "\"8d4b3899529ccbd6fc36c95f0e53c9b92\"");
user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851639", "\"1334666883\"");
user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT3184201", "\"1327946907\"");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "C5ZJe6gL80JBW5CuLy+wkg==");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=fr", "kLE3EoupXhh+3ayzzXGurA==");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "mfQ70fvlD2zuBxSBj8rQqA==");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=fr", "TA2mKqdBHssHhc1ui1OGgQ==");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "k9un27OkAvkwB2ZmvXxTnA==");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=fr", "gFXxtiZIk+laJblSWSZGhA==");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "FqddrIU7eyJgaaLyHDeVMQ==");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=fr", "hOlcV9OHcX1OR8Faic1Xmg==");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:14f9\"");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.8", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"04afd94b864cd1:0\"");
user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851639", "\"5a3bfb736bf65ca0cca630a3f0917948\"");
user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT3184201", "\"5a3bfb736bf65ca0cca630a3f0917948\"");
user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en", "\"2292e5c1512a30b86b91a7e3313d799f\"");
user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=fr", "\"94c1e4ba7c878bff52f4751fa3eebc28\"");
user_pref("CommunityToolbar.ETag.http://twitter.com/users/show/15846407.xml", "\"3d36fae8fd045e032a342a71bd213ecf\"");
user_pref("CommunityToolbar.ETag.http://twitter.com/users/show/16190898.xml", "\"0fb5a65e76c56a3f742e048baa755fbe\"");
user_pref("CommunityToolbar.ETag.http://twitter.com/users/show/16727535.xml", "\"ab5747e131316fa87e5af657c8fc5144\"");
user_pref("CommunityToolbar.ETag.http://twitter.com/users/show/17461978.xml", "\"81a741377008a8d8623cb8ea46983e37\"");
user_pref("CommunityToolbar.ETag.http://twitter.com/users/show/18676177.xml", "\"19d7dd0161dd903a41aa448a18747e1e\"");
user_pref("CommunityToolbar.ETag.http://twitter.com/users/show/19058681.xml", "\"62b1fc7bf1e0aa64f6529b43b692d509\"");
user_pref("CommunityToolbar.ETag.http://twitter.com/users/show/19554706.xml", "\"7858ac99a8fe3bf33c6e19b55463f008\"");
user_pref("CommunityToolbar.ETag.http://twitter.com/users/show/21324258.xml", "\"a08cf1ccad4190504d251a84e10fc1d8\"");
user_pref("CommunityToolbar.ETag.http://twitter.com/users/show/21879024.xml", "\"2e3b9f6288c5398191863efb7fd20f91\"");
user_pref("CommunityToolbar.ETag.http://twitter.com/users/show/2883841.xml", "\"d87f19d00afba49a29cf1ff074db468a\"");
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Fred\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\uku4ryj6.default\\conduitCommon\\modules\\3.14.1.0");
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "http://www.searchqu.com/web?src=ffb&appid=102&systemid=406&sr=0&q=");
user_pref("CommunityToolbar.ToolbarsList", "CT2851639,CT3184201");
user_pref("CommunityToolbar.ToolbarsList2", "CT2851639,CT3184201");
user_pref("CommunityToolbar.ToolbarsList4", "CT2851639,CT3184201");
user_pref("CommunityToolbar.globalUserId", "95b919b6-20de-4ac5-8593-4273f7bebf1c");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.notifications.alertEnabled", false);
user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com");
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Jul 20 2012 07:47:17 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com");
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "95581675-5f71-49e4-91e2-9c60dedba8fd");
user_pref("CommunityToolbar.originalHomepage", "http://www.cinoche.com/concours.html");
user_pref("CommunityToolbar.originalSearchEngine", "Google");
user_pref("CommunityToolbar.twitter.user_15846407.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.twitter.user_16190898.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.twitter.user_16727535.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.twitter.user_17461978.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.twitter.user_18676177.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.twitter.user_19058681.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.twitter.user_21324258.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.twitter.user_21879024.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.twitter.user_2883841.LastCheckTime", "Fri Jul 20 2012 07:47:19 GMT-0400 (Eastern Daylight Time)");
user_pref("Smartbar.ConduitHomepagesList", "");
user_pref("Smartbar.ConduitSearchEngineList", "");
user_pref("Smartbar.ConduitSearchUrlList", "");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "http://www.searchqu.com/web?src=ffb&appid=102&systemid=406&sr=0&q=");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3101810");
user_pref("browser.search.defaultthis.engineName", "midicairus Customized Web Search");
user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3184201&SearchSource=3&q={searchTerms}");
user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.id", "9651078d000000000000180373df3cec");
user_pref("extensions.BabylonToolbar.instlDay", "15675");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.tlbrId", "irhnew");
user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=9651078d000000000000180373df3cec&q=");
user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
user_pref("extensions.BabylonToolbar_i.newTab", true);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?affID=110824&tt=4812_8&babsrc=NT_ss&mntrId=9651078d000000000000180373df3cec");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.822:56:01");
user_pref("extensions.Softonic.admin", false);
user_pref("extensions.Softonic.aflt", "SD");
user_pref("extensions.Softonic.autoRvrt", "false");
user_pref("extensions.Softonic.cntry", "CA");
user_pref("extensions.Softonic.cv", "cv5");
user_pref("extensions.Softonic.dfltLng", "fr");
user_pref("extensions.Softonic.dfltSrch", true);
user_pref("extensions.Softonic.dfltlng", "fr");
user_pref("extensions.Softonic.dfltsrch", true);
user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");
user_pref("extensions.Softonic.dspOld", "Google");
user_pref("extensions.Softonic.envrmnt", "production");
user_pref("extensions.Softonic.excTlbr", false);
user_pref("extensions.Softonic.hdrMd5", "B5F9D31495CB115494A35C915C62BAE1");
user_pref("extensions.Softonic.hmpg", true);
user_pref("extensions.Softonic.hmpgUrl", "http://search.softonic.com/INF00043/tb_v1?SearchSource=13&cc=");
user_pref("extensions.Softonic.hpNew", "http://search.softonic.com/INF00043/tb_v1?SearchSource=13&cc=");
user_pref("extensions.Softonic.hpOld", "http://www.cyberpresse.ca/");
user_pref("extensions.Softonic.hrdid", "9651078d000000000000180373df3cec");
user_pref("extensions.Softonic.id", "9651078d000000000000180373df3cec");
user_pref("extensions.Softonic.instlDay", "15674");
user_pref("extensions.Softonic.instlRef", "INF00043");
user_pref("extensions.Softonic.instlday", "15674");
user_pref("extensions.Softonic.instlref", "INF00043");
user_pref("extensions.Softonic.isdcmntcmplt", "false");
user_pref("extensions.Softonic.keyWordUrl", "http://search.softonic.com/INF00043/tb_v1?SearchSource=2&cc=&q=");
user_pref("extensions.Softonic.keywordurl", "http://search.softonic.com/INF00043/tb_v1?SearchSource=2&cc=&q=");
user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.47:01:52");
user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
user_pref("extensions.Softonic.newTab", true);
user_pref("extensions.Softonic.newTabUrl", "http://search.softonic.com/INF00043/tb_v1?SearchSource=15&cc=");
user_pref("extensions.Softonic.newtab", true);
user_pref("extensions.Softonic.newtaburl", "http://search.softonic.com/INF00043/tb_v1?SearchSource=15&cc=");
user_pref("extensions.Softonic.prdct", "Softonic");
user_pref("extensions.Softonic.prtnrId", "softonic");
user_pref("extensions.Softonic.prtnrid", "softonic");
user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search settings, Click No to restore original settings");
user_pref("extensions.Softonic.savedVrsnTs", "1");
user_pref("extensions.Softonic.sg", "az");
user_pref("extensions.Softonic.smplGrp", "none");
user_pref("extensions.Softonic.smplgrp", "none");
user_pref("extensions.Softonic.srch", "");
user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)");
user_pref("extensions.Softonic.tlbrId", "BASEirobinhoodActive");
user_pref("extensions.Softonic.tlbrSrchUrl", "http://search.softonic.com/INF00043/tb_v1?SearchSource=1&cc=&q=");
user_pref("extensions.Softonic.tlbrid", "BASEirobinhoodActive");
user_pref("extensions.Softonic.tlbrsrchurl", "http://search.softonic.com/INF00043/tb_v1?SearchSource=1&cc=&q=");
user_pref("extensions.Softonic.vrsn", "1.6.7.4");
user_pref("extensions.Softonic.vrsnTs", "1.6.7.47:01:52");
user_pref("extensions.Softonic.vrsni", "1.6.7.4");
user_pref("extensions.Softonic.vrsnts", "1.6.7.47:01:52");
user_pref("extensions.Softonic_i.dnsErr", true);
user_pref("extensions.Softonic_i.hmpg", true);
user_pref("extensions.Softonic_i.newTab", true);
user_pref("extensions.Softonic_i.smplGrp", "none");
user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.47:01:52");
user_pref("extensions.crossrider.bic", "138a43693141886e74013d95829de80c");
user_pref("extensions.defaulttab.active.affiliate", 4501);
user_pref("extensions.defaulttab.active.overridechromesearch", false);
user_pref("extensions.defaulttab.active.overridekeywordsearch", false);
user_pref("extensions.defaulttab.browserID", "dbdfdc186fa2ff33c20f500da7bc6768");
user_pref("extensions.defaulttab.config", "{\"status\": \"ok\", \"config\": {\"dns_error_handling\": \"Scenario_1,Scenario_2\", \"set_default_search\": \"Search Here|Search He
user_pref("extensions.defaulttab.firstrun", false);
user_pref("extensions.defaulttab.installedVersion", "1.4");
user_pref("keyword.URL", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3101810&SearchSource=2&q=");
user_pref("smartbar.conduitSearchAddressUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3101810&SearchSource=2&q=");
user_pref("smartbar.originalSearchAddressUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3101810&SearchSource=2&q=");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2012-12-08 at 15:23:20,41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

fbriss

Rookie Surfer
Rookie Surfer

Posts : 52
Joined : 2008-12-01
Operating System : XP

View user profile

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by DragonMaster Jay on Sun 09 Dec 2012, 9:56 pm

To see if the mess is gone, please post new DDS log.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by fbriss on Mon 10 Dec 2012, 12:31 am

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2011-10-04 20:20:37
System Uptime: 2012-12-09 07:56:39 (1 hours ago)
.
Motherboard: Dell Inc. | | 0Y2MRG
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz | CPU 1 | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 918 GiB total, 773,493 GiB free.
D: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable
L: is Removable
M: is Removable
N: is Removable
O: is FIXED (FAT32) - 49 GiB total, 7,859 GiB free.
P: is FIXED (NTFS) - 883 GiB total, 620,205 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP223: 2012-12-01 17:16:40 - Windows Update
RP224: 2012-12-04 17:51:26 - Windows Update
RP225: 2012-12-06 22:56:19 - Removed Bonjour
RP226: 2012-12-06 22:58:32 - Removed Bonjour
RP227: 2012-12-06 22:59:22 - Removed Apple Application Support
RP228: 2012-12-06 23:00:05 - Removed Apple Mobile Device Support
RP229: 2012-12-06 23:00:24 - Removed Apple Mobile Device Support
RP230: 2012-12-06 23:01:09 - Removed Apple Software Update
RP231: 2012-12-06 23:07:50 - OTL Restore Point - 12/6/2012 11:07:50 PM
RP232: 2012-12-06 23:39:59 - Removed iTunes
RP233: 2012-12-07 23:57:07 - Windows Update
.
==== Installed Programs ======================
.
3DMark06
4Media MP4 to MP3 Converter 6
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4) MUI
ATI AVIVO64 Codecs
ATI Catalyst Install Manager
µTorrent
Burn4Free DVD Burning 6.0.0.0
Catalyst Control Center - Branding
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Citrix Online Plug-in (DV)
Citrix Online Plug-in (HDX)
Citrix Online Plug-in (Web)
Complément Messenger
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Cozi
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Edoc Viewer
Dell Getting Started Guide
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell Support Center
Dell VideoStage
DirectX 9 Runtime
doubleTwist
DVD-Cloner V9.60 Build 1113
eReg
ffdshow v1.2.4422 [2012-04-09]
Futuremark SystemInfo
Galerie de photos Windows Live
Garmin Lifetime Updater
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Google Earth
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HP FWUpdateEDO2
HP Officejet Pro 8600 Basic Device Software
HP Officejet Pro 8600 Help
HP Officejet Pro 8600 Product Improvement Study
HP Update
I.R.I.S. OCR
ImpotExpert 2011
ImpotExpert Updater 2011
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 24 (64-bit)
Java(TM) 6 Update 37
Junk Mail filter update
LG Bluetooth Drivers
LG United Mobile Drivers
Logitech Harmony Remote Software 7
Logitech Scroll App 2.0
Logitech SetPoint 6.30
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Antimalware Service FR-FR Language Pack
Microsoft Application Error Reporting
Microsoft Corporation
Microsoft LifeCam
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Client FR-FR Language Pack
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 17.0.1 (x86 fr)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML4SP2
Multimedia Card Reader
MyFreeCodec
PhotoShowExpress
RBVirtualFolder64Inst
Realtek High Definition Audio Driver
Remote Control USB Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Roxio File Backup
Samsung AllShare
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
Skype Click to Call
Skype™ 5.10
Sonic CinePlayer Decoder Pack
THX TruStudio PC
Unified Remote
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinZip 16.0
WinZip Courier
.
==== Event Viewer Messages From Past Week ========
.
2012-12-09 08:28:58, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
2012-12-09 08:27:37, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
2012-12-08 17:52:02, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000116 (0xfffffa801055e4e0, 0xfffff880045b045c, 0x0000000000000000, 0x0000000000000002). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 120812-19063-01.
2012-12-08 15:25:58, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1402.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: [You must be registered and logged in to see this link.] Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
2012-12-08 15:25:58, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1402.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: [You must be registered and logged in to see this link.] Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
2012-12-08 15:25:48, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1402.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: [You must be registered and logged in to see this link.] Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
2012-12-08 15:25:48, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.1402.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: [You must be registered and logged in to see this link.] Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 1.6.0_37
Run by Fred at 8:29:56 on 2012-12-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.12270.7128 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Logitech\ScrollApp\KhalScroll.exe
C:\Windows\vVX3000.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Audrey\AppData\Local\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\Audrey\AppData\Local\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Logitech\ScrollApp\KhalScroll.exe
C:\Windows\vVX3000.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = [You must be registered and logged in to see this link.]
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PodcastBHO Class: {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: WinZip Courier BHO: {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\Program Files (x86)\WinZip Courier\wzwmcie.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Logitech Scroll App: {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\ScrollApp\32-bit\LogiSmooth.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN221AS62B05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
mRun: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{2E9762D9-BC57-4F52-A351-758BF49E89BA} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: Logitech Scroll App: {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\ScrollApp\LogiSmooth.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RunDLLEntry_THXCfg] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [RunDLLEntry_EptMon] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\EptMon64.dll,RunDLLEntry EptMon64
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [LogiScrollApp] C:\Program Files\Logitech\ScrollApp\KhalScroll.exe
x64-Run: [VX3000] C:\Windows\vVX3000.exe
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} -
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck -
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files (x86)\WinZip Courier\npwzwmc.dll
FF - plugin: C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\uku4ryj6.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-10-24 12:22; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-9-28 55856]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-28 203776]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-9-28 13336]
R2 iPodDrv;iPodDrv;C:\Windows\System32\drivers\iPodDrv.sys [2011-7-27 14952]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456]
R2 SamsungAllShareV2.0;Samsung AllShare PC;C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-3-2 25504]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-9-28 1692480]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-11-22 3290304]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-9-28 115216]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-9-28 317440]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-9-28 406056]
R3 LgBttPort;LGE Bluetooth TransPort;C:\Windows\System32\drivers\lgbtpt64.sys [2009-9-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator;C:\Windows\System32\drivers\lgbtbs64.sys [2009-9-29 14848]
R3 LGVMODEM;LGE Virtual Modem;C:\Windows\System32\drivers\lgvmdm64.sys [2009-9-29 17408]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-9-19 102368]
S3 flashusb;flashusb;C:\Windows\System32\drivers\flashusb.sys [2012-6-17 19968]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-27 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-9-28 158976]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-28 19456]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 SimpleSlideShowServer;SimpleSlideShowServer;C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-3-2 27584]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-9-19 203104]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-28 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-28 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-4 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-12-08 21:26:25 -------- d-----w- C:\Users\Fred\AppData\Local\{E86CA27C-D010-4FA0-812D-281F3923AB92}
2012-12-08 20:25:01 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1294642A-22E3-43DC-BB67-87A999B83CC7}\mpengine.dll
2012-12-08 20:20:37 -------- d-sh--w- C:\$RECYCLE.BIN
2012-12-08 20:20:23 -------- d-----w- C:\Windows\ERUNT
2012-12-08 20:20:18 -------- d-----w- C:\JRT
2012-12-08 19:51:02 -------- d-----w- C:\ComboFix
2012-12-07 11:11:38 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-07 10:55:11 98816 ----a-w- C:\Windows\sed.exe
2012-12-07 10:55:11 256000 ----a-w- C:\Windows\PEV.exe
2012-12-07 10:55:11 208896 ----a-w- C:\Windows\MBR.exe
2012-12-06 00:49:56 -------- d-----w- C:\Users\Fred\AppData\Local\{522E44C7-52DA-4820-B8F1-404DAC3AE347}
2012-12-05 12:49:45 -------- d-----w- C:\Users\Fred\AppData\Local\{688F0AAB-1D6C-4972-BB23-46376B5AEF20}
2012-12-05 00:49:33 -------- d-----w- C:\Users\Fred\AppData\Local\{9321EE22-236D-435D-9866-F7B17683301B}
2012-12-04 12:49:22 -------- d-----w- C:\Users\Fred\AppData\Local\{1B232E20-B358-4850-A596-7D5116D4143A}
2012-12-04 00:49:10 -------- d-----w- C:\Users\Fred\AppData\Local\{4550AE31-4A34-4559-B46C-7E9668FF5413}
2012-11-29 11:51:14 -------- d-----w- C:\Users\Fred\AppData\Local\{8DCE6C80-586A-4303-B167-2BABCDBFF7C3}
2012-11-28 22:51:51 -------- d-----w- C:\Users\Fred\AppData\Local\{EF03C883-4383-47F7-AA8F-17F8A16E6C8C}
2012-11-28 02:46:08 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A494BC1-08A7-410D-9781-E59E3C32DD41}\gapaengine.dll
2012-11-27 11:28:15 -------- d-----w- C:\Users\Fred\AppData\Local\{69C74528-951F-409D-BBDB-5CC7BE11E136}
2012-11-26 23:28:03 -------- d-----w- C:\Users\Fred\AppData\Local\{5DC5DD9E-6D45-47A4-A782-C09F02305C45}
2012-11-26 11:27:52 -------- d-----w- C:\Users\Fred\AppData\Local\{F798FA9F-A1E1-4CAA-93FC-2059785792E0}
2012-11-25 23:27:40 -------- d-----w- C:\Users\Fred\AppData\Local\{6004F810-2FDE-445F-A986-249472A1A3C5}
2012-11-25 11:27:29 -------- d-----w- C:\Users\Fred\AppData\Local\{A37C8C8E-DEA7-4F4F-AD5C-8241DAB73615}
2012-11-24 10:36:13 -------- d-----w- C:\Users\Fred\AppData\Local\{BD0C3399-E75C-426F-9876-8E4E421BFFD6}
2012-11-23 15:02:49 -------- d-----w- C:\Users\Fred\AppData\Local\{7797536C-7FA8-41E4-9ECD-5A1398771772}
2012-11-23 03:02:37 -------- d-----w- C:\Users\Fred\AppData\Local\{8B312F4D-E195-40B5-8301-90F6C6D4754D}
2012-11-22 15:02:26 -------- d-----w- C:\Users\Fred\AppData\Local\{0434125E-8684-46F7-AA1E-A741E46CA01E}
2012-11-22 03:02:14 -------- d-----w- C:\Users\Fred\AppData\Local\{349E8A81-F39E-46C0-A80A-8AB203F3A59B}
2012-11-21 15:02:03 -------- d-----w- C:\Users\Fred\AppData\Local\{3376DEF1-21DD-497C-8FDA-836C29B67184}
2012-11-21 03:01:51 -------- d-----w- C:\Users\Fred\AppData\Local\{3D6D3F47-269D-4D48-A17C-32C351DB412A}
2012-11-20 15:01:39 -------- d-----w- C:\Users\Fred\AppData\Local\{DE6C860E-C039-4564-8396-A69DE8CC0139}
2012-11-20 03:01:28 -------- d-----w- C:\Users\Fred\AppData\Local\{977C8766-91CF-421E-9256-6F846DB31C16}
2012-11-19 15:01:16 -------- d-----w- C:\Users\Fred\AppData\Local\{067AB4BA-8AAA-4F1A-831D-C4513F73F535}
2012-11-19 03:01:05 -------- d-----w- C:\Users\Fred\AppData\Local\{BBD20644-D616-46B5-ADA8-567768F40B41}
2012-11-18 15:05:07 -------- d-----w- C:\Users\Fred\AppData\Local\{146ACDAB-C24B-4FCD-883B-79490C878E24}
2012-11-18 15:01:17 -------- d-----w- C:\Users\Fred\AppData\Local\{E18A41A4-37BD-495A-95D2-B91DC02AD88D}
2012-11-18 03:01:05 -------- d-----w- C:\Users\Fred\AppData\Local\{86F14206-34B1-477A-A84C-76AC642D179F}
2012-11-16 08:07:22 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-16 08:07:22 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-16 08:07:22 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-16 08:07:22 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-16 08:01:28 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-16 08:01:28 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-16 08:01:27 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-16 08:01:27 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-16 08:01:27 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-16 08:01:26 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-16 08:01:26 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-16 02:29:29 -------- d-----w- C:\Maison
2012-11-16 02:07:39 -------- d-----w- C:\Users\Fred\AppData\Local\{05A511F5-DC6C-4D9C-8C12-11D77EC41F34}
2012-11-15 11:29:00 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-11-15 11:29:00 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-11-15 11:29:00 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-11-15 11:29:00 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-11-15 02:27:41 -------- d-----w- C:\Users\Fred\AppData\Local\{FB9F0460-550F-4D9C-8C22-8F695C08113A}
2012-11-14 11:57:07 -------- d-----w- C:\Users\Fred\AppData\Local\{10EBFA24-1F71-48A4-81EA-61D7FC646C99}
2012-11-13 23:36:30 -------- d-----w- C:\Users\Fred\AppData\Local\{1CA70FB6-16EC-4854-BDE9-DE2D9E3B5E1A}
2012-11-12 12:58:06 -------- d-----w- C:\Users\Fred\AppData\Local\{D32266FB-3DBA-4D96-859A-BE5E484F4FF1}
2012-11-11 15:24:20 -------- d-----w- C:\Users\Fred\AppData\Local\{A1E8378F-DE93-4216-A5C8-F1DC0F349328}
2012-11-10 12:52:27 -------- d-----w- C:\Users\Fred\AppData\Local\{5F69EE92-FCF8-47B0-9FEA-3C6EE0525420}
2012-11-10 00:52:16 -------- d-----w- C:\Users\Fred\AppData\Local\{D272D964-7579-48B2-A7A9-3DD53EFF2FFE}
.
==================== Find3M ====================
.
2012-11-16 11:49:19 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-16 11:49:19 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-09-24 19:32:24 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-09-24 19:32:20 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-09-19 14:02:08 102368 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2012-09-19 14:02:06 203104 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 8:30:09,41 ===============

fbriss

Rookie Surfer
Rookie Surfer

Posts : 52
Joined : 2008-12-01
Operating System : XP

View user profile

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by DragonMaster Jay on Mon 10 Dec 2012, 7:46 pm

Alrighty....please remove the following from the program list: Java(TM) 6 Update 24 (64-bit)

Next:

ESET Online Scan

Please run a free online scan with the ESET Online Scanner

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
  • Click Start or wait for the scanner to load.
  • Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, there are a couple of things to keep in mind:
  • 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
  • 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
  • Open the logfile from wherever you saved it
  • Copy and paste the contents in your next reply.



Any more issues?

We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

Many of the things to note for us would be:

  • Slow computer
  • Error messages
  • Fake antivirus alerts or the icon in the system tray
  • svchost.exe running at 100%
  • System crashes or blue screen of death


Note: Absence of issues does not mean that you're protected in the future.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by fbriss on Mon 10 Dec 2012, 11:12 pm

I'm running ESET, but yes I have blue screen sometimes. It says a problem from my video card or something like that. Well the next time I'll check the exact error messages and post it.
Thanks

fbriss

Rookie Surfer
Rookie Surfer

Posts : 52
Joined : 2008-12-01
Operating System : XP

View user profile

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by DragonMaster Jay on Tue 11 Dec 2012, 5:56 am

Okay let me know results from ESET and the blue screen:



[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by fbriss on Tue 11 Dec 2012, 10:09 am

Nothing found on ESET and no blue screen for now.
Thanks a lot

fbriss

Rookie Surfer
Rookie Surfer

Posts : 52
Joined : 2008-12-01
Operating System : XP

View user profile

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by DragonMaster Jay on Tue 11 Dec 2012, 8:04 pm

Awesome. You're welcome! (Thanks for contribution)

It all appears to be good, so we will finish up to make sure your computer is protected from malware in the future.

Clean up System Restore

Now, to get you off to a clean start, we will be creating a new Restore Point, then clearing the old ones to make sure you do not get reinfected, in case you need to "restore back."
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE

You now have a clean restore point, to get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do some calculation and the display a dialogue box with TABS
  • Select the More Options Tab.
  • At the bottom will be a system restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done


Run OTC to remove our tools

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:

  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

Note:If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Purge old temporary files

NOTE: If you already have this installed, you don't have to reinstall it.

Please download CCleaner Slim and save it to your Desktop - Alternate download link

When the file has been saved, go to your Desktop and double-click on ccsetupxxx_slim.exe
Follow the prompts to install the program.

  • Double-click the CCleaner shortcut on the desktop to start the program.
  • A prompt will ask you if you want CCleaner to do a check to see what cookies it needs to keep. Allow that operation.
  • On the Cleaner tab, click on Run Cleaner on the bottom-right to run the program.
  • Important: Make sure that ALL browser windows are closed before selecting Run Cleaner, or it will ask if you want the program to close them for you (when you do this, all unsaved data may be lost in the browser).


Caution: Only use the Registry feature if you are very familiar with the registry.
Always back up your registry before making any changes. Exit CCleaner after it has completed it's process.

Security Check

Please download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by fbriss on Thu 13 Dec 2012, 11:54 am

Thats my blue screen problem details

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.768.3
Locale ID: 3084

Additional information about the problem:
BCCode: 116
BCP1: FFFFFA8010D484E0
BCP2: FFFFF8800433445C
BCP3: 0000000000000000
BCP4: 0000000000000002
OS Version: 6_1_7601
Service Pack: 1_0
Product: 768_1

Files that help describe the problem:
C:\Windows\Minidump\121212-23134-01.dmp
C:\Users\Fred\AppData\Local\Temp\WER-47424-0.sysdata.xml

Read our privacy statement online:
[You must be registered and logged in to see this link.]

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt

fbriss

Rookie Surfer
Rookie Surfer

Posts : 52
Joined : 2008-12-01
Operating System : XP

View user profile

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by DragonMaster Jay on Fri 14 Dec 2012, 2:39 am

Please upload this dump file so I can analyze closer... C:\Windows\Minidump\121212-23134-01.dmp


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by fbriss on Fri 14 Dec 2012, 8:46 am

Well, I know I look stupid, but can't I open it. No program on my pc can open it right now. On the net, they ask me to install something that I don't know, so what do I do?

fbriss

Rookie Surfer
Rookie Surfer

Posts : 52
Joined : 2008-12-01
Operating System : XP

View user profile

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by DragonMaster Jay on Sat 15 Dec 2012, 4:41 am

I just need the physical file uploaded...

Upload to SpeedyShare.com.
  • When you enter the site, click the center bar, "Click here to upload[...]", find the file "C:\Windows\Minidump\121212-23134-01.dmp". Select that, and upload it.
  • Once you do that, you will get a sharing link. Please post that in your next reply.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by fbriss on Sat 15 Dec 2012, 10:17 am

[You must be registered and logged in to see this link.]

fbriss

Rookie Surfer
Rookie Surfer

Posts : 52
Joined : 2008-12-01
Operating System : XP

View user profile

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by DragonMaster Jay on Mon 17 Dec 2012, 6:05 am

C:\Windows\Minidump\121212-23134-01.dmp

I need the one from 12/12/12 please as you can see in bold that I highlighted...


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Pop up probem/slow internet and/or computer thanks for your help

Post by Sponsored content Today at 6:13 am


Sponsored content


Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum