1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

pc running slow as day is long

Discussion in 'Windows - Virus and spyware problems' started by neptune, Nov 28, 2013.

  1. neptune

    neptune Regular member

    Joined:
    Apr 17, 2006
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    26
    thx for any help on this

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 4:20:33 PM, on 9/7/2013
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16912)
    Boot mode: Normal

    Running processes:
    C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\explorer.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=Snap...db-9a6be5d03141&searchtype=ds&q={searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=Snap...db-9a6be5d03141&searchtype=ds&q={searchTerms}
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;192.168.*.*;*.local;<local>
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
    O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll (file missing)
    O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll
    O2 - BHO: LinkVerifierBHO - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll
    O2 - BHO: WeCareReminder - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: Adblock Pro - {F385C231-605B-4d8f-ACA9-DBFF765BBE17} - C:\Program Files\Adblock Pro\AdblockPro.dll
    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
    O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll
    O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_52823F1ADEA898CCF34EADB85491D215] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
    O4 - HKUS\S-1-5-21-3401892445-2355830655-492447471-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
    O4 - HKUS\S-1-5-21-3401892445-2355830655-492447471-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
    O8 - Extra context menu item: &Block This Image (ABP) - C:\Program Files\Adblock Pro\blockimg.html
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: &Verify with DAP - C:\Program Files\DAP\dapverify.htm
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
    O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Adblock Pro Preferences - {E7FD3540-AB30-40f1-91E7-101F733C1FD5} - C:\Program Files\Adblock Pro\AdblockPro.dll
    O9 - Extra 'Tools' menuitem: Adblock Pro Preferences - {E7FD3540-AB30-40f1-91E7-101F733C1FD5} - C:\Program Files\Adblock Pro\AdblockPro.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\SETTIN~1\Datamngr\datamngr.dll C:\PROGRA~1\SETTIN~1\Datamngr\IEBHO.dll
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
    O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: SProtection - Iminent - C:\Program Files\Common Files\Umbrella\umbrella.exe
    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
    O23 - Service: WajamUpdater - Wajam - C:\Program Files\Wajam\Updater\WajamUpdater.exe

    --
    End of file - 10273 bytes
     
  2. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,153
    Likes Received:
    134
    Trophy Points:
    143
    turn off or uninstall your toobars like bing, Conduit Engine, snap.do. spybot or antimalwarebytes pick up wajam so might want to get rid of that & same with conduit as i always uninstall that 1.
     
  3. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Hi Neptune,

    Looks like you have some infection that usually comes bundled with junkware.
    You could disable some of it but it’s better to remove it.

    These three removal programs do a very good job of removing this kind of infection and after running them we can check if anything is left over.


    --AdwCleaner--

    Please download AdwCleaner by Xplode to your Desktop.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Delete tab follow the prompts.
    • A log file will automatically open after the scan has finished.
    • Please post the content of that log file with your next answer.
    • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).



    [​IMG] —Junkware Removal Tool--

    Please download Junkware Removal Tool to your Desktop.
    Please close your security software to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete, depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    • Please post the contents of JRT.txt into your reply.




    --RogueKiller--

    • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    • For Windows XP, double-click to start.
    • Wait until pre-scan has finished ...
    • Then Click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • click on "delete"
    • Wait until the Status box shows "Deleting Finished"
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
    • Exit/Close RogueKiller+


    Please paste the logs in your next reply.
    Let me know what problem persists.



    2oG
     
  4. neptune

    neptune Regular member

    Joined:
    Apr 17, 2006
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    26
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.0.8 (11.05.2013:1)
    OS: Windows 7 Ultimate x86
    Ran by kiss161 on Thu 11/28/2013 at 20:49:38.31
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services

    Successfully stopped: [Service] fastfreeconverterupdt
    Successfully deleted: [Service] fastfreeconverterupdt
    Successfully stopped: [Service] sprotection
    Successfully deleted: [Service] sprotection
    Successfully stopped: [Service] wajamupdater
    Successfully deleted: [Service] wajamupdater



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
    Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3401892445-2355830655-492447471-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\bonanzadealslive.exe
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\browserconnection.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\iehelperv2.5.0.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\iminent.webbooster.internetexplorer.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\priam_bho.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbcommonutils.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbhelper.exe
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\toolbar.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{25DA73D2-CBE0-43A5-8BFA-F757F5E69864}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bonanzadeals
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bonanzadealslive
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminent
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbarbackup
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbarlog
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wajam
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wecarereminder
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitengine
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\utorrentbar
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bonanzadeals
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bonanzadealslive
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitengine
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installiq
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\umbrella
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wajam
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\b
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealslive.oneclickctrl.9
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealslive.oneclickprocesslaunchermachine
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealslive.oneclickprocesslaunchermachine.1.0
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealslive.update3webcontrol.3
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.cocreateasync
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.cocreateasync.1.0
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.coreclass
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.coreclass.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.coremachineclass
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.coremachineclass.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.credentialdialogmachine
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.credentialdialogmachine.1.0
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.ondemandcomclassmachine
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.ondemandcomclassmachine.1.0
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.ondemandcomclassmachinefallback
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.ondemandcomclassmachinefallback.1.0
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.ondemandcomclasssvc
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.ondemandcomclasssvc.1.0
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.processlauncher
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.processlauncher.1.0
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3comclassservice
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3comclassservice.1.0
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3webmachine
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3webmachine.1.0
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3webmachinefallback
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3webmachinefallback.1.0
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3websvc
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bonanzadealsliveupdate.update3websvc.1.0
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iehelperv250.wecarereminder
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iehelperv250.wecarereminder.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.bandobjectattribute
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.bho
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.dockingpanel
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbar
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbarbandobject
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbardisplaystate
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbarmenuform
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ilividiehelper.dnsguard
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ilividiehelper.dnsguard.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.downloadargs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.linktopromoteargs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.rawdataargs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.tinyurlargs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.virallinkargs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.clientcallback
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.contractbase
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.addtousercontentcommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.checkloginstatuscommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.cleancachecommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.gameovercallback
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getcreditcommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getinstallationcontextcommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getloginstatuscommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getloginstatusresult
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getvariablecommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getvariableresult
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.installationcontextresult
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.loadcontentcommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.loadcontentcommandresult
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.logincommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.loginstatuschangedcallback
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.logoutcommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.mergeidentitycommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.myaccountcommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.playcontentcommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.postcontentcallback
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.recycleviewscommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.setvariablecommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.showbrowserwindowcommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.showcontrolcentercommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.showpluginwindowcommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.testcontentcommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.usercontentchangedcallback
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.variablechangedcallback
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.warmupcommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.welcomecommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.servercommand
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.serverresult
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.lightcontent
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.lighturi
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.mediatorserviceproxy
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.activecontenthandle.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.activecontenthandler
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.browserhelperobject
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.browserhelperobject.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.scriptextender
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.scriptextender.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.tinyurlhandler
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.tinyurlhandler.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\s
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.bandobject
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.bandobject.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.toolbarhelperobject
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.toolbarhelperobject.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\snapdo_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\snapdo_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajamupdater_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajamupdater_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bonanza deals
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitengine
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\infoatoms
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wajam
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{118d6ce9-5f18-42f9-958a-14676a629fde}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{e55e7026-ef2a-4a17-aaa7-db98ea3fd1b1}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_vdownloader_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_vdownloader_RASMANCS
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}



    ~~~ Files

    Successfully deleted: [File] C:\Windows\System32\Tasks\bonanzadealsliveupdatetaskmachinecore
    Successfully deleted: [File] C:\Windows\System32\Tasks\bonanzadealsliveupdatetaskmachineua
    Successfully deleted: [File] C:\Windows\System32\Tasks\bonanzadealsupdate
    Successfully deleted: [File] C:\Windows\System32\Tasks\launchapp
    Successfully deleted: [File] C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
    Successfully deleted: [File] C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
    Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npcouponprinter.dll"
    Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npmozcouponprinter.dll"
    Successfully deleted: [File] "C:\Windows\system32\conduitengine.tmp"
    Successfully deleted: [File] "C:\end"



    ~~~ Folders

    Successfully deleted: [Folder] "C:\ProgramData\bonanzadealslive"
    Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
    Successfully deleted: [Folder] "C:\ProgramData\iminent"
    Successfully deleted: [Folder] "C:\ProgramData\wecarereminder"
    Successfully deleted: [Folder] "C:\ProgramData\wincert"
    Successfully deleted: [Folder] "C:\Users\kiss161\AppData\Roaming\cleanmypc software"
    Successfully deleted: [Folder] "C:\Users\kiss161\AppData\Roaming\iminent"
    Successfully deleted: [Folder] "C:\Users\kiss161\AppData\Roaming\onetab"
    Successfully deleted: [Folder] "C:\Users\kiss161\appdata\local\bonanzadealslive"
    Successfully deleted: [Folder] "C:\Users\kiss161\appdata\local\conduit"
    Successfully deleted: [Folder] "C:\Users\kiss161\appdata\local\cre"
    Successfully deleted: [Folder] "C:\Users\kiss161\appdata\local\download beast"
    Successfully deleted: [Folder] "C:\Users\kiss161\appdata\local\getsav-in"
    Successfully deleted: [Folder] "C:\Users\kiss161\appdata\local\smartbar"
    Successfully deleted: [Folder] "C:\Users\kiss161\appdata\local\wajam"
    Successfully deleted: [Folder] "C:\Users\kiss161\appdata\locallow\babylontoolbar"
    Successfully deleted: [Folder] "C:\Users\kiss161\appdata\locallow\conduit"
    Failed to delete: [Folder] "C:\Users\kiss161\appdata\locallow\conduitengine"
    Successfully deleted: [Folder] "C:\Users\kiss161\appdata\locallow\fast free converter"
    Successfully deleted: [Folder] "C:\Users\kiss161\appdata\locallow\toolbar4"
    Successfully deleted: [Folder] "C:\Users\kiss161\appdata\locallow\utorrentbar"
    Successfully deleted: [Folder] "C:\Program Files\bonanzadeals"
    Successfully deleted: [Folder] "C:\Program Files\bonanzadealslive"
    Successfully deleted: [Folder] "C:\Program Files\conduit"
    Successfully deleted: [Folder] "C:\Program Files\conduitengine"
    Successfully deleted: [Folder] "C:\Program Files\coupons"
    Successfully deleted: [Folder] "C:\Program Files\download beast"
    Successfully deleted: [Folder] "C:\Program Files\epicplay"
    Successfully deleted: [Folder] "C:\Program Files\fast free converter"
    Successfully deleted: [Folder] "C:\Program Files\file type helper"
    Successfully deleted: [Folder] "C:\Program Files\iminent"
    Successfully deleted: [Folder] "C:\Program Files\infoatoms"
    Successfully deleted: [Folder] "C:\Program Files\mypc backup"
    Successfully deleted: [Folder] "C:\Program Files\w3i, llc"
    Successfully deleted: [Folder] "C:\Program Files\wajam"
    Successfully deleted: [Folder] "C:\Program Files\Common Files\umbrella"
    Successfully deleted: [Folder] "C:\Users\kiss161\AppData\Roaming\microsoft\windows\start menu\programs\bonanzadeals"
    Successfully deleted: [Folder] "C:\Users\kiss161\AppData\Roaming\microsoft\windows\start menu\programs\wajam"
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{00A58BF9-0902-4B23-84B5-0905F3955781}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{03E30ABB-1138-4302-A105-2784DA16EAC4}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{044BF28A-D351-4DD5-B50B-5DAF6EA289B4}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{0469ECD7-480A-4528-8A02-D94EAA2219AD}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{06B51E98-0DA5-484A-989D-C972D742B81C}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{07BBB78A-82EB-4AA5-8B80-505178EA6EC3}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{08A06043-4031-4ACF-B237-469CA080B186}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{098071D0-A7AC-41A5-ABB8-DDBEBD7F66D8}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{0B59E9F1-5BC1-4938-A362-E0EE74A251E1}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{0BE72E9E-9C0C-447D-8B8F-17CE9372A371}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{0C20C6E7-529B-45DE-9DCE-1D513DF57CBA}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{0E0796B3-4592-44CE-9CB2-7927F59A1A92}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{0EDC1336-DB49-4132-AF96-F1B2DA859551}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{1109A1C9-D331-441F-8E30-E6AAFDC81E1A}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{114347B3-E63F-4389-8EEC-776E1CB386DA}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{12D34301-5B5C-42D2-8990-12B8B775632B}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{130F55C5-8530-4920-9EEF-204355AE14B4}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{1C9F53B8-3B52-41E3-B644-63E6AC903D71}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{1E832D32-6510-48CE-A640-8F1189A5ED68}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{1E86946B-DEFF-44A0-BDCC-FFE04BB0E3CA}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{1F69B3A2-DCFA-46BE-BF58-E7F5CE9EF8E5}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{20EC6EBB-CD50-4284-9F9A-928CF487F8A1}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{21393229-216D-4BA1-A976-6F1C0016AF8B}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{21514CB1-D223-44C7-862C-CB1A264AC5C8}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{21DF8821-341A-4E36-841F-86F450F56ACC}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{2580BADF-1B26-4AB3-A420-4ACDE62BB424}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{26FC9E38-972F-474D-9FB2-676A89473CBA}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{27483C12-45D0-4528-9162-8DD5521E1D05}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{28A2F602-BFA5-450F-9D8B-EAE2CB535B99}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{29837696-054F-46DE-B078-B6BE494871FD}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{2AC91096-FBD9-4B09-948E-688272807B23}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{2EA1200D-EE46-4B7D-BFE6-370A88AAD815}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{2FFA6478-2EFE-4D49-85D0-13052C396B96}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{308BFD7F-FFBB-4F34-9FC4-FE4763511FD1}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{328F80F4-3645-4A88-A613-3C5F9C839430}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{38350617-AC4E-43A1-8C8A-99AAA1F96B62}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{398859CD-2E60-4074-86AF-A9CDDBE586EE}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{3A512E83-F9A6-4A1F-841E-E16A53A19E86}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{3BBCACE3-5A1D-4B13-A20C-D324DBA8FCBA}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{3CEE1855-0A2C-45F6-8DD4-14B5EC9DC8C2}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{3F13009E-4D62-4D62-8DDC-03078B8FC8F9}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{3FE6FAD1-E3D7-4364-92D4-4A86DFCA06EE}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{42FE8678-8D4A-4911-B0A0-5609740FC189}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{43731AA6-39FA-4131-B764-5DB639ADCEBC}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{48F37962-F816-4542-8EE8-F45AB4CCC7BD}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{4A7BD45A-085F-4F9E-BEB5-4E6A7DF8B2DF}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{4D1818EC-3BEF-48C7-A558-64A6CE05287D}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{4D89DBB4-5853-4E28-8BEA-01307E26CA34}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{4E2A59A0-1C59-47AF-A728-02E86B180823}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{4F72855E-5CE9-4315-A706-E9AC485EEAC1}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{558DE5D3-90F0-4E4C-B144-0266F12BD716}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{56680D83-B86A-44DE-919F-1B6187991A35}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{56EC19ED-446E-43DA-9935-57D00920C826}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{593B16D3-AA6C-4DB2-BB2A-CC1EA7AB8964}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{5B299A49-5340-494A-9FC2-8AC3DC5F5305}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{5CA5A646-DDAD-48C2-AF24-9E34C30CC8F6}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{5CC48BA0-0588-430F-842E-9039BBAB8EAF}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{5E1F368B-146D-4A6B-8D1D-F92328E66A10}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{5F24AC3E-C176-4006-AAA6-921C543294C6}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{5F79298C-144B-4A66-9434-9B99BFC6BB0F}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{5FB0B6D8-1F4A-4D16-A5F4-D6A637518C21}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{6001805E-0FF0-412A-9D6B-9C28E40A80CC}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{6006F90A-8EEA-427C-908A-F20BBBAF9ADF}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{61082136-45A0-4ADE-96AC-839A14B122BE}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{61E6E9C4-1077-467A-A7AC-CC2E532BDA67}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{62055778-52AA-4D66-98B2-FDB97F38E2C9}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{622B4210-31B6-4867-8106-05C3FFDA224E}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{631626E8-03FF-471C-AE46-F89A324A4635}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{663539FD-CCA7-45D8-8F12-4B713E1FABCE}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{664E4050-E70F-4344-B36A-82C721737D24}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{66A66ABE-9AEF-49EC-8B0A-E6041317C3AA}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{66D4C460-DC7D-43FE-8E19-5ED4F988999E}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{68C31882-BAFC-47EC-935A-FFDCA6F340F5}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{69C4057E-BD03-4412-84DF-835A159AE35B}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{6CB4C775-FEB1-457F-9399-F608C92ABA49}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{704D69AE-4735-4496-84B1-6D4167F8E062}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{70F3C310-E752-464E-9DBD-ABD0A443FDE8}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{70FA9D49-3E83-4510-A622-A8CB5D41FB2F}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{717E1598-79EE-4E4E-A22A-5B4905842C28}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{731E3F70-E8A5-4DAA-A4F9-AC948E4E0BD7}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{743F64CC-7EB2-47DD-8A27-5A97492B8105}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{74CBEA29-00D2-42DB-8C84-6592AD7AF3C4}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{74E944BD-E1E5-498E-980B-F31E3D758C4B}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{76487069-5087-4EFF-A4D2-BFA6EC548DE2}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{76E253CC-20E4-47D5-80E8-EF4C12ECC744}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{7781E6E2-C3E8-423C-8305-13319B25BC8C}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{77C1518F-B011-47C9-A2C7-E8E3D3E856DC}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{780157D7-305C-4EF6-80FD-EF3FCD386C41}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{78C03878-8A85-4552-B559-D030412266D4}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{7959D9C6-3D5E-4E81-8232-48ED378AD04E}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{79FFB4C4-A0C0-41B5-89C4-048AC3BE5B77}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{7A1AB103-6742-495E-A881-E0BA98B7865B}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{7AC999E8-7DAD-449B-9B2A-0083F79E9C3D}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{7B693387-E4C0-4668-8FD8-EA2910EB00F7}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{7B89CABE-1225-4B8B-A1BA-01832CBDD657}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{7D6B940A-4793-4817-8BCA-D6214888D83A}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{7E09A550-3BDC-4213-9898-A7DF0B504B04}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{7ED348CD-4992-410B-9D2F-F924F105ED1A}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{8015AF7E-C918-47BE-A7DB-85F8A3F50B7B}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{806832AB-D725-4F62-A614-A2B366708562}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{831E0CF1-E497-430D-B4E2-FE66DAD55E61}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{8466424D-28B2-4DE8-8C10-9F42DE0D1812}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{863546CD-3435-4705-9C5F-28A1AD8DCC57}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{86577EE1-B6DB-4711-A068-3BF8058F4027}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{869497E8-19C1-4475-B579-79E14D52BDE1}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{890481E2-D243-484F-95CE-8263F5A605F1}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{8B5359AC-3261-4BE0-AABC-DFFE137BDE74}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{8BDFCA15-74E1-4C67-A06F-5853C7DDB427}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{8C6FC59B-D71E-4577-9689-4A24BB753875}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{8CAFC7C7-4CA4-43EB-ABBC-55ECBE583DE9}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{8D858745-06C0-4E2F-B22E-2A5595CB83BF}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{8E3F743D-48F2-4686-8533-B1D84389E840}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{8E5FBA6A-12C6-4506-A2F5-D4E873031F0B}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{8E7A56CB-1CAB-4572-89E6-8A4D87579D9E}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{8FEB2FDB-7476-46DA-A526-8B493716683D}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{925D6CBE-6B69-437D-9307-A773FE23F1C4}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{95757C7F-0843-4177-99D2-A05D55758F95}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{963F2223-4C7C-4498-B614-7A2866E22077}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{97EEDFF0-49DD-43C4-9D76-52D03FC81C08}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{9869A723-D4EF-414F-BFF4-A28FFBC034DB}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{9AB65DE6-A5D7-4390-8841-30248AC7D6BD}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{9B0521DB-531D-4FCC-BEE9-782A2016D173}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{9B4051D1-569E-490A-8A78-16283D4D666F}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{9C4B9FA9-FE3A-42ED-B76D-E0558E43872F}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{9D443D1D-A0B1-4ADB-BFBA-CA29FE0B2907}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{9D6B1544-A2D5-4963-8184-452C6D0D5BF3}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{9E4C4F85-FC10-48A9-828C-492F5CD33C60}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{9E8391AA-7AE0-484E-8BE9-9688BC0A8D71}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{9E915023-1CB9-4482-8377-31CA6ED4E8F8}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{A0B9BFB0-8912-45BD-B587-BC5245FEE489}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{A32658D3-DD8F-4F4D-BDAA-92C267C611E3}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{A3F45E8C-FB92-4A2B-8638-7D4847D106B2}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{A457CD67-817F-4341-B53A-8A9001127ACA}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{A4FC691F-5A52-49F5-AD33-C79EE06D6F1B}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{AA86C2C8-DE9C-405D-9B6B-2E9D8F079D91}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{AC7F19A7-2F8A-4C0B-BA2F-8964A74C798F}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{AED06B3F-B0E6-4D0D-9DE8-DA452DA30F6E}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{B1092118-18E0-4BA4-AE44-D99538566E08}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{B281BC16-F444-4874-AC00-BBBCC699A01D}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{B3C06AED-70C8-443E-8B81-9A55E56E1697}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{B4DD8523-CB90-4D08-ACDA-717DD10AB848}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{B5F92842-055E-4171-B1DF-F5667E4EA1BC}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{B6201C06-6B0F-42CA-B7F7-E4AC93F33A63}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{B8D7BC88-3574-488B-8105-25DB6963D960}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{B9E8B870-43C4-48DB-A97E-C409B4EB2E49}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{BBEF33DD-0D47-4791-A0EF-1C8E153E1AAA}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{BC6EF5A8-109E-4AA7-99AD-6E1426DA81E6}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{BD9FC7CA-9D99-4942-8CB9-4B0CF1BA83AE}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{C25329CA-BFCA-4704-9B9E-3A043F26C957}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{C2C9E0F9-35A1-4732-8089-422BC581DE67}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{C44ED921-E84E-4476-A7F7-0869D4354061}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{C4E374F2-20E4-4029-8EB9-9336FEF7FD76}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{C5ADB594-E334-465E-A41E-234A803D81D6}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{C5AF75EF-FC96-43B2-8E46-5EBF62DA59F5}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{C8935265-AED5-44EC-AEB2-F37D4F618EF2}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{C9861488-609F-45AF-A529-62F335AC5236}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{CA300508-60C9-4780-B95A-FDA124BABB51}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{CC2B6789-8274-46F6-BC5B-D70E60282452}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{CDE560B3-416D-4C8C-83EE-2DF273626C57}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{CE313124-2B0B-4BEE-ABAA-4DAAC82FDA81}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{CE965509-243F-4A46-A89D-2FB3668432E9}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{CF400517-57E0-4DDC-810F-E0AA2BC13E5D}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{D1D9B5AD-AE8A-4A21-B946-A23BDF726F9E}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{D22A5B1F-7990-423E-9068-7D74C52431A0}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{D233D9ED-32D0-4F00-A009-683AD6C3733C}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{D2AAD862-5806-484B-8BBF-39F3CC9138BC}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{D2AB975B-0C3F-40E2-BD0B-75CA6812D888}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{D5BABF93-C230-4E3B-980C-5F27EF5CABA5}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{D69EB32D-BD5A-4764-AC28-37773FA0EDF1}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{D6AA445F-A485-4A7D-AE9D-246D65CF2CCB}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{DACEDC17-6B76-454C-B47B-1C0BAA001FD8}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{DAFA3A03-4604-43E2-84B7-FC622E65AD29}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{DB0B9D30-12F5-4C19-A1C3-9C7AA742A0EA}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{DEB0A7C8-0D23-44A9-B878-BA64970CF6DC}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{E1685D26-4EEC-48F2-89C2-C4D86C478C45}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{E59103C0-2FEF-4C1B-AB2E-EC27DCA6D2F4}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{E591FB1E-8DD9-43AF-AE0C-EEADF4872A30}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{E844CB4D-821C-4D7D-B3CD-05D1BD57472B}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{EB022DFB-5834-4F94-9C29-7218DAECAD59}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{EB4E36AA-3FBC-48B8-9FAF-D2A6BAD598C8}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{EB55BFC6-FBE0-4DEA-89D6-FCB80F4BDDB8}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{EF0BC073-4C14-4951-B5B0-F4437E1A6838}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{EF66C00F-66EB-442B-B90D-61726B5C6B94}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{EFA95DAD-1CD5-4574-8EE5-C5D84E906D40}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{F409EDFC-156E-4E1C-8FEA-150C7C5FD16E}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{F49AAF1A-9D07-485C-9AF1-95FB1B4DF2AE}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{F749A3EF-BDED-4C48-A0DB-6420E43829BE}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{F785FB4E-AD0C-4939-953C-D3CA844FE6F7}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{F8A62D8C-EDAF-4CB4-85F9-94D3406A3A42}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{F9337F9F-9EA0-413C-AE51-166C26432320}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{FA3825F1-5C16-4C8E-A84C-3AF30C019B1F}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{FB1CC6DB-0B0A-4CE7-995C-7FBC5CAD08C7}
    Successfully deleted: [Empty Folder] C:\Users\kiss161\appdata\local\{FB97FE6D-87BD-4D56-B1E6-530DBDA742AE}



    ~~~ FireFox

    Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml"
    Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\bing.xml.old"
    Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\websearch.xml"
    Successfully deleted: [File] C:\Users\kiss161\AppData\Roaming\mozilla\firefox\profiles\nyqft85r.default\user.js
    Successfully deleted: [File] C:\Users\kiss161\AppData\Roaming\mozilla\firefox\profiles\nyqft85r.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
    Successfully deleted: [File] C:\Users\kiss161\AppData\Roaming\mozilla\firefox\profiles\nyqft85r.default\searchplugins\web search.xml
    Successfully deleted: [File] C:\Users\kiss161\AppData\Roaming\mozilla\firefox\profiles\nyqft85r.default\searchplugins\websearch.xml
    Successfully deleted: [Folder] "C:\Program Files\Mozilla Firefox\extensions\infoatoms@infoatoms.com"
    Failed to delete: [Folder] "C:\Program Files\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"
    Successfully deleted: [Folder] C:\Users\kiss161\AppData\Roaming\mozilla\firefox\profiles\nyqft85r.default\extensions\helperbar@helperbar.com
    Failed to delete: [Folder] C:\Users\kiss161\AppData\Roaming\mozilla\firefox\profiles\nyqft85r.default\extensions\wecarereminder@bryan
    Failed to delete: [Folder] C:\Users\kiss161\AppData\Roaming\mozilla\firefox\profiles\nyqft85r.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}
    Successfully deleted: [Folder] C:\Users\kiss161\AppData\Roaming\mozilla\firefox\profiles\nyqft85r.default\extensions\{c9b68337-e93a-44ea-94dc-cb300ec06444}
    Successfully deleted: [Folder] C:\Users\kiss161\AppData\Roaming\mozilla\firefox\profiles\nyqft85r.default\extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}
    Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\infoatoms@infoatoms.com
    Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\onetab@onetab.net
    Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\webbooster@iminent.com
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.bdupdater.com/bonanzadealslive update;version=3
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.bdupdater.com/bonanzadealslive update;version=9
    Successfully deleted the following from C:\Users\kiss161\AppData\Roaming\mozilla\firefox\profiles\nyqft85r.default\prefs.js

    user_pref("CT3247201.autoDisableScopes", -1);
    user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=114874&tt=4312_1&babsrc=NT_ss&mntrId=88265a4b000000000000001a92271160");
    user_pref("browser.search.order.1", "Web Search");
    user_pref("browser.startup.homepage", "hxxp://mysearch.avg.com?cid={AA89DD5E-F580-4236-AF71-F84A72B7CFBB}&mid=06a31180d74e47d38c38d153d4c3f893-bbb3d8d61ef6b68186f44149e3aba39e
    user_pref("extensions.BabylonToolbar.admin", false);
    user_pref("extensions.BabylonToolbar.aflt", "babsst");
    user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
    user_pref("extensions.BabylonToolbar.autoRvrt", "false");
    user_pref("extensions.BabylonToolbar.dfltLng", "en");
    user_pref("extensions.BabylonToolbar.excTlbr", false);
    user_pref("extensions.BabylonToolbar.id", "88265a4b000000000000001a92271160");
    user_pref("extensions.BabylonToolbar.instlDay", "15637");
    user_pref("extensions.BabylonToolbar.instlRef", "na");
    user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
    user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
    user_pref("extensions.BabylonToolbar.tlbrId", "base");
    user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=88265a4b000000000000001a92271160&q=");
    user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
    user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
    user_pref("extensions.BabylonToolbar_i.babExt", "");
    user_pref("extensions.BabylonToolbar_i.babTrack", "affID=114874&tt=4312_1");
    user_pref("extensions.BabylonToolbar_i.newTab", false);
    user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
    user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
    user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.822:53:44");
    user_pref("extensions.helperbar.SmartbarDisabled", false);
    user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
    user_pref("browser.startup.homepage", "hxxp://start.iminent.com/?appId=100048AF-5E57-4D61-AE08-4147D7533AC3");



    ~~~ Chrome

    Successfully deleted: [Folder] C:\Users\kiss161\appdata\local\Google\Chrome\User Data\Default\Extensions\cbnocfnjkmlljbfgpkbhefnlpbiemhif
    Successfully deleted: [Folder] C:\Users\kiss161\appdata\local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\cbnocfnjkmlljbfgpkbhefnlpbiemhif
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Thu 11/28/2013 at 20:53:23.83
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    RogueKiller V8.7.9 [Nov 25 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.adlice.com/forum/
    Website : http://www.adlice.com/softwares/roguekiller/
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows 7 (6.1.7600 ) 32 bits version
    Started in : Normal mode
    User : kiss161 [Admin rights]
    Mode : Remove -- Date : 11/28/2013 21:00:40
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 6 ¤¤¤
    [HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
    [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
    [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1)
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

    ¤¤¤ Scheduled tasks : 2 ¤¤¤
    [V1][SUSP PATH] Playtopus Updater.job : C:\Windows\System32\rundll32.exe - C:\Users\kiss161\AppData\Local\PLAYTO~1\Updater.dll,ProcessRequest [7][-][x] -> DELETED
    [V2][SUSP PATH] Playtopus Updater : C:\Windows\System32\rundll32.exe - C:\Users\kiss161\AppData\Local\PLAYTO~1\Updater.dll,ProcessRequest [7][-][x] -> DELETED

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [LOADED] ¤¤¤

    ¤¤¤ External Hives: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts


    127.0.0.1 localhost


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Maxtor 6L300R0 ATA Device +++++
    --- User ---
    [MBR] a3b06ddbbe2e9cd68fdfc8368055adb6
    [BSP] 8b3527ae0bb0d3ed14f1e27d7a750f0a : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 286179 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[0]_D_11282013_210040.txt >>
    RKreport[0]_S_11282013_210033.txt




     
    Last edited: Nov 28, 2013
  5. neptune

    neptune Regular member

    Joined:
    Apr 17, 2006
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    26
    thx ddp and happy thanksgiving to you and your family
     
  6. neptune

    neptune Regular member

    Joined:
    Apr 17, 2006
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    26
    i couldnt download -AdwCleaner- and thx again 2oldGeek
     
  7. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    You're more than welcome, neptune.

    That probably got the most of your infection. Running OK?

    If you would like, I can look over a scan and fix anything it missed..

    to do that:

    Please download OTL by OldTimer to your Desktop.

    If you already have a copy of OTL, delete it and use this version.

    Double click OTL.exe to launch the program.

    Check the following.
    Scan all users.
    Standard Output.
    Lop check.
    Purity check.
    Under Extra Registry section, select Use SafeList
    Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).

    When finished it will produce two logs.
    OTL.txt (open on your desktop).
    Extras.txt (minimized in your taskbar)

    Please post me both logs


    I'll check it and write a fix for any leftovers.
    have a happy'
    2oG
     
  8. neptune

    neptune Regular member

    Joined:
    Apr 17, 2006
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    26
    OTL logfile created on: 12/1/2013 6:41:05 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kiss161\Downloads
    Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.97 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 33.36% Memory free
    5.93 Gb Paging File | 3.67 Gb Available in Paging File | 61.78% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 279.47 Gb Total Space | 14.93 Gb Free Space | 5.34% Space Free | Partition Type: NTFS

    Computer Name: KISS161-PC | User Name: kiss161 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/12/01 18:39:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kiss161\Downloads\OTL.exe
    PRC - [2013/11/21 20:42:22 | 002,334,384 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
    PRC - [2013/11/21 20:42:21 | 001,643,696 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe
    PRC - [2013/11/21 20:42:19 | 000,161,968 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\loggingserver.exe
    PRC - [2013/11/14 06:29:33 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    PRC - [2013/11/01 15:11:20 | 000,067,584 | ---- | M] (PasswordBox, Inc.) -- C:\Program Files\PasswordBox\pbbtnService.exe
    PRC - [2013/07/06 22:35:39 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
    PRC - [2013/05/23 10:26:30 | 003,298,864 | ---- | M] (mIRC Co. Ltd.) -- C:\Program Files\mIRC\mirc.exe
    PRC - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2012/03/29 13:22:04 | 002,648,576 | ---- | M] (LIGHTNING UK!) -- C:\Program Files\ImgBurn\ImgBurn.exe
    PRC - [2012/02/29 18:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    PRC - [2012/02/29 15:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    PRC - [2012/02/29 15:58:36 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    PRC - [2012/02/01 16:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
    PRC - [2012/02/01 16:55:58 | 000,214,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
    PRC - [2011/07/15 23:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
    PRC - [2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2010/11/06 21:24:32 | 001,866,864 | ---- | M] (PeerBlock, LLC) -- C:\Program Files\PeerBlock\peerblock.exe
    PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    PRC - [2010/03/06 04:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
    PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2009/07/13 20:14:13 | 000,776,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
    PRC - [2009/03/19 11:44:50 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    PRC - [2009/03/19 11:44:28 | 002,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
    PRC - [2008/02/19 09:12:18 | 000,537,256 | ---- | M] ( ) -- C:\Windows\System32\lxbkcoms.exe
    PRC - [2007/01/13 18:14:04 | 000,158,672 | ---- | M] (Aelitis) -- C:\Azureus\Azureus.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/11/21 20:42:23 | 000,145,072 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.3\SiteSafety.dll
    MOD - [2013/11/21 20:42:22 | 002,334,384 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
    MOD - [2013/11/21 20:42:22 | 000,521,904 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\log4cplusU.dll
    MOD - [2013/11/14 06:29:31 | 000,399,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppgooglenaclpluginchrome.dll
    MOD - [2013/11/14 06:29:29 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll
    MOD - [2013/11/14 06:28:34 | 001,619,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
    MOD - [2013/10/08 23:13:41 | 016,233,864 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_117.dll
    MOD - [2013/07/06 22:35:48 | 000,835,584 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
    MOD - [2013/07/06 22:35:48 | 000,312,832 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
    MOD - [2013/07/06 22:35:48 | 000,158,208 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
    MOD - [2013/07/06 22:35:48 | 000,101,888 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
    MOD - [2013/07/06 22:35:48 | 000,096,256 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
    MOD - [2013/07/06 22:35:48 | 000,094,208 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
    MOD - [2013/07/06 22:35:48 | 000,093,696 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
    MOD - [2013/07/06 22:35:48 | 000,073,728 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
    MOD - [2013/07/06 22:35:48 | 000,067,072 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
    MOD - [2013/07/06 22:35:48 | 000,062,976 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
    MOD - [2013/07/06 22:35:48 | 000,057,344 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
    MOD - [2013/07/06 22:35:48 | 000,038,912 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
    MOD - [2012/02/01 16:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
    MOD - [2011/05/28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
    MOD - [2010/03/24 20:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    MOD - [2010/01/30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    MOD - [2007/01/13 18:14:04 | 000,069,632 | ---- | M] () -- C:\Azureus\aereg.dll


    ========== Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe /medsvc -- (bonanzadealslivem)
    SRV - File not found [Auto | Stopped] -- C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe /svc -- (bonanzadealslive)
    SRV - [2013/11/21 20:42:21 | 001,643,696 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe -- (vToolbarUpdater17.1.3)
    SRV - [2013/11/01 15:11:20 | 000,067,584 | ---- | M] (PasswordBox, Inc.) [Auto | Running] -- C:\Program Files\PasswordBox\pbbtnService.exe -- (PasswordBox)
    SRV - [2013/10/08 23:13:43 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/10/24 16:06:35 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\srvany.exe -- (KMService)
    SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2012/02/29 18:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
    SRV - [2012/02/01 16:55:58 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
    SRV - [2012/01/29 23:56:03 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV - [2010/03/25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
    SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
    SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
    SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
    SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2009/03/19 11:48:08 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
    SRV - [2009/03/19 11:44:50 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
    SRV - [2008/02/19 09:12:18 | 000,537,256 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxbkcoms.exe -- (lxbk_device)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\kiss161\AppData\Local\Temp\catchme.sys -- (catchme)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\kiss161\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO)
    DRV - [2013/11/21 20:42:23 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
    DRV - [2013/04/24 16:03:37 | 000,028,760 | ---- | M] (Olof Lagerkvist) [Kernel | On_Demand | Stopped] -- C:\UBCD4Win\imdisk.sys -- (ImDisk)
    DRV - [2013/03/18 21:13:46 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\gfibto.sys -- (gfibto)
    DRV - [2013/01/22 14:25:54 | 000,063,464 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
    DRV - [2012/04/13 10:05:06 | 000,073,096 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
    DRV - [2012/02/29 18:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
    DRV - [2011/06/09 16:11:29 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
    DRV - [2010/11/09 14:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
    DRV - [2010/11/06 21:24:32 | 000,020,080 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
    DRV - [2010/04/12 03:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
    DRV - [2010/03/10 16:25:58 | 000,020,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz133_x32.sys -- (cpuz133)
    DRV - [2010/01/26 21:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
    DRV - [2009/08/04 10:28:18 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
    DRV - [2009/07/13 20:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
    DRV - [2009/07/13 20:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
    DRV - [2009/07/13 20:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
    DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2009/07/13 18:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
    DRV - [2009/07/13 18:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
    DRV - [2009/07/13 17:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
    DRV - [2009/07/06 10:48:02 | 000,011,448 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
    DRV - [2009/03/19 11:45:38 | 000,038,240 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
    DRV - [2009/03/19 11:45:34 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
    DRV - [2009/03/19 11:45:32 | 000,131,976 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
    DRV - [2009/03/19 11:44:34 | 000,107,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
    DRV - [2009/03/19 11:41:38 | 000,113,960 | ---- | M] (ESET) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
    DRV - [2008/05/06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
    DRV - [2004/08/13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
    IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

    IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

    IE - HKU\S-1-5-21-3401892445-2355830655-492447471-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKU\S-1-5-21-3401892445-2355830655-492447471-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    IE - HKU\S-1-5-21-3401892445-2355830655-492447471-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 8E CE C6 FF 23 CC 01 [binary data]
    IE - HKU\S-1-5-21-3401892445-2355830655-492447471-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
    IE - HKU\S-1-5-21-3401892445-2355830655-492447471-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
    IE - HKU\S-1-5-21-3401892445-2355830655-492447471-1000\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
    IE - HKU\S-1-5-21-3401892445-2355830655-492447471-1000\..\SearchScopes\{041BBFBD-3D41-4CFC-8561-5D40BA0BDF39}: "URL" = http://www.google.com/search?q={sea...rce}&ie={inputEncoding?}&oe={outputEncoding?}
    IE - HKU\S-1-5-21-3401892445-2355830655-492447471-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-3401892445-2355830655-492447471-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;192.168.*.*;*.local;<local>


    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
    FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
    FF - prefs.js..extensions.enabledAddons: textlinks@epicplay.com:1.0.0
    FF - prefs.js..extensions.enabledAddons: wecarereminder@bryan:5.0.7.0
    FF - prefs.js..extensions.enabledAddons: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
    FF - prefs.js..extensions.enabledAddons: helperbar@helperbar.com:1.0
    FF - prefs.js..extensions.enabledAddons: links@playtopus.com:1.0.0
    FF - prefs.js..extensions.enabledAddons: {1930e38a-deef-4cf4-9bfb-9c4ea3689a9d}:10.13.40.15
    FF - prefs.js..extensions.enabledAddons: {5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}:1.26
    FF - prefs.js..extensions.enabledAddons: {87934c42-161d-45bc-8cef-ef18abe2a30c}:2.5
    FF - prefs.js..extensions.enabledAddons: {C9B68337-E93A-44EA-94DC-CB300EC06444}:5.30.4
    FF - prefs.js..extensions.enabledAddons: infoatoms@infoatoms.com:1.4.0.0
    FF - prefs.js..extensions.enabledAddons: support@vdownloader.com:3.9.1155
    FF - prefs.js..extensions.enabledAddons: daplinkchecker@speedbit.com:1.0.0.8
    FF - prefs.js..extensions.enabledAddons: webbooster@iminent.com:6.5.5.1
    FF - prefs.js..keyword.URL: ""
    FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
    FF - prefs.js..browser.search.selectedEngine: "StartWeb"
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.3\\npsitesafety.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKLM\Software\MozillaPlugins\npEpicPlayDisplayHost: C:\Program Files\EpicPlay\npEpicHost.dll File not found
    FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files\VDownloader\Addons\npVDownloader.dll (Vitzo)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@vdownloader.com: C:\Program Files\VDownloader\Addons\FireFox [2013/09/26 22:00:24 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/11/26 14:12:27 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/11/26 14:12:32 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\daplinkchecker@speedbit.com: C:\Program Files\DAP\daplinkchecker [2012/07/17 06:27:26 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.1.3.2 [2013/11/21 20:42:55 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\extension@Fast_Free_Converter.com: C:\Program Files\Fast Free Converter\FastFreeConverter\extension@Fast_Free_Converter.com
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\firefox@passwordbox.com: C:\Program Files\PasswordBox\Firefox [2013/11/21 20:42:57 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/08/06 17:21:09 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/28 20:50:08 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/11/03 23:51:37 | 000,000,000 | ---D | M]

    [2013/03/18 21:57:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kiss161\AppData\Roaming\Mozilla\Extensions
    [2013/11/28 20:52:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\extensions
    [2012/12/02 23:23:06 | 000,000,000 | ---D | M] (InternetHelper1.5) -- C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\extensions\{1930e38a-deef-4cf4-9bfb-9c4ea3689a9d}
    [2013/06/05 05:04:24 | 000,000,000 | ---D | M] (getsav-in) -- C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\extensions\getsav-in@jetpack
    [2013/03/18 21:15:44 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
    [2013/06/26 10:27:04 | 000,000,000 | ---D | M] (Playtopus) -- C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\extensions\links@playtopus.com
    [2011/09/15 15:12:09 | 000,000,000 | ---D | M] (EpicPlay Games) -- C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\extensions\textlinks@epicplay.com
    [2013/11/28 20:52:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\extensions\wecarereminder@bryan
    [2013/08/14 13:58:45 | 000,613,889 | ---- | M] () (No name found) -- C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\extensions\webbooster@iminent.com.xpi
    [2013/11/21 20:43:51 | 000,003,726 | ---- | M] () -- C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\searchplugins\safeguard-secure-search.xml
    [2013/11/28 20:52:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    File not found (No name found) -- C:\USERS\KISS161\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NYQFT85R.DEFAULT\EXTENSIONS\{F9D03C26-0575-497E-821D-F7956D23E0CA}
    [2013/04/16 14:37:54 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2013/03/18 21:15:42 | 000,000,628 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml
    [2011/08/11 22:16:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
    [2013/11/21 20:42:59 | 000,003,726 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml
    [2013/01/10 14:08:36 | 000,002,147 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\StartWeb.xml
    [2013/03/18 21:57:23 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\WebSearch.xml

    ========== Chrome ==========

    CHR - default_search_provider: StartWeb (Enabled)
    CHR - default_search_provider: search_url = http://start.iminent.com/?appId=100048AF-5E57-4D61-AE08-4147D7533AC3&ref=toolbox&q={searchTerms}
    CHR - default_search_provider: suggest_url = ,
    CHR - homepage: http://start.iminent.com/?appId=100048AF-5E57-4D61-AE08-4147D7533AC3
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll
    CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
    CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
    CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
    CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime Alternative\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime Alternative\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime Alternative\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime Alternative\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime Alternative\plugins\npqtplugin5.dll
    CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    CHR - plugin: EpicPlay NPAPI Display Host (Enabled) = C:\Program Files\EpicPlay\npEpicHost.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
    CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
    CHR - plugin: VDownloader (Enabled) = C:\Program Files\VDownloader\Addons\npVDownloader.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
    CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
    CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\system32\npDeployJava1.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
    CHR - Extension: No name found = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\agogmgfohokgmpiendjpnapecmdlmccg\1.0_0\
    CHR - Extension: DAP Link Checker = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: No name found = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn\1.8.133_0\
    CHR - Extension: DAP Link Checker = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Bookmark Manager = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: No name found = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoccbpoodnckjdnackiffhjfkogfhnhh\3.2.800\
    CHR - Extension: Download Accelerator Plus (DAP) = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.10_0\
    CHR - Extension: No name found = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcemhggbahmlmhgnbpbbdaklcojhbecn\2.0.0.0_0\
    CHR - Extension: No name found = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\5.8.13.1_0\
    CHR - Extension: No name found = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\7.33.3.1_0\
    CHR - Extension: No name found = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\7.35.1.1_0\
    CHR - Extension: No name found = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\7.36.1.1_0\
    CHR - Extension: No name found = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl\5.0_0\
    CHR - Extension: No name found = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\
    CHR - Extension: Google Wallet = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
    CHR - Extension: Google Wallet = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_1\
    CHR - Extension: Google Wallet = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
    CHR - Extension: Google Wallet = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
    CHR - Extension: Shockwave Flash = C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2013/09/07 15:14:56 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
    O3 - HKU\S-1-5-21-3401892445-2355830655-492447471-1000\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll File not found
    O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
    O4 - HKLM..\Run: [vProt] C:\Program Files\AVG SafeGuard toolbar\vprot.exe ()
    O4 - HKU\S-1-5-21-3401892445-2355830655-492447471-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3401892445-2355830655-492447471-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3401892445-2355830655-492447471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\S-1-5-21-3401892445-2355830655-492447471-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &Block This Image (ABP) - C:\Program Files\Adblock Pro\blockimg.html ()
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
    O8 - Extra context menu item: &Verify with DAP - C:\Program Files\DAP\dapverify.htm ()
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra Button: Adblock Pro Preferences - {E7FD3540-AB30-40f1-91E7-101F733C1FD5} - C:\Program Files\Adblock Pro\AdblockPro.dll (Adblock Pro Team)
    O9 - Extra 'Tools' menuitem : Adblock Pro Preferences - {E7FD3540-AB30-40f1-91E7-101F733C1FD5} - C:\Program Files\Adblock Pro\AdblockPro.dll (Adblock Pro Team)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B54F3D9F-6AD8-4A99-9B33-B40E86E04B35}: DhcpNameServer = 192.168.2.1
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/11/29 12:19:46 | 000,000,000 | ---D | C] -- C:\Users\kiss161\Desktop\david pics 112013
    [2013/11/28 20:55:01 | 000,000,000 | ---D | C] -- C:\Users\kiss161\Desktop\RK_Quarantine
    [2013/11/28 20:49:34 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
    [2013/11/23 12:21:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
    [2013/11/23 12:21:10 | 000,000,000 | ---D | C] -- C:\Program Files\mIRC
    [2013/11/21 20:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\PasswordBox
    [2013/11/19 17:26:49 | 000,000,000 | ---D | C] -- C:\Users\kiss161\.swt
    [2013/11/09 22:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanMyPC Registry Cleaner
    [2013/11/09 22:58:20 | 000,000,000 | ---D | C] -- C:\Program Files\CleanMyPC
    [2013/11/09 22:56:21 | 000,000,000 | ---D | C] -- C:\Users\kiss161\Desktop\New folder
    [2013/11/05 20:05:39 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2013/11/05 20:02:51 | 000,000,000 | --SD | C] -- C:\ComboFix
    [2013/11/03 23:51:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
    [2013/11/03 23:51:36 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
    [2013/11/03 23:51:36 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
    [2013/11/03 22:35:07 | 000,663,552 | ---- | C] (ESET) -- C:\ESETUninstaller.exe
    [2011/06/07 21:35:38 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\kiss161\AppData\Roaming\pcouffin.sys
    [2011/06/06 00:02:43 | 000,108,424 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\APNStub.exe
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/12/01 18:42:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/12/01 18:26:36 | 000,022,400 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/12/01 18:26:36 | 000,022,400 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/12/01 18:13:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/12/01 18:08:17 | 000,000,080 | ---- | M] () -- C:\Users\kiss161\Desktop\Connected Devices.url
    [2013/11/30 20:42:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/11/29 20:30:52 | 000,659,580 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2013/11/29 20:30:52 | 000,120,508 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2013/11/29 20:26:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/11/29 20:26:25 | 2389,614,592 | -HS- | M] () -- C:\hiberfil.sys
    [2013/11/29 14:26:33 | 000,188,200 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
    [2013/11/29 12:33:42 | 000,000,085 | ---- | M] () -- C:\Users\kiss161\Desktop\20% Off Coupon Unique 11.url
    [2013/11/28 15:58:08 | 001,424,826 | ---- | M] () -- C:\Users\kiss161\Desktop\kia.JPG
    [2013/11/28 15:46:49 | 001,969,325 | ---- | M] () -- C:\Users\kiss161\Desktop\ford hubcap.JPG
    [2013/11/28 15:32:38 | 000,670,774 | ---- | M] () -- C:\Users\kiss161\Desktop\filters.JPG
    [2013/11/23 23:05:19 | 000,001,189 | ---- | M] () -- C:\Users\kiss161\AppData\Roaming\vso_ts_preview.xml
    [2013/11/23 12:21:14 | 000,000,909 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk
    [2013/11/21 20:42:23 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
    [2013/11/16 22:18:53 | 000,002,973 | ---- | M] () -- C:\Users\kiss161\Desktop\HiJackThis.lnk
    [2013/11/14 17:46:37 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2013/11/13 23:52:49 | 000,007,625 | ---- | M] () -- C:\Users\kiss161\AppData\Local\Resmon.ResmonCfg
    [2013/11/13 23:47:29 | 000,002,225 | ---- | M] () -- C:\Users\kiss161\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2013/11/12 17:42:19 | 000,001,130 | ---- | M] () -- C:\Users\kiss161\Desktop\Continue Zip Opener Installation.lnk
    [2013/11/09 22:58:40 | 000,001,071 | ---- | M] () -- C:\Users\kiss161\Desktop\CleanMyPC - Registry Cleaner.lnk
    [2013/11/05 21:53:09 | 099,690,728 | ---- | M] () -- C:\Users\kiss161\Desktop\7601.17514.101119-1850_Update_Sp_Wave1-GRMSP1.1_DVD.iso
    [2013/11/03 22:35:07 | 000,663,552 | ---- | M] (ESET) -- C:\ESETUninstaller.exe
    [2013/11/03 13:42:46 | 000,057,069 | ---- | M] () -- C:\Windows\System32\epfwdata.bin
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/12/01 18:43:04 | 730,982,400 | ---- | C] () -- C:\Users\kiss161\Desktop\ewdp-natlamchrisvac.xvid.avi
    [2013/12/01 18:08:18 | 000,000,080 | ---- | C] () -- C:\Users\kiss161\Desktop\Connected Devices.url
    [2013/11/29 14:26:33 | 000,188,200 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
    [2013/11/29 12:33:43 | 000,000,085 | ---- | C] () -- C:\Users\kiss161\Desktop\20% Off Coupon Unique 11.url
    [2013/11/28 15:58:05 | 001,424,826 | ---- | C] () -- C:\Users\kiss161\Desktop\kia.JPG
    [2013/11/28 15:46:44 | 001,969,325 | ---- | C] () -- C:\Users\kiss161\Desktop\ford hubcap.JPG
    [2013/11/28 15:32:37 | 000,670,774 | ---- | C] () -- C:\Users\kiss161\Desktop\filters.JPG
    [2013/11/23 12:21:14 | 000,000,909 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk
    [2013/11/19 18:14:13 | 734,705,664 | ---- | C] () -- C:\Users\kiss161\Desktop\mm-home.alone.4.dvdrip.xvid.avi
    [2013/11/12 20:42:47 | 000,002,973 | ---- | C] () -- C:\Users\kiss161\Desktop\HiJackThis.lnk
    [2013/11/12 17:42:19 | 000,001,130 | ---- | C] () -- C:\Users\kiss161\Desktop\Continue Zip Opener Installation.lnk
    [2013/11/09 23:20:23 | 000,002,225 | ---- | C] () -- C:\Users\kiss161\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2013/11/09 23:20:23 | 000,002,129 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2013/11/09 22:58:40 | 000,001,071 | ---- | C] () -- C:\Users\kiss161\Desktop\CleanMyPC - Registry Cleaner.lnk
    [2013/11/05 21:49:10 | 099,690,728 | ---- | C] () -- C:\Users\kiss161\Desktop\7601.17514.101119-1850_Update_Sp_Wave1-GRMSP1.1_DVD.iso
    [2013/11/03 13:42:46 | 000,057,069 | ---- | C] () -- C:\Windows\System32\epfwdata.bin
    [2013/08/13 05:15:39 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
    [2013/03/02 21:19:44 | 000,000,046 | ---- | C] () -- C:\Users\kiss161\jagex_cl_oldschool_LIVE.dat
    [2013/03/02 21:19:44 | 000,000,024 | ---- | C] () -- C:\Users\kiss161\random.dat
    [2013/01/27 09:35:06 | 000,210,944 | ---- | C] () -- C:\Windows\System32\msvcrt10.dll
    [2013/01/27 09:35:04 | 000,007,168 | ---- | C] () -- C:\Windows\System32\CHKPROC.DLL
    [2013/01/27 09:35:03 | 000,040,448 | ---- | C] () -- C:\Windows\System32\regobj.dll
    [2012/12/08 08:39:28 | 000,008,643 | ---- | C] () -- C:\Windows\wininit.ini
    [2012/12/07 17:41:05 | 000,007,625 | ---- | C] () -- C:\Users\kiss161\AppData\Local\Resmon.ResmonCfg
    [2012/12/02 12:53:13 | 000,011,448 | ---- | C] () -- C:\Windows\System32\drivers\AsUpIO.sys
    [2012/12/02 12:53:01 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
    [2012/12/02 12:53:01 | 000,011,296 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
    [2012/12/02 12:52:04 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
    [2012/11/04 21:14:36 | 000,001,189 | ---- | C] () -- C:\Users\kiss161\AppData\Roaming\vso_ts_preview.xml
    [2012/10/24 21:21:50 | 000,000,092 | ---- | C] () -- C:\Windows\crw.ini
    [2012/10/24 21:21:28 | 000,001,637 | ---- | C] () -- C:\Windows\S10Demo.ini
    [2012/10/24 21:21:28 | 000,000,363 | ---- | C] () -- C:\Windows\MIREPAIR.INI
    [2012/10/24 21:21:28 | 000,000,023 | ---- | C] () -- C:\Windows\Widgets.ini
    [2012/10/24 21:21:26 | 000,000,410 | ---- | C] () -- C:\Windows\ODBC.INI
    [2012/10/24 21:21:26 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
    [2012/10/24 21:20:46 | 000,000,123 | ---- | C] () -- C:\Windows\TAMSPricePurchase.ini
    [2012/10/24 21:20:45 | 000,244,736 | ---- | C] () -- C:\Windows\System32\TAB32D20.DLL
    [2012/10/24 21:20:44 | 000,139,264 | ---- | C] () -- C:\Windows\System32\MCDPartsOrder.dll
    [2012/10/24 21:20:44 | 000,094,208 | ---- | C] () -- C:\Windows\System32\PPrQpnConnect.dll
    [2012/10/24 21:20:44 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ODVehicle.dll
    [2012/10/24 16:07:23 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
    [2012/10/23 21:33:17 | 000,000,128 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
    [2012/10/23 21:32:34 | 000,114,688 | ---- | C] () -- C:\Windows\System32\XCTranNet2.dll
    [2012/10/23 00:49:19 | 000,446,258 | ---- | C] () -- C:\Windows\AutoKMS.exe
    [2012/07/17 06:27:23 | 000,109,256 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll
    [2012/07/17 06:27:23 | 000,090,824 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll
    [2012/01/28 01:11:15 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
    [2012/01/03 02:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\System32\abgx360.exe
    [2011/12/14 22:10:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2011/12/14 22:10:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2011/12/14 22:10:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2011/12/14 22:10:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2011/12/14 22:10:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2011/12/09 20:13:25 | 000,000,046 | ---- | C] () -- C:\Users\kiss161\jagex_cl_runescape_LIVE.dat
    [2011/10/11 23:18:36 | 000,004,608 | ---- | C] () -- C:\Users\kiss161\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/10/01 14:49:12 | 000,000,027 | ---- | C] () -- C:\Users\kiss161\AppData\Roaming\RSBot_Accounts.ini
    [2011/08/24 21:02:16 | 000,000,129 | ---- | C] () -- C:\Users\kiss161\jagex_runescape_preferences2.dat
    [2011/07/25 17:34:03 | 000,000,000 | ---- | C] () -- C:\Users\kiss161\AppData\Roaming\.NANotifyHere
    [2011/07/10 18:06:30 | 000,000,035 | ---- | C] () -- C:\Users\kiss161\jagex_RuneScape_preferences.dat
    [2011/06/07 21:35:38 | 000,007,887 | ---- | C] () -- C:\Users\kiss161\AppData\Roaming\pcouffin.cat
    [2011/06/07 21:35:38 | 000,001,144 | ---- | C] () -- C:\Users\kiss161\AppData\Roaming\pcouffin.inf
    [2011/06/06 00:02:44 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe

    ========== ZeroAccess Check ==========

    [2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2010/07/27 09:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== LOP Check ==========

    [2012/05/30 14:42:36 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\.minecraft
    [2013/09/14 10:54:24 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\0H1F2WtF1L1G1R
    [2011/09/06 18:25:08 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\2Flyer
    [2013/01/21 23:06:54 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\abgx360
    [2013/01/04 18:13:58 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\AnvSoft
    [2011/07/03 10:35:15 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\Apowersoft
    [2011/09/26 15:04:11 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\Audacity
    [2013/06/29 22:22:10 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\AVG
    [2013/12/01 18:44:26 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\Azureus
    [2011/06/09 16:12:53 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\DAEMON Tools Lite
    [2011/06/05 23:29:52 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\ESET
    [2012/08/23 22:10:21 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\EurekaLog
    [2011/06/19 10:45:17 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\GetRightToGo
    [2011/07/08 13:22:34 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\Grasssoft
    [2012/05/03 14:01:49 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\IDoser
    [2011/09/25 22:27:10 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\Image-Line
    [2013/09/16 14:19:03 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\ImgBurn
    [2012/12/15 22:52:36 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\MediaMonkey
    [2012/03/26 15:31:02 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\Motorola
    [2012/07/16 06:41:07 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\New Technology Studio
    [2013/11/12 20:22:56 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\NoNameScript
    [2013/02/09 07:14:29 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\Opera
    [2011/09/07 01:29:22 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\redsn0w
    [2013/03/18 21:15:42 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\SecureSearch
    [2012/06/02 17:29:23 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\Skinux
    [2012/08/23 21:49:25 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\thecleaner
    [2011/09/09 00:40:07 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\Tific
    [2013/09/07 14:38:19 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\TuneUp Software
    [2013/11/29 20:49:15 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\uTorrent
    [2013/11/30 16:54:19 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\VDownloader
    [2013/11/23 23:05:19 | 000,000,000 | ---D | M] -- C:\Users\kiss161\AppData\Roaming\Vso

    ========== Purity Check ==========



    ========== Files - Unicode (All) ==========
    [2013/11/23 23:30:52 | 000,000,071 | ---- | C] ()(C:\Users\kiss161\Desktop\? Dokken - The Hunter [HQ] - YouTube.url) -- C:\Users\kiss161\Desktop\&#9654; Dokken - The Hunter [HQ] - YouTube.url
    [2013/11/23 23:30:51 | 000,000,071 | ---- | M] ()(C:\Users\kiss161\Desktop\? Dokken - The Hunter [HQ] - YouTube.url) -- C:\Users\kiss161\Desktop\&#9654; Dokken - The Hunter [HQ] - YouTube.url
    [2013/09/30 20:11:08 | 000,000,070 | ---- | C] ()(C:\Users\kiss161\Desktop\? Vietnam Lost Films 4_6 - An Endless War [1968-1969] - YouTube.url) -- C:\Users\kiss161\Desktop\&#9654; Vietnam Lost Films 4_6 - An Endless War [1968-1969] - YouTube.url
    [2013/09/30 20:11:06 | 000,000,070 | ---- | M] ()(C:\Users\kiss161\Desktop\? Vietnam Lost Films 4_6 - An Endless War [1968-1969] - YouTube.url) -- C:\Users\kiss161\Desktop\&#9654; Vietnam Lost Films 4_6 - An Endless War [1968-1969] - YouTube.url
    [2013/09/30 19:59:43 | 000,000,070 | ---- | C] ()(C:\Users\kiss161\Desktop\? Vietnam War Documentary _ 06 Firepower _ How America Lost - YouTube.url) -- C:\Users\kiss161\Desktop\&#9654; Vietnam War Documentary _ 06 Firepower _ How America Lost - YouTube.url
    [2013/09/30 19:59:42 | 000,000,070 | ---- | M] ()(C:\Users\kiss161\Desktop\? Vietnam War Documentary _ 06 Firepower _ How America Lost - YouTube.url) -- C:\Users\kiss161\Desktop\&#9654; Vietnam War Documentary _ 06 Firepower _ How America Lost - YouTube.url
    [2013/09/21 10:16:36 | 000,000,071 | ---- | C] ()(C:\Users\kiss161\Desktop\? Rainbow - Street Of Dreams (official music video) HQ - YouTube.url) -- C:\Users\kiss161\Desktop\&#9654; Rainbow - Street Of Dreams (official music video) HQ - YouTube.url
    [2013/09/21 10:16:35 | 000,000,071 | ---- | M] ()(C:\Users\kiss161\Desktop\? Rainbow - Street Of Dreams (official music video) HQ - YouTube.url) -- C:\Users\kiss161\Desktop\&#9654; Rainbow - Street Of Dreams (official music video) HQ - YouTube.url

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 184 bytes -> C:\ProgramData\TEMP:FB1B13D8
    @Alternate Data Stream - 178 bytes -> C:\ProgramData\TEMP:ECF54A0E
    @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:56E2E879

    < End of report >



    OTL Extras logfile created on: 12/1/2013 6:41:05 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kiss161\Downloads
    Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.97 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 33.36% Memory free
    5.93 Gb Paging File | 3.67 Gb Available in Paging File | 61.78% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 279.47 Gb Total Space | 14.93 Gb Free Space | 5.34% Space Free | Partition Type: NTFS

    Computer Name: KISS161-PC | User Name: kiss161 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

    [HKEY_USERS\S-1-5-21-3401892445-2355830655-492447471-1000\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0939E4BF-2252-43B9-9A91-12F21C3BB1E8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{1D2491CB-3402-49D3-BACA-A444681C6083}" = rport=138 | protocol=17 | dir=out | app=system |
    "{1D845094-7C86-4688-AEAE-DC02D874AF25}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{214034CC-75AA-42D1-A59B-1259ACF3CB26}" = lport=139 | protocol=6 | dir=in | app=system |
    "{3E94B9A1-F7AE-402E-AD26-07C648E2CBBB}" = lport=138 | protocol=17 | dir=in | app=system |
    "{880A83ED-0B8E-46AC-9D64-C8AC7861ACD3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{B2F10075-CBA2-4EA8-90FD-7317DC15EB30}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
    "{B33CF998-55B2-40FB-9026-368D382EA573}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{B9BC64B1-F988-4B9E-BE2D-1A18A9AA17EA}" = lport=137 | protocol=17 | dir=in | app=system |
    "{C7EF39A9-1252-4617-B864-56CFB15A8ED9}" = rport=137 | protocol=17 | dir=out | app=system |
    "{C9E09D68-5FD3-4D1A-B70D-AC0391288090}" = lport=445 | protocol=6 | dir=in | app=system |
    "{CAC389F5-5ED1-4790-9688-03A0D78FC481}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{E42C0C5D-E3CA-472E-9614-C1102A964934}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{ED0587C4-D8D6-4275-93BF-29339065ADF1}" = rport=445 | protocol=6 | dir=out | app=system |
    "{FB57E6F4-742B-4E7E-AA85-B33A40FF9AE3}" = rport=139 | protocol=6 | dir=out | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{1F02428B-D151-41EE-8294-7AED80BD31C6}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
    "{1F401186-11FC-4429-B3CC-609F1D95BEE5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
    "{2170E37A-BCA5-49D7-B3B3-E16BADBBDE73}" = protocol=6 | dir=in | app=c:\users\kiss161\appdata\local\akamai\netsession_win.exe |
    "{24523B5A-369C-4DFF-B781-9F353652F6D1}" = dir=in | app=c:\program files\iminent\iminent.exe |
    "{309E75D9-237B-4E66-B0E6-35184FEB6E83}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
    "{3EF8550C-B4BB-472C-AC1B-BEFF07792453}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{412A5765-7452-4922-9E75-2049E8C91402}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
    "{47754CC3-CBCA-4621-ABB9-F0B44B93E204}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{5019942B-35D2-4943-8913-AE756AFFA823}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
    "{55B8F4EC-584A-4EA1-A80B-98DBE4663C8E}" = dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
    "{55F73AAE-E07D-402E-8061-CBA0D7392A92}" = protocol=6 | dir=in | app=c:\windows\system32\lxbkcoms.exe |
    "{622FD8CB-A67C-40B0-B122-F6A3456DCF8A}" = protocol=6 | dir=in | app=c:\program files\adblock pro\abpmain.exe |
    "{661DD879-76CD-4C74-AFD7-1442C2CECD82}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{8047B175-A9E7-4E87-8166-2401921F554C}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
    "{8431B26D-1B01-4E58-B557-23EB6C954D8C}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe |
    "{8BDD7008-76AA-4FB0-B781-B355B0D77326}" = protocol=6 | dir=in | app=c:\users\kiss161\appdata\roaming\utorrent\utorrent.exe |
    "{96A5DA48-8990-4E39-B6E3-BE842AE78E3F}" = dir=in | app=c:\program files\iminent\iminent.messengers.exe |
    "{9BBEB5D6-EF09-4E5A-8555-F8377936555A}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
    "{A3B61019-7565-4638-A547-B06CE0B82C89}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{C972C088-AF00-42A2-8141-F63EF205EAB0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{CBA17151-6B19-4C02-905B-6A079AF01473}" = protocol=17 | dir=in | app=c:\windows\system32\lxbkcoms.exe |
    "{CCD91770-1271-40D8-AECE-28869224F7BE}" = protocol=17 | dir=in | app=c:\program files\adblock pro\abpmain.exe |
    "{CFF8450D-9A6F-4030-B222-BC7A41AECF1F}" = protocol=17 | dir=in | app=c:\users\kiss161\appdata\local\akamai\netsession_win.exe |
    "{D4530631-7ACF-4A1C-BE79-8EA6550098D5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{D45F4384-9978-4DA2-8C11-24E8895E11A9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
    "{E75004B5-A95F-4955-9959-A38A738519CE}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe |
    "{EF44A308-AD59-4DA3-9C7F-F37AE022B7E1}" = dir=in | app=c:\program files\itunes\itunes.exe |
    "{F7886394-1553-491F-B67C-4511509207CB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{FD1D7960-6E20-484A-80C7-0AA8F4FD85F5}" = protocol=17 | dir=in | app=c:\users\kiss161\appdata\roaming\utorrent\utorrent.exe |
    "{FE949C28-823B-4FFE-A4AD-F508444CF2E7}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
    "{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
    "{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC4
    "{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
    "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
    "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
    "{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
    "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
    "{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
    "{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
    "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
    "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
    "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
    "{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{2CBB71EE-A4DD-4B4D-A635-608D8D1E6F81}" = Driver Tool
    "{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
    "{30E10267-3B27-42CC-B727-681DEBD30C4D}" = Clean Water Action TriMini Reminder by We-Care.com v5.0.2.2
    "{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
    "{3FF2493C-C629-43E0-A60B-79450FC04597}" = Snap.Do
    "{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
    "{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
    "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
    "{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
    "{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
    "{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
    "{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Help
    "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
    "{5E152D08-572A-3375-8FDE-DAD1EFB379BA}" = Microsoft Report Viewer Redistributable 2008
    "{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
    "{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
    "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
    "{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
    "{623B8278-8CAD-45C1-B844-58B687C07805}" = Bing Bar Platform
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
    "{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
    "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
    "{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
    "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
    "{7414C891-720D-4E86-85E5-C3AA898DA9EC}" = HP Deskjet 1050 J410 series Product Improvement Study
    "{759142E8-25B0-42AE-B408-4215065D3F4B}" = Windows Live Family Safety
    "{7603ED58-3AFF-45EA-9404-BA268E6CA558}" = Manheim Market Report 1.6
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
    "{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
    "{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
    "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
    "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
    "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
    "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
    "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
    "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
    "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
    "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
    "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
    "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
    "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
    "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
    "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
    "{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
    "{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
    "{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes
    "{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
    "{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
    "{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
    "{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
    "{97F2E8BE-3018-47D2-BC2D-F0B5E92D1BF3}" = Motorola Mobile Drivers Installation 5.5.0
    "{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
    "{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A6F5703D-A4B1-4857-9EDD-DC0ABBBB0D96}" = TuneUp Utilities Language Pack (en-US)
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
    "{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
    "{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.9.1616
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AB89101E-DA74-4A74-96CC-3D9198B20DC8}" = 3D Snowy Cottage
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
    "{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
    "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
    "{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
    "{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
    "{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.10
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.10
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
    "{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
    "{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
    "{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
    "{C111B73A-93EA-4A12-80E2-0460F11D431F}" = HP Deskjet 1050 J410 series Basic Device Software
    "{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
    "{C21C71CB-3E5C-401C-91D2-DEDACDB26BAF}" = ESET Smart Security
    "{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
    "{C515E2A3-4878-4C85-A519-52630C7AB08B}" = VirtualDJ PRO Full
    "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
    "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
    "{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
    "{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8
    "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
    "{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D7AC932D-297F-46C8-9834-FA23854CC150}_is1" = Video Converter Studio V2.1.3
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
    "{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365
    "{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
    "{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
    "{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
    "{EFDD7063-89FC-42E5-8C2E-817DDB04DCB0}}_is1" = Download Beast version 2.1.7
    "{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
    "{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
    "{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
    "{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
    "{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
    "{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
    "{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
    "{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
    "{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}" = Nero Burning ROM 10
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "abgx360" = abgx360 v1.0.6
    "Adblock Pro" = Adblock Pro 3.6
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.6
    "Akamai" = Akamai NetSession Interface Service
    "Any DVD Converter Professional_is1" = Any DVD Converter Professional 4.4.1
    "ASIO4ALL" = ASIO4ALL
    "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
    "AVG SafeGuard toolbar" = AVG SafeGuard toolbar
    "B4DFFB06B716298277125094C48185BFE8B5A7E1" = Windows Driver Package - Ross-Tech USB Driver Package (06/16/2010 2.06.02)
    "CCleaner" = CCleaner
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
    "Cisco Connect" = Cisco Connect
    "CleanMyPC - Registry Cleaner_is1" = CleanMyPC - Registry Cleaner
    "ClubWPT" = ClubWPT
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
    "CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
    "DAEMON Tools Lite" = DAEMON Tools Lite
    "Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
    "Download_Manager_and_Options" = Download Manager and Options
    "DVD Decrypter" = DVD Decrypter (Remove Only)
    "DVD43_is1" = DVD43 v4.6.0
    "Fast Free Converter" = Fast Free Converter
    "FL Studio 10" = FL Studio 10
    "Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.2
    "Freecorder5.01" = Freecorder 5
    "getsav-in" = getsav-in
    "Google Chrome" = Google Chrome
    "HP Photo Creations" = HP Photo Creations
    "I-Doser" = I-Doser Premium
    "IL Download Manager" = IL Download Manager
    "ImgBurn" = ImgBurn
    "KLiteCodecPack_is1" = K-Lite Codec Pack 7.2.0 (Full)
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Microsoft Report Viewer Redistributable 2008" = Microsoft Report Viewer Redistributable 2008
    "mIRC" = mIRC
    "MotoHelper" = MotoHelper 2.1.40 Driver 5.5.0
    "Mozilla Firefox 6.0.1 (x86 en-US)" = Mozilla Firefox 6.0.1 (x86 en-US)
    "NVIDIA Display Control Panel" = NVIDIA Display Control Panel
    "Office14.PROPLUS" = Microsoft Office Professional Plus 2010
    "OneTab" = OneTab
    "Opera 12.16.1860" = Opera 12.16
    "Patin-Couffin Drivers_is1" = Patin-Couffin 36
    "PowerISO" = PowerISO
    "QuicktimeAlt_is1" = QuickTime Alternative 1.81
    "Reference Point Software Template for APA format, Word 2010" = Reference Point Software Template for APA format, Word 2010
    "Reference Point Template ver: Word 2010, APA 6th Ed." = Reference Point Template ver: Word 2010, APA 6th Ed.
    "ScanTool.net for Windows" = ScanTool.net for Windows v1.13
    "Settings Alerter" = Settings Alerter
    "Smart Auto Shop_is1" = Smart Auto Shop ver 2011
    "The Weather Channel App" = The Weather Channel App
    "Transformers_is1" = Transformers
    "UBCD4Win_is1" = UBCD4Win 3.60
    "VCDS Release 11.11" = VCDS Release 11.11.5
    "WBFS Manager 3.0" = WBFS Manager 3.0
    "WinLiveSuite" = Windows Live Essentials
    "WinPcapInst" = WinPcap 4.1.1
    "WinRAR archiver" = WinRAR 4.01 (32-bit)

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-3401892445-2355830655-492447471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Akamai" = Akamai NetSession Interface
    "NoNameScript" = NNScript
    "Playtopus" = Playtopus
    "uTorrent" = µTorrent
    "vDownloader Packages" = vDownloader Packages

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 11/29/2013 2:53:25 AM | Computer Name = kiss161-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Program Files\HP\HP Deskjet
    1050 J410 series\DriverStore\Pipeline\amd64\hpinkins8911.exe". Dependent Assembly
    Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 11/29/2013 3:12:06 AM | Computer Name = kiss161-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Program Files\HP\HP Deskjet
    1050 J410 series\DriverStore\Pipeline\amd64\hpinkins8911.exe". Dependent Assembly
    Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 11/29/2013 9:26:41 PM | Computer Name = kiss161-PC | Source = Software Protection Platform Service | ID = 8198
    Description = License Activation (slui.exe) failed with the following error code:
    0x80070005

    Error - 11/29/2013 9:26:41 PM | Computer Name = kiss161-PC | Source = Winlogon | ID = 4103
    Description = Windows license activation failed. Error 0x00000000.

    Error - 11/30/2013 1:30:59 AM | Computer Name = kiss161-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Program Files\HP\HP Deskjet
    1050 J410 series\DriverStore\Pipeline\amd64\hpinkins8911.exe". Dependent Assembly
    Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    [ System Events ]
    Error - 11/29/2013 9:24:20 PM | Computer Name = kiss161-PC | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
    Error Reporting Service service to connect.

    Error - 11/29/2013 9:24:50 PM | Computer Name = kiss161-PC | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
    Error Reporting Service service to connect.

    Error - 11/29/2013 9:26:27 PM | Computer Name = kiss161-PC | Source = EventLog | ID = 6008
    Description = The previous system shutdown at 8:23:30 PM on ?11/?29/?2013 was unexpected.

    Error - 11/29/2013 9:26:46 PM | Computer Name = kiss161-PC | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    Null

    Error - 11/29/2013 9:28:46 PM | Computer Name = kiss161-PC | Source = Service Control Manager | ID = 7000
    Description = The BonanzaDealsLive Service (bonanzadealslive) service failed to
    start due to the following error: %%2


    < End of report >
     
    Last edited: Dec 1, 2013
  9. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Hi neptune,

    Well you've got a pretty full computer. lol It may take me a few days to go through the logs.

    In the mean time, are you having any problems? Please let me know what dis-pleases you so I will know what to look for in the logs. That way it won't take as much time going back and forth.

    TNX
    2oG
     
  10. neptune

    neptune Regular member

    Joined:
    Apr 17, 2006
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    26
    seems ok had to remove iminent toolbar
     
  11. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    OK, I'll look the logs over and see if I find anything that might be detrimental.

    Be back in a few........
     
  12. neptune

    neptune Regular member

    Joined:
    Apr 17, 2006
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    26
    http://start.iminent.com/StartWeb/1033/homepage/


    it still keeps coming back on google chrome cant seem to delete it
     
  13. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Yeah, I've already pegged that.. when I get your fix done it will take care of that and some other leftovers..

    You really need to uninstall the AVG Toolbar.. It's not worth a flip. IMHO

    Or, I can take it out in the fix, or I can leave it alone. your call, just let me know.

    2oG
     
  14. neptune

    neptune Regular member

    Joined:
    Apr 17, 2006
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    26
    take out in fix thx
     
  15. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    you got it.
     
  16. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Hi neptune,

    You had a lot of leftovers and I hope I found the most of the bad ones.
    I sure wish you were able to run AdwCleaner it can get most all of this crap.

    After you have ran the following custom script please attempt to run AdwCleaner again because it will pickup most anything that I happen to have missed. :)

    Run OTL Script

    I would like you to run this custom script for me now and when it is complete please give me the report and a status update for the computer.

    Double-click OTL.exe to start the program.

    Copy and Paste the following code into the [​IMG]text box.

    Code:
    
    :Services
    SRV - [2013/11/21 20:42:21 | 001,643,696 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe -- (vToolbarUpdater17.1.3)
    SRV - [2012/10/24 16:06:35 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\srvany.exe -- (KMService)
    
    :OTL
    PRC - [2013/11/21 20:42:22 | 002,334,384 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
    PRC - [2013/11/21 20:42:21 | 001,643,696 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe
    PRC - [2013/11/21 20:42:19 | 000,161,968 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\loggingserver.exe
    MOD - [2013/11/21 20:42:23 | 000,145,072 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.3\SiteSafety.dll
    MOD - [2013/11/21 20:42:22 | 002,334,384 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
    MOD - [2013/11/21 20:42:22 | 000,521,904 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\log4cplusU.dll
    DRV - [2013/11/21 20:42:23 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
    IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}
    FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
    FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\extension@Fast_Free_Converter.com: C:\Program Files\Fast Free Converter\FastFreeConverter\extension@Fast_Free_Converter.com
    FF - prefs.js..extensions.enabledAddons: webbooster@iminent.com:6.5.5.1
    FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.3\\npsitesafety.dll ()
    [2013/08/14 13:58:45 | 000,613,889 | ---- | M] () (No name found) -- C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\extensions\webbooster@iminent.com.xpi
    CHR - default_search_provider: search_url = [url]http://start.iminent.com/?appId=100048A...q={searchTerms}[/url]
    CHR - default_search_provider: StartWeb (Enabled)
    CHR - default_search_provider: search_url = [url]http://start.iminent.com/?appId=100048A...q={searchTerms}[/url]
    CHR - default_search_provider: suggest_url = ,
    CHR - homepage: [url]http://start.iminent.com/?appId=100048A...08-4147D7533AC3[/url]
    CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
    CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
    O3 - HKU\S-1-5-21-3401892445-2355830655-492447471-1000\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll File not found
    O4 - HKLM..\Run: [vProt] C:\Program Files\AVG SafeGuard toolbar\vprot.exe ()
    O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
    [2011/06/06 00:02:43 | 000,108,424 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\APNStub.exe
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    [2012/10/24 16:07:23 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
    
    :Files
    ipconfig /flushdns /c
    C:\Program Files\AVG SafeGuard toolbar
    C:\Program Files\Common Files\AVG Secure Search
    C:\Windows\System32\srvany.exe
    C:\Windows\System32\drivers\avgtpx86.sys
    C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
    C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
    
    :Commands
    [PURITY]
    [emptytemp]
    
    
    Then click the Run Fix button at the top.
    Click OK.

    OTL may ask to reboot the machine. Please do so if asked.

    The report should appear in Notepad after the reboot. Copy and Paste that report in your next reply.

    Note** if the report does not popup after the computer reboots you can find it here in this folder – C:\_OTL\MovedFiles
    It will be named – mmddyyyy_hhmmss.log
    Where mmddyyyy_hhmmss - are numbers representing the date and time the fix was run.


    Try this again:


    --AdwCleaner--

    Please download AdwCleaner by Xplode to your Desktop.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Delete tab follow the prompts.
    • A log file will automatically open after the scan has finished.
    • Please post the content of that log file with your next answer.
    • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).



    Let me know How things are doing

    Cheers,
    2oG
     
  17. neptune

    neptune Regular member

    Joined:
    Apr 17, 2006
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    26

    All processes killed
    Error: Unable to interpret <SRV - [2013/11/21 20:42:21 | 001,643,696 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe -- (vToolbarUpdater17.1.3)> in the current context!
    Error: Unable to interpret <SRV - [2012/10/24 16:06:35 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\srvany.exe -- (KMService)> in the current context!
    ========== OTL ==========
    No active process named vprot.exe was found!
    No active process named ToolbarUpdater.exe was found!
    No active process named loggingserver.exe was found!
    Error: No service named avgtp was found to stop!
    Service\Driver key avgtp not found.
    File C:\Windows\System32\drivers\avgtpx86.sys not found.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Prefs.js: "AVG Secure Search" removed from browser.search.defaultenginename
    Prefs.js: "AVG Secure Search" removed from browser.search.selectedEngine
    Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\extension@Fast_Free_Converter.com deleted successfully.
    File C:\Program Files\Fast Free Converter\FastFreeConverter\extension@Fast_Free_Converter.com not found.
    Prefs.js: webbooster@iminent.com:6.5.5.1 removed from extensions.enabledAddons
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin\ not found.
    File C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.3\\npsitesafety.dll not found.
    File C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\extensions\webbooster@iminent.com.xpi not found.
    Use Chrome's Settings page to remove the default_search_provider items.
    Use Chrome's Settings page to remove the default_search_provider items.
    Use Chrome's Settings page to remove the default_search_provider items.
    Use Chrome's Settings page to remove the default_search_provider items.
    Use Chrome's Settings page to change the HomePage.
    File C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll not found.
    File C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll not found.
    Registry value HKEY_USERS\S-1-5-21-3401892445-2355830655-492447471-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vProt not found.
    File C:\Program Files\AVG SafeGuard toolbar\vprot.exe not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
    C:\Program Files\Common Files\APNStub.exe moved successfully.
    C:\Windows\msdownld.tmp folder deleted successfully.
    C:\Windows\System32\srvany.exe moved successfully.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Users\kiss161\Desktop\pc cleanup\cmd.bat deleted successfully.
    C:\Users\kiss161\Desktop\pc cleanup\cmd.txt deleted successfully.
    File\Folder C:\Program Files\AVG SafeGuard toolbar not found.
    File\Folder C:\Program Files\Common Files\AVG Secure Search not found.
    File\Folder C:\Windows\System32\srvany.exe not found.
    File\Folder C:\Windows\System32\drivers\avgtpx86.sys not found.
    File\Folder C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll not found.
    File\Folder C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes
    ->Flash cache emptied: 56475 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: kiss161
    ->Temp folder emptied: 6879776 bytes
    ->Temporary Internet Files folder emptied: 9932606 bytes
    ->Java cache emptied: 74251298 bytes
    ->FireFox cache emptied: 34800740 bytes
    ->Google Chrome cache emptied: 50076872 bytes
    ->Opera cache emptied: 55875534 bytes
    ->Flash cache emptied: 875 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    User: UpdatusUser
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes
    ->Flash cache emptied: 56475 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 8705817 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 3277594 bytes

    Total Files Cleaned = 233.00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 12032013_000409

    Files\Folders moved on Reboot...

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...




    ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

    got it to download





    # AdwCleaner v3.014 - Report created 02/12/2013 at 23:58:30
    # Updated 01/12/2013 by Xplode
    # Operating System : Windows 7 Ultimate (32 bits)
    # Username : kiss161 - KISS161-PC
    # Running from : C:\Users\kiss161\Downloads\adwcleaner.exe
    # Option : Clean

    ***** [ Services ] *****

    [#] Service Deleted : bonanzadealslive
    [#] Service Deleted : bonanzadealslivem

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
    [#] Folder Deleted : C:\ProgramData\Browser Manager
    Folder Deleted : C:\ProgramData\Desktop 16
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
    Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
    [!] Folder Deleted : C:\Program Files\iSafe
    Folder Deleted : C:\Program Files\Desktop 16
    Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
    Folder Deleted : C:\Users\kiss161\AppData\Local\AVG SafeGuard toolbar
    Folder Deleted : C:\Users\kiss161\AppData\Local\PackageAware
    Folder Deleted : C:\Users\kiss161\AppData\LocalLow\AVG SafeGuard toolbar
    Folder Deleted : C:\Users\kiss161\AppData\LocalLow\ConduitEngine
    Folder Deleted : C:\Users\kiss161\AppData\Roaming\iSafe
    Folder Deleted : C:\Users\UpdatusUser\AppData\LocalLow\Fast Free Converter
    Folder Deleted : C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\Extensions\wecarereminder@bryan
    Folder Deleted : C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\Extensions\{1930e38a-deef-4cf4-9bfb-9c4ea3689a9d}
    Folder Deleted : C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
    Folder Deleted : C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    File Deleted : C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
    File Deleted : C:\Program Files\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
    File Deleted : C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\Extensions\webbooster@iminent.com.xpi
    File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js
    File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml
    File Deleted : C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\searchplugins\safeguard-secure-search.xml
    File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\safeguard-secure-search.xml
    File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
    File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\StartWeb.xml
    File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\StartWeb.xml
    File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\WebSearch.xml
    File Deleted : C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
    File Deleted : C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A718876-9D82-4F29-AB6D-CA6C7C9C6521}
    [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A718876-9D82-4F29-AB6D-CA6C7C9C6521}
    [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{982A2B74-279A-4700-B37E-F9E41D48E258}
    [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{982A2B74-279A-4700-B37E-F9E41D48E258}
    Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
    Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
    Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
    Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR
    Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Iminent
    Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IminentMessenger
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{902A5271-D652-41D7-9F19-165FDF34F38D}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0233D75B-A9C6-4066-9F34-D106225379D8}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
    Key Deleted : HKCU\Software\Ask&Record
    Key Deleted : HKCU\Software\AVG SafeGuard toolbar
    Key Deleted : HKCU\Software\Microsoft\Babylon
    Key Deleted : HKLM\Software\AVG SafeGuard toolbar
    Key Deleted : HKLM\Software\AVG Security Toolbar
    Key Deleted : HKLM\Software\Fast Free Converter
    Key Deleted : HKLM\Software\InfoAtoms
    Key Deleted : HKLM\Software\uTorrentBar
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EC6D81181F59F2459A84176A626F9ED
    Key Deleted : HKLM\Software\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B
    Key Deleted : HKLM\Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED
    Key Deleted : HKLM\Software\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
    Key Deleted : HKLM\Software\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A

    ***** [ Browsers ] *****

    -\\ Internet Explorer v8.0.7600.16912


    -\\ Mozilla Firefox v6.0.1 (en-US)

    [ File : C:\Users\kiss161\AppData\Roaming\Mozilla\Firefox\Profiles\nyqft85r.default\prefs.js ]

    Line Deleted : user_pref("extensions.enabledAddons", "textlinks@epicplay.com:1.0.0,wecarereminder@bryan:5.0.7.0,{1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0,helperbar@helperbar.com:1.0,links@playtopus.com:1.0.0,{1930e[...]
    Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);

    -\\ Google Chrome v31.0.1650.57

    [ File : C:\Users\kiss161\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [21155 octets] - [02/12/2013 23:57:29]
    AdwCleaner[S0].txt - [21652 octets] - [02/12/2013 23:58:30]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [21713 octets] ##########
     
    Last edited: Dec 3, 2013
  18. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Looking good neptune,

    How's it doing now? so glad you got AdwCleaner to run, it dug out a lot of hidden crap.

    4 of the best cleaners are:

    Malwarebytes Antimalware Pro
    RogueKiller
    JRT
    AdwCleaner
    Your Eset is a good AV, I use Avast Free cuz I'm cheap.. lol.

    Run all of those frequently to keep you clean.
    I always recommend Malwarebytes Pro with realtime scanning when using things like utorrent.It will block the bad trackers and you won't get the Trojans, Viruses, etc. when downloading a Torrent file.

    Let me know how things are?
    2oG
     
  19. neptune

    neptune Regular member

    Joined:
    Apr 17, 2006
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    26
    thx 2oldGeek i use pretty good trackers and wouldnt suspect any bad viruses from them


    as for my browser there running alot faster and page loads much quicker .

    for a while i used combo fix to clean pc
     
    Last edited: Dec 3, 2013
  20. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    You really can't pick Good Trackers - All will blindside you.. :)

    Combofix is good to reset things after removing malware and used as a tool to clean up leftovers, it doesn't really remove any malware on it's own..

    Happy to hear that you're doing OK. Any time you need a little help, just give me a ring. [​IMG]

    2oG
     

Share This Page