Internet explorer very slow when typing.

yToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1060933/CT1060933", "\"d84035e9731211223d8a953c488bd4c31\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1075414/CT1075414", "\"d7f68705499b8c70e40a957d94b5afbb3\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=15651&fid=15317", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/15651/15317/SG", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/798/798/SG", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/SG", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", "\"1324192924\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1075414", "\"1368701818\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "uG7mdamLoNmpmgC2c0JctQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us&ctid=CT1075414", "uG7mdamLoNmpmgC2c0JctQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "mfQ70fvlD2zuBxSBj8rQqA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us&ctid=CT1075414", "jf4tQQjNr2TQ31uHimzTMg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "k9un27OkAvkwB2ZmvXxTnA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us&ctid=CT1075414", "0BEXfBAJ1PdxmWK9VOejOg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "FqddrIU7eyJgaaLyHDeVMQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us&ctid=CT1075414", "ZU6zjERHpZr7lBpInn+HyA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"0ea11bd291bce1:1694\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"801a319dd78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=2.5.6.0", "\"80ee9485875dcc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.1", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"0d648794549cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"80b45d28468cd1:1501\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0343677cfb1cd1:155b\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:1694\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0ee90707f77cc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1060933", "\"d76323372b05c3748a3d6b1c93a98292\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1075414", "\"f7aa16e1e9f6cc7b2a903a6f1c877dc1\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634485749189530000\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT1060933&octid=CT1060933", "\"1320839842\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT1075414&octid=CT1075414", "\"4ee9eda364d9af6074f2ae22f247e39e1\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT1060933/CT1060933", "\"1311168835\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equalizer_dead.gif", "\"0678fe477ac91:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimize.gif", "\"046c7ab477ac91:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gif", "\"0484de117c4c91:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gif", "\"0e7a152347ac91:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif", "\"087c778347ac91:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"073e33a707e0305bf15c11c5bbb33921\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"b7d8145687c7b48892b24a2b8a31f702\"");
Line Deleted : user_pref("CommunityToolbar.EngineOwner", "");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{1392b8d2-5c05-419f-a8f6-b9f15a596612}");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "freecorder");
Line Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Line Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Tan LT\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\wlfk1t8l.default\\conduitCommon\\modules\\3.18.0.7");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7");
Line Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://scripts.demandmedia.com/conduit/ehow/gadget.html", "455x576");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT1060933");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{1392b8d2-5c05-419f-a8f6-b9f15a596612}");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "freecorder");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1060933,CT1075414");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1060933,CT1075414");
Line Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Aug 14 2011 15:42:20 GMT+0800 (Malay Peninsula Standard Time)");
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Feb 19 2012 18:14:41 GMT+0800 (Malay Peninsula Standard Time)");
Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Feb 19 2012 17:50:57 GMT+0800 (Malay Peninsula Standard Time)");
Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.alert.userId", "{52537782-6093-43fc-8f57-d44670234ba3}");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Oct 18 2011 21:58:13 GMT+0800 (Malay Peninsula Standard Time)");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "302d9016-0e43-4343-a86a-baaa9f65ff86");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1075414");
Line Deleted : user_pref("CommunityToolbar.killedEngine", true);
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Jul 15 2013 23:08:06 GMT+0800 (Malay Peninsula Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Jul 16 2013 00:08:06 GMT+0800 (Malay Peninsula Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Jul 15 2013 23:07:58 GMT+0800 (Malay Peninsula Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "87563de2-360f-4036-b1cf-497851e12033");
Line Deleted : user_pref("CommunityToolbar.undefined", "");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT1075414");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "Absolutist Games Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1075414&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=100762");
Line Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 4);
Line Deleted : user_pref("extensions.BabylonToolbar.cntry", "SG");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Line Deleted : user_pref("extensions.BabylonToolbar.firstRun", false);
Line Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "DB688F9C8A8381D50C9BA5F3C84D6B03");
Line Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
Line Deleted : user_pref("extensions.BabylonToolbar.id", "5c8c940d000000000000001e101f8ed0");
Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15389");
Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar.lastActv", "12");
Line Deleted : user_pref("extensions.BabylonToolbar.lastDP", 4);
Line Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1718:19:24");
Line Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "21.0");
Line Deleted : user_pref("extensions.BabylonToolbar.newTab", true);
Line Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP");
Line Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 114173804);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 1);
Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Line Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Line Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1718:19:24");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100762");
Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "5c8c940d000000000000001e101f8ed0");
Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "5c8c940d000000000000001e101f8ed0");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15389");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1718:19:24");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Line Deleted : user_pref("extensions.crossrider.bic", "13595210c4d8505f757df0e36bcad0bc");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.InstallationThankYouPage", true);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.InstallationTime", 1329646772);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.InstallationUserSettings.searchUserConifrmation", false);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.InstallationUserSettings.setHomepage", false);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.InstallationUserSettings.setNewTab", false);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.InstallationUserSettings.setSearch", false);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.active", true);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.addressbar", "");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.affid", "0");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.backgroundjs", "\n\n/************************************************************************************\n This is your background code.\n For more info[...]
Line Deleted : user_pref("extensions.crossriderapp1950.1950.backgroundver", 4);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.certdomaininstaller", "");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.changeprevious", false);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0800 (Malay Peninsula Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.cookie.InstallationTime.value", "1329646772");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0800 (Malay Peninsula Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.cookie.InstallerParams.value", "%7B%22sub_id%22%3A%22default%22%2C%22source_id%22%3A%224cross5a93dbRW1AR24CA02DE5%22%2C%22uzid%22%3A%2212048%26subid%3D%26p[...]
Line Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_geo.expiration", "Sun Feb 26 2012 18:36:12 GMT+0800 (Malay Peninsula Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_geo.value", "%7B%22geoplugin_city%22%3A%22Singapore%22%2C%22geoplugin_region%22%3A%22Singapore%20%28general%29%22%2C%22geoplugin_areaCode%22%3A[...]
Line Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT+0800 (Malay Peninsula Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_hotfix20111102645.value", "%221%22");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0800 (Malay Peninsula Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_parent_zoneid.value", "%2212048%22");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0800 (Malay Peninsula Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_zoneid.value", "%2220078%22");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.description", "RewardsArcade allows you to play multiplayer games with your friends! ");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.domain", "www.rewardsarcade.com");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.emailsig", "");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.enablesearch", false);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.exposesites", "");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.fbremoteurl", "");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.group", 0);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.homepage", "");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.iframe", false);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.js", "\n\nvar _GPL_PID = 18;\n\n(function($) { \n\n $.geoplugin = function(options) {\n var baseCurrency = \"USD\";\n var address = null;\n var[...]
Line Deleted : user_pref("extensions.crossriderapp1950.1950.manifesturl", "");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.name", "RewardsArcade Suite");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.newtab", "");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.opensearch", "");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.premium", true);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.publisher", "215 Apps");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.searchstatus", 0);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.setnewtab", false);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.settingsurl", "");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.thankyou", "hxxp://www.rewardsarcade.com/r.php?app_id=1950");
Line Deleted : user_pref("extensions.crossriderapp1950.1950.updateinterval", 360);
Line Deleted : user_pref("extensions.crossriderapp1950.1950.ver", 18);
Line Deleted : user_pref("extensions.crossriderapp1950.apps", "1950");
Line Deleted : user_pref("extensions.crossriderapp1950.bic", "13595210c4d8505f757df0e36bcad0bc");
Line Deleted : user_pref("extensions.crossriderapp1950.cid", 1950);
Line Deleted : user_pref("extensions.crossriderapp1950.firstrun", false);
Line Deleted : user_pref("extensions.crossriderapp1950.hadappinstalled", true);
Line Deleted : user_pref("extensions.crossriderapp1950.installationdate", 1329646865);
Line Deleted : user_pref("extensions.crossriderapp1950.jsver", 3);
Line Deleted : user_pref("extensions.crossriderapp1950.lastcheck", 22160781);
Line Deleted : user_pref("extensions.crossriderapp1950.lastcheckitem", 22160796);
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "en");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.id", "5c8c940d000000000000001e101faa49");
Line Deleted : user_pref("extensions.delta.instlDay", "15918");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.22.0");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.22.07:08:50");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.22.0");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119523&tsp=4961");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.ffxtlbr@babylon.com.install-event-fired", true);
Line Deleted : user_pref("extensions.freecorder@freecorder.com.menuitems", "[{\"name\":\"Freecorder Menu Header\",\"img\":\"hxxp://freecorder.com/fc8/ui/buttons/menu_header.png\",\"width\":225,\"height\":65},{\"name[...]
Line Deleted : user_pref("extensions.mysearchdial.aflt", "adkmsd");
Line Deleted : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Line Deleted : user_pref("extensions.mysearchdial.dfltLng", "");
Line Deleted : user_pref("extensions.mysearchdial.dfltSrch", false);
Line Deleted : user_pref("extensions.mysearchdial.dnsErr", true);
Line Deleted : user_pref("extensions.mysearchdial.dpk_blck", "true");
Line Deleted : user_pref("extensions.mysearchdial.excTlbr", false);
Line Deleted : user_pref("extensions.mysearchdial.hmpg", false);
Line Deleted : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=adkmsd&cd=2XzuyEtN2Y1L1QzutDtD0AtD0DtCzy0EtA0F0EyEzyyEtD0DtN0D0Tzu0CyDzztDtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1T1Q1J1H1[...]
Line Deleted : user_pref("extensions.mysearchdial.id", "00A0D19E3FE4940D");
Line Deleted : user_pref("extensions.mysearchdial.instlDay", "15920");
Line Deleted : user_pref("extensions.mysearchdial.instlRef", "");
Line Deleted : user_pref("extensions.mysearchdial.lastB", "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=5C8C001E101FAA49&affID=119523&tsp=4961");
Line Deleted : user_pref("extensions.mysearchdial.lastVrsnTs", "");
Line Deleted : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=adkmsd&cd=2XzuyEtN2Y1L1QzutDtD0AtD0DtCzy0EtA0F0EyEzyyEtD0DtN0D0Tzu0CyDzztDtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1T1Q1J1[...]
Line Deleted : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Line Deleted : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Line Deleted : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Line Deleted : user_pref("extensions.mysearchdial.tlbrId", "base");
Line Deleted : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=adkmsd&cd=2XzuyEtN2Y1L1QzutDtD0AtD0DtCzy0EtA0F0EyEzyyEtD0DtN0D0Tzu0CyDzztDtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1T1Q1[...]
Line Deleted : user_pref("extensions.mysearchdial.vrsn", "");
Line Deleted : user_pref("extensions.mysearchdial.vrsni", "");
Line Deleted : user_pref("extensions.mysearchdial_i.hmpg", false);
Line Deleted : user_pref("extensions.mysearchdial_i.newTab", false);
Line Deleted : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Line Deleted : user_pref("extensions.mysearchdial_i.vrsnTs", "0:37:26");
Line Deleted : user_pref("extensions.snipit.askTbInstalled", true);
Line Deleted : user_pref("extensions.snipit.history_query", "hair%20on%20fire=ASKURL=hxxp://www.ask.com/web?q=hair%20on%20fire&qsrc=2871&o=13929&l=dis||hair%20on%20fire=ASKURL=//www.ask.com/web?q=hair%20on%20fire&qs[...]
Line Deleted : user_pref("smartBar.searchInNewTabOwner", "CT1060933");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT1060933");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1075414&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1075414&UM=UM_ID&q=");
Line Deleted : user_pref("smartbar.machineId", "L9UP4GMMKLWWU2AUKDG2RSH32T55MRY4C3CBTWNKHHZOSFTWL+9VK4YPTJZ/SZTW8/T4L50APOY9VXIP0RYUPW");
Line Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1075414&q=");

-\\ Google Chrome v

[ File : C:\Users\Tan LT\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : dhkplhfnhceodhffomolpfigojocbpcb
Deleted [Extension] : fjbgonfbgjdmlkjofohofdjnakkfppge

*************************

AdwCleaner[R0].txt - [103526 octets] - [16/06/2014 03:23:59]
AdwCleaner[S0].txt - [105258 octets] - [16/06/2014 03:26:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [105320 octets] ##########

 

phew....finally posted all.....sooooo long that I need to breakdown so many post. Sorry.

 

Junkware by Freecorder">Removal Tool--

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Tan LT on Mon 16/06/2014 at 3:54:45.54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7809FF88-3EC3-4294-A0D3-BA200D6B71D6}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\drivergenius"
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\Tan LT\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Program Files\discount buddy"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{00875303-7BBB-4D51-9EA0-15CB7791D837}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{014CDA1E-57C9-44F8-A621-DBE78C78D70B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{014CF81E-6BA8-4633-8AB2-12E7CA70A38E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{0206AF82-47F0-4588-B6CC-C347FC6F340A}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{02E701DD-6846-42FC-9909-913C4242B2E4}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{05A39B57-A9EE-4007-B6A3-ED806EB7CBD2}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{06AF330B-D24F-4CD4-AD96-650F2D3A37BB}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{06D7EE0E-E51E-4D7E-97FE-7A5FE610A024}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{06EF90CE-7861-4901-B4F8-2A104796F06D}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{07176B6E-76E6-48EA-B012-0C5F4199203A}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{0873BA82-2ECD-4674-9ABE-9E71A1947F84}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{092BA11D-2076-4FB3-99D0-264D6E0F1645}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{0942050E-C5E5-425D-8A25-36D5CE2BD1A5}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{098DF9D2-DFE7-4D00-B073-87910ACB6F05}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{0B7154F6-2B28-416F-9153-4B0D82D71BD7}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{0C60C7A4-ECB0-4AFD-AB12-C99AF3022479}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{0CCD9FD2-7D47-4453-8919-02EF1163278E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{0DD43DCC-D60E-4B5E-9FEB-F8605A7C5613}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{0DEBAB44-AD7D-4024-985E-7CFA128D609F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{1033A2E2-6628-434E-B50D-FDD10B46D155}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{11484790-EEE3-4A08-AE4D-4094009FE5E3}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{1340DABC-C3E2-48EF-9160-6FA613D61FAD}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{1341D11F-D72A-420D-B8B7-493757FBFC62}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{13706899-7D9D-49E2-A61D-F458374F34B6}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{15A2867E-5944-4B31-8AC4-61EFC5D9980B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{15B0D804-6C45-4AD2-A3FF-709D982F026B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{15D0C253-61AA-4E7C-94EC-A5AC2DFF2912}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{1676EBC8-1C16-4480-BD53-E15BD49754F8}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{17BC6D36-5510-4032-A8AB-3F1DCA33D46E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{199B8CDC-5B53-44F4-85BB-6D134580E3E9}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{1B2DF654-5A25-47DD-8689-F292F64E4AA9}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{1BC9FE66-DB8D-41B6-A6A0-AD9759C1592E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{1BD4F331-4B0F-450B-84C0-5E06B3B15C1E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{1C1F753F-5C46-4A8F-9D5E-85F0BDA32CE5}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{1C3B4EFE-D52F-4270-86EB-4273DDFD3F10}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{1C46BFB5-80AE-498A-90AD-95EEA45C7F85}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{1C66778A-CE1A-4644-88B2-5F4BB45AE6F9}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{1CDAB95B-04C7-4394-B288-938EA3438F45}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{1D0722FA-AC4D-4225-82EC-D25F26EBE5C6}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{20241A5D-D46B-4F36-84B8-DD652BB1384D}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{229D0AF3-B23B-455A-A7E8-D67D2F54D2A3}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{22BBD360-9CC6-43AF-837A-44425417E354}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{22FF7D5D-A99E-461B-B8FF-0B2127DAFA1F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{249756EE-604F-4D54-87FA-6B749142B6E8}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{25D75D1E-65B3-4FD0-9B6D-56B921C5937B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{26830D9E-CBB8-44A1-A052-D8F4CAB24093}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{270F9FD5-7342-4F90-BDAD-89828C8B8284}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{276010FA-24D2-4014-BD43-1A646C4FFF52}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{27F3F6E3-4476-47F3-924D-9FA1DE442FFB}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{2816D243-5BAE-4800-A8DB-839601B90533}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{28A68C2B-2922-4329-8C9B-EC112FFBC91A}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{29A8AC11-AA90-4264-88FC-2162E3875462}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{2B514567-E3C2-44A0-9123-1BE096990AE7}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{2B62EE65-B7B3-4D5B-A8E6-253A44C21CD6}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{2BAA7C12-21E8-4631-9EE5-74FDAEED06F5}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{2D8CE058-E49C-46D9-BC98-D8ECA76C2D87}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{2E3E9271-0A19-4AF6-A0BA-F19487B0CF5F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{2EAE6530-3888-4729-943E-CBF18E16C659}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{2EE08D50-270B-451A-8CDD-12A4A49DD22C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{2FDE2B3F-FD56-4D7F-8665-5D583E8ED42B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{2FF5B2CE-E262-4178-BBC8-82297098C33B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{319A16FA-2284-4DB3-A931-1F99B40C55BE}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{31F40488-F363-49DF-9023-FD579088B506}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{3213FE68-6D22-44C4-8914-54C55D238EFF}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{3281B9C0-617F-4569-9AB3-39C7218FECA1}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{32C31E80-BC74-44EC-8D4E-770AB958D80A}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{32D956CA-D6E7-4602-B6EE-5BBB5DD17808}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{34ECEF02-E25A-4A86-AE44-B56E2B88E2AA}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{353FDEA6-9F48-497A-8605-1633CE98EBF2}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{3615D385-3069-43E8-8049-B71642A9FA07}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{36D0CCC5-C633-4E21-BACC-A3E00BAC108F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{37729C05-4931-4802-8579-36FA825AB452}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{37A9A5E6-FA32-4415-AEE0-4503504079E5}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{3800B0C5-0764-4B40-9290-79EAAE0592C0}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{38CCEEF2-831C-4E35-A49F-AE869097543B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{390FA9D7-FBD8-4919-85BA-F434059E057C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{397D0A5A-F96D-4823-8309-E3F6411428DA}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{3A06C832-1228-4C14-9514-443785D58BEC}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{3AF72640-472D-48EC-ADDC-2E596BB38989}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{3B253355-31CB-4902-B1B2-940C95BD7A8C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{3B42535B-892E-4825-9CE2-1AE4CBC44FEC}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{3C740309-BE3E-402D-8791-7B9C71A37FFB}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{3CC3B228-D1B0-4068-86C3-7F619AA7D484}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{3D9CD2BF-50B0-454E-9A95-8D9DEEEC31E7}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{3EB520DB-F075-4D96-A347-B51B00039434}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{3EDBFE55-5872-435C-970B-4696CEAFDA35}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{403F9FCA-754B-4EB7-8BC6-0B38792FA301}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{40E899DB-9029-47E3-B84A-49CFACF8E723}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{40F16F05-8DAA-4DD1-92C9-2F99B19051D0}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{40F65DD6-5B48-4345-A4F4-A88926C7ED29}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{417083ED-AAF2-4AE5-8DE1-A193D0A73B19}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{426506F4-C6B2-4AE2-ACFF-4A3BB831E63D}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{4411EA65-8312-45D1-B981-8444CF1DE1B3}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{44892D48-DB85-4A13-BAE3-4142DF0C1D1D}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{45F9CCC8-4336-48C8-B2F7-93722FD74FE9}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{46974CED-A465-4A13-8162-828DA308ADC9}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{46BA586D-7ECA-498C-ACDA-383BC4AD7279}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{475A712A-B81F-4DF3-AE38-EB280AADFB7B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{476DF1F9-00A6-4D00-BE59-9C6795782D2B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{49D16547-A787-453B-9A22-2739EF5A014F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{4A79D25E-EC04-4117-96F7-B17E9659CAF9}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{4AED5354-D3CF-4AA6-9D23-5393A5671502}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{4B68A2B0-4C0E-4659-A751-7D4D04399678}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{4B93B87C-7D84-44E0-9C40-D4B28D2487B0}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{4C74D06E-DCE2-424E-8857-EA7A8BD4705C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{4CF40484-07DF-458E-8394-BEEC387BE384}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{4D82B624-175F-45CA-AB40-A64A8258E110}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{4DB5E7B3-4D49-46EB-AB61-24773FA643D4}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{4EEED79D-FE79-4295-BFE2-CF3CD15F0592}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{4F97B0B6-0B35-4B0C-989D-631D52FA5CF1}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{50A3F355-70D6-445F-93D8-79AC56B0B03D}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{50E7A6FA-1930-45EC-A6F8-36D6B1B72EF8}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{5129D504-EFA7-4F12-A5A3-FED8AD8B6000}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{51903507-719A-40CD-B755-230224E3D064}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{52CE6E61-0CDA-476E-99B2-FEBA957AC49E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{53B8D9FC-8035-4FDF-8155-AD80E6C5F5DA}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{5428B714-7C4F-4BBA-A1E5-2B3C298A9DDB}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{54E0E253-5B73-40B5-9E12-FC8AB056A234}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{5579E296-58BF-4AD6-8906-7E4FF7877E64}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{55C9D3BF-3B59-4F5B-BF45-8949DF461737}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{5658A656-6F77-4502-BAD9-D6C1BAC2C57B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{576A14B2-1F5A-41D0-BEAB-A173FB64C2B8}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{57751937-F8A4-4991-BEED-EF58E7040118}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{582A4EB7-FECA-441A-9915-3648FF37975A}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{588D446E-2314-4D39-9AAF-6B25850EDFE5}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{589E8BBD-6612-446E-96F5-A313208BBB87}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{591D4935-2891-4C3B-B91B-961C5E7B396E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{59486D80-9F11-4D7F-B1D4-78BE35067560}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{594F874F-5093-4FE0-A689-CB7B4A8587C1}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{59D8B69B-76D2-4F7A-B0F6-C5A3CEB4F70B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{5ADC5E38-A64A-4ACD-88D4-60F512ABE1CC}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{5B49E2F7-D125-4A8A-9504-D489A9DAF8F4}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{5C268251-48DB-48BB-80EC-F21B875ADA0A}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{5C91800C-ABDB-4051-A304-ADA944FC96AA}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{5F3737F8-0E47-4357-890E-0C932971A0A9}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{61013C8C-0C11-4C57-941D-CD31396E7F9D}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{614FCE12-B72B-43E1-9095-E2FC370E1323}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{6386B7BA-9399-47A2-960E-1801755CF814}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{6491C504-5894-40EA-923A-90C3BFB989D8}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{657E97BA-568E-428B-82CE-F8FC3D3FDEA7}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{6602F0F7-4481-4B79-BB3F-41ED81E52E9B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{66EAED72-C2DF-477B-A459-31CEA21B8F53}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{693FFAB6-326F-493B-A486-85808EC1B83E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{697FC6E6-0807-4BD5-B05A-095807D3E8B7}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{6D1AD99E-1000-4B8D-A47F-C54022275B39}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{6E764438-0074-4FC8-AA92-09A472DE2913}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{6EFCAE63-2C17-4F17-B5DB-6AAFC60F0014}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{6F3F166D-DD71-4C01-AC24-0C07E938E587}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{72CE9C0F-3AA9-44CD-8BAB-698DBA65E6A0}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{7312788B-8B32-4AFC-9870-87DE74D8AA69}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{738AB431-3927-4935-BE65-F129C34C640D}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{7601E7E1-52FA-4E05-BBEF-EB84EC768F45}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{76EC97AE-B4F7-4B82-A6D5-07F6CB34D678}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{7872EE31-80E6-4055-9691-331E4630789E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{79D622B9-BD7E-4860-BA60-E915DE28E53A}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{7AC2DF84-3774-461C-A0E5-B74F16604E9C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{7B95F36A-2201-4F51-AFF8-461E8A3E54F2}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{7BB12819-16C8-44A3-A509-5407D0F0D683}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{7C012155-B9D2-4A86-AFD1-6E53F852BE63}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{7C599D8F-5D34-41A0-AB1C-73D055732135}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{7D9687C0-FE01-4194-B78D-53D794A81581}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{7DA3E974-96EE-4797-A896-9992EE597A13}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{7E66E5C7-D64E-4006-BFAA-0078341B0648}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{7E78A193-7F7D-4811-BE71-7BB23AA2A9F7}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{80014FEE-9DF9-46DE-B949-0998A3DF41D2}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{80254EA1-D9E1-494A-A928-8FEACCB80E49}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{806C749D-35FA-4919-A1B6-3251A2A5176C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{807F928D-E887-4540-8A1C-2E66E73C150B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{813B615D-8763-4AC3-95B6-010422069441}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{81852277-50AE-4E3B-B8E4-FB003A662003}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{81B87E7A-A910-4446-9A13-BE1C2E6E29CD}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{82036905-AE7D-442E-B76D-AEB01C5A1D8A}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{830D14D7-F38B-43EC-8E5D-E1163FFB309E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{839C8BF4-4B31-44E2-A20B-7B9227EA484C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{84309249-6D8E-4658-B10E-1228B1E0EA46}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{84C870A8-51A6-4C4E-A28B-C63A1A45BDD6}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{86987753-A25F-46F8-BCFC-A787121078FE}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{8A3ACD4E-136C-4453-9837-27EBC03489C7}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{8BEDFD6C-64AE-4DEE-9650-523FDFEB5C33}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{8C42943E-2F36-47BF-9E56-378C4F6B8E9E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{8D8FC865-8343-4B0D-B322-435F21377B14}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{8EAC2744-AFA1-4D4B-A243-7AFFC339C9ED}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{8EEB6EA6-AAF1-4A7B-A4A0-AE8A3FC2A397}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{9072C8E4-91F2-4170-BB12-6BFD65781B4B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{924BA825-3FD8-47A3-82FD-B8675DB91CBB}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{927E1E91-3C7F-4017-B06E-407B8FC2D180}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{929EA2D5-86E9-40E4-BD0E-334046795516}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{92B00E3F-2BDC-4D8C-A246-9A9A8E657962}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{9312E9C1-FF3A-47F8-B760-56835810DCA8}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{944C61A7-9A4F-4C11-B121-C04DA09D375C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{94CBAA6D-1E71-468F-8D39-4D7FD6A05B4E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{9530A45B-8483-4E38-8D83-5FFF379EF9AA}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{960F33D8-FA18-4FFB-811B-A27BEA51C4A2}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{983E3BD6-F93C-4E87-963D-C30D38FA6A7E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{98881406-9E76-4C69-B032-09A0448BBDD4}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{98CE53BE-D711-483F-A851-97BABF4F3438}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{99921A5F-9A34-41E0-AA43-A9D10BDD4B54}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{9B74AC57-5476-40BA-8223-F40EDB4A7CFE}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{9C2D9F60-0BBA-420A-AAAC-67BCC1E266A1}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{9CE7CC1F-CBF3-407B-B74C-317CCD7A3E34}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{9D5B1F86-EBB2-4B6A-926E-E9F35F92C443}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{9E3545B5-96A9-4110-BCB0-D68F3F0CFC04}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{9E38C4A7-C65E-4B5A-92BC-AEFCCE211F83}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{9E9A79C5-3D63-4257-8A86-92531BCEDE4C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A010C274-C7E8-4E71-9BD4-3C9CF5EFC96B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A1580E20-40AD-46E1-B152-E805B325C9C2}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A163240F-8490-4A39-B822-7A89C0CC06AF}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A1910026-EC48-4CD8-916C-0BEF288C5E02}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A262A8A6-DDBF-451B-AD53-86A13921FFD4}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A34CB46A-AC87-4CB1-9494-C93DFBD9CAF3}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A3C9D3CC-23D9-4801-88C0-DF1196CDE507}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A4CC09A1-AA60-4577-BF64-FD4B5D167D08}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A5275526-66EC-4547-ABE1-7E085CFB381B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A582A10B-165E-4CA1-B0D4-9886401CD848}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A5895183-7445-4D4B-802F-1BA966F771E8}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A64A50B5-8AF0-4ED5-98B7-4D3A9F9C523F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A688CE03-DBDA-40A3-82E7-79EB0F6F9A1C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A7C00CD2-D967-40BC-9447-4D5A5D407ED9}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A8AA2457-8E20-49EB-B481-0F36CC0A786B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A8CD2740-46FF-4E6D-83EC-10EACE47A5B4}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{A95A736B-37A0-487D-9F5E-2734CDA56A22}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{AB9B902E-5B0A-44E8-842D-B1188F61233F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{ABAE653D-9F0D-486B-98CF-6416151CE21D}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{ACA48ACE-52E3-48AF-B61B-5B0C673C446F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B1120FF7-216E-42FB-A93A-E126E39C8A73}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B16F5623-583A-49C0-9C97-B636130C8530}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B1D6D692-B01E-4A88-A380-90947C4D5A5A}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B37E64CF-E1D4-45C1-B9CE-0B3B677E2B02}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B3A97B35-391F-498B-A0B9-87ADC4EF82DE}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B48D62B6-D97B-4160-88AE-57762D95CA1B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B52D8BEA-11F5-4FBC-BC2E-E778B35F2B3E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B68A4C32-D554-4BEB-B926-85C129032E16}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B70CFE9E-5745-4B12-89DE-D80DEF24DC9A}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B7636AEF-E936-4AF1-B4A8-93C73EFE15D4}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B795075F-AAC7-4AC6-B429-105E169B502C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B7959A31-E8A6-46EA-AD7C-0BE0558AA22F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B80B77B3-1476-4CCE-87C9-C79CF67AAF4E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B82AD7DC-C74F-48BE-ADA2-D31D30D3BC9C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B885DF80-C1F4-4199-8D20-337B786E8ABB}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B8A320AD-9D45-45C3-A53E-852A2D68C137}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B8A5E98E-20B1-485D-B9C0-E3D9765AB70D}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B901D2FF-EDB8-4C63-9678-F575EBA5DC7B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{B9B0A3F4-6D1D-4268-B5B0-6FFCDF892123}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{BAEF5CF9-8138-4540-AD42-40CA00213CCA}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{BB49A696-6C9E-4525-997A-6A7B40C33B58}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{BEE45015-405D-44B0-A869-ABAC6FE198BC}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{BEF0E63D-97BD-4390-BFA3-7873A8C3FE66}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{C013798A-5ADD-44FB-8B93-6406A8014EF6}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{C090A72D-9432-4158-B02C-AED315902E5A}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{C2272574-E55F-4200-8B76-74107EB1DCEC}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{C2455462-666A-4454-8C81-00E5059D664C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{C3628AC8-832B-4F54-8A3F-62BB89406951}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{C546AC07-812D-4C80-B95D-46409D16C8D1}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{C5BD87D1-FD5E-40B2-9E39-9FBD33504D78}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{C5CEA61E-AC68-4682-9111-022D6EF63AA4}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{C5EF1979-40B0-416D-B0CE-57069425C154}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{C637E4D6-A485-452A-BDB4-357BCBE0BE68}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{C6C41EE0-49F0-4E75-8A3E-7C6602AC84EC}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{C7D510A8-7E54-4BC7-93DD-9D26589FBC4A}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{C9369E96-BC46-4E7B-975A-2470F43C26AC}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{CA2FFEB3-550A-4EB3-BE82-6EEF99F8B5AD}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{CB123454-3248-401E-AA50-C11AC9B015CE}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{CB363B69-9E81-40C4-A3A6-431C79AB274E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{CB47DCCB-8297-4374-9781-AB78C52A0C76}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{CBACAFDC-6808-4259-A720-63D1B1AAD309}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{CCDAB7CF-D00D-4153-B086-A11E1BC9FCC0}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{CDAF255B-E960-478B-A7D2-5C3F155D5EB2}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{CDC9789E-6D0B-406E-919F-E5D2E976F701}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{CE355EB6-DE89-4E28-A283-07F36DE7B685}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D05EAFCC-BF26-4147-BA7C-C5B42CE056F5}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D08BF30C-3116-4C02-8442-DBB5443EFEC0}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D15806B1-D113-46B6-81FD-66918DEEECEA}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D1668D36-47DF-4C2F-A3FA-0BA022F6C740}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D282A085-760E-4431-9572-C52B4E8C58D2}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D2D171EA-38C8-45FE-A6A6-BC3A4678B3E5}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D2DC4BAA-E93D-4828-B633-67E99A9FA387}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D34A347E-32C2-46C9-8191-15BF3658EE08}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D3980378-E471-4E1C-A094-1EFFDA4B4C4D}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D39A582F-26DA-4469-94D6-544722B955D8}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D53CEEA2-DA67-43C5-9C40-301C7BA0F2F6}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D583074C-B476-4A9D-83DB-D67B3768378C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D5CE2107-8ACA-472E-8530-CF33DC578166}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D601DA7A-CBAD-4A4F-BD9A-EE85FDC66AF6}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D6160F26-DE39-4754-8B2F-A567B17C579C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D717FB39-2373-46C0-912E-138415E824F0}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D740756D-0DA5-4274-B20C-1E44E47E8F10}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D8FC7363-A636-4A36-B252-414F4DA8B4AD}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{D98F9D55-5A45-4415-8545-E00E1038308E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{DADBC0B1-9462-47F3-A0D6-B1FF08FA719F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{DBCB22EA-96F7-4CBB-9EBE-A7C1180861EF}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{DBDC0D8F-9848-41FD-B09D-9EF8763FF087}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{DBFFD4CB-B7F1-48F4-9D49-25CCB67B326C}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{DC1C96B6-89AB-418C-82D2-F0CD108200FF}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{DC39B20B-0063-4B29-B431-BB8FBDE98C2F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{DC7A1B46-F5E6-4527-8616-26CF9A36FE2F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{DC9BC196-4B1E-44D8-932D-AD8B50151E89}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{DCD7C8D6-E04D-4ABA-8776-A4BAF80B0A0A}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{DE71B12D-9433-4F99-B3FF-5216B29A5774}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{DE879159-7974-4293-9AAB-407020C06629}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{E0D7FDF2-034B-4BBF-978D-974E93C0620B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{E0DB59D8-C049-4F04-8AEF-056133219E33}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{E23013F4-99F4-439D-85B3-634E582BF48B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{E2A0766B-DB88-4DA8-B93C-B7E31BF5AE36}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{E2FE8695-F659-43C7-B389-BF3F2A3EA1BA}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{E37F59C6-BAC0-4883-9941-10A724070BE4}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{E57365A2-79A6-47B2-B674-10EEE906F078}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{E58A33BF-AD63-4D88-A54A-0378F9BC832F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{E7621707-E814-47FA-A401-3639162E8051}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{E7A70AFC-8AC2-4B67-9B41-BE5B042F04B8}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{E826CAF4-DB13-4AFE-B281-2A6EB24F2004}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{E9202E9E-E168-439F-9DD5-C20A12FE924E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{EC27408E-92F3-4CBD-A752-DB9463EB23A7}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{EC300391-A0D1-443D-BBC7-948AEF6F1DA3}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{EC69B85F-0917-4971-8E12-15EC8926379A}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{EC97272B-B619-4481-804D-32F434502C68}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{ECD83C0C-7074-4B68-A7B2-A38000B02664}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{ED09FB11-1AE5-4869-AB02-8BFF623C41FE}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{ED8974C0-FDCE-49E8-848A-35CBF5A89CE5}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{EDE1ED56-1EB1-4D21-AC6F-BE59E2B178EF}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{EDF34B59-D25B-4F32-9517-B05E396322D5}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{EF5781B1-4526-46CD-B37B-C726EF383CB4}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F0341159-28AE-45FE-8549-766C304EB9EA}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F10AC909-D6DB-4D4A-894C-411B0BDFDF78}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F117A3C3-A133-4BAB-A5D1-529270F44119}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F1F72522-CF6C-4548-9B90-9F5904577B7F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F211ABC1-2977-43A7-B000-AB11EF513DB0}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F33FDEC0-082F-469E-A984-4FCBF7B49CC0}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F3B93F20-B498-42D9-BB2E-17F45EFF62E9}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F4825C47-94D4-4DAF-80D3-26CAC9A8684F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F63FBAA2-600C-48CA-88D0-3A5802047E7B}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F6427288-0B3C-4966-A44F-475B966BCBC4}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F68CFC39-CDBA-4C73-B5E0-03CAECF5646E}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F820CE2C-1375-49C6-91AE-6E12AB956F18}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F9069847-1DE5-4971-97A9-C6D51AC2733F}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F907CEA8-93E9-4D0C-9C93-E0B1133C7525}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F90ECA28-C7EB-4B00-8543-D614CE250F99}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{F925F364-B2B7-46E1-B8DA-6573D5D7318D}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{FAFFB517-D0E0-4A77-893A-E073B051F9E3}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{FCE545DF-EBFA-436C-AB17-C4BB90022FA8}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{FD504AA8-3465-448B-9832-BE491B87B860}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{FDB8C8AC-2E17-4D29-9A1C-EF4EB1E983A2}
Successfully deleted: [Empty Folder] C:\Users\Tan LT\appdata\local\{FFB4012C-A002-4D77-B50C-3487CAD53D58}



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [Folder] C:\Users\Tan LT\AppData\Roaming\mozilla\firefox\profiles\wlfk1t8l.default\extensions\addon@freecorder.com
Emptied folder: C:\Users\Tan LT\AppData\Roaming\mozilla\firefox\profiles\wlfk1t8l.default\minidumps [36 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 16/06/2014 at 3:58:28.37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

mac_t13, Well you really know how to rake an old guy over the coals..

I haven't seen a computer with that much junk in it in years...
You will have to be very patient, it may take some time to track it all down and I cannot be sure that it can be cleaned completely without a reformat/reinstall but we can give it a big try.

First, I will need:

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. Probably 32 bit, but If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, which will be the right version.


* Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
* Press Scan button.
* It will produce a log called FRST.txt in the same directory the tool is run from.
* Please copy and paste log back here.
* The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

This is old text I haven't up dated yet. You can UPLOAD these files instead of pasting them if you wish. We have a new format on this site and will just have to get use to it, I guess.

 

RogueKiller log :


RogueKiller V9.0.2.0 [Jun 3 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Tan LT [Admin rights]
Mode : Remove -- Date : 06/16/2014 04:33:35

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[PUM.Policies] HKEY_USERS\S-1-5-21-1836403861-1296277500-4197250034-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NOT SELECTED
[PUM.Policies] HKEY_USERS\S-1-5-21-1836403861-1296277500-4197250034-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NOT SELECTED
[PUM.StartMenu] HKEY_USERS\S-1-5-21-1836403861-1296277500-4197250034-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 2 -> NOT SELECTED
[PUM.StartMenu] HKEY_USERS\S-1-5-21-1836403861-1296277500-4197250034-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowPrinters : 0 -> NOT SELECTED
[PUM.StartMenu] HKEY_USERS\S-1-5-21-1836403861-1296277500-4197250034-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRun : 0 -> NOT SELECTED
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-1836403861-1296277500-4197250034-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 3 ¤¤¤
[EAT:Addr] (explorer.exe) wpdshserviceobj.dll - DllCanUnloadNow : C:\Windows\System32\SndVolSSO.dll @ 0x6d14155f
[EAT:Addr] (explorer.exe) wpdshserviceobj.dll - DllGetClassObject : C:\Windows\System32\SndVolSSO.dll @ 0x6d144852
[EAT:Addr] (explorer.exe) wpdshserviceobj.dll - DllMain : C:\Windows\System32\SndVolSSO.dll @ 0x6d1412fb

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: FUJITSU MHY2250BH +++++
--- User ---
[MBR] 34ca74a9d8fcac4b1adcdd655a4fd58e
[BSP] ff322b9de710ff668ac39ffc68476d5d : Unknown MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 231779 MB
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 477757440 | Size: 5192 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_06162014_043004.log - RKreport_DEL_06162014_043032.log - RKreport_SCN_06162014_043318.log

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-06-2014
Ran by Tan LT (administrator) on TANLT-PC on 16-06-2014 04:37:36
Running from E:\
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(UPEK Inc.) C:\Program Files\Protector Suite QL\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Chicony) C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
(Apple Inc.) C:\Program Files\QuickTime\qttask.exe
(UPEK Inc.) C:\Program Files\Protector Suite QL\psqltray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TOSHIBA) C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
() C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
() C:\Users\Tan LT\Desktop\RogueKiller.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4399104 2007-03-14] (Realtek Semiconductor)
HKLM\...\Run: [NDSTray.exe] => NDSTray.exe
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [835584 2007-02-02] (Synaptics, Inc.)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\Protector Suite QL\launcher.exe [49168 2006-12-03] (UPEK Inc.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [411768 2006-12-19] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [448632 2007-03-22] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [538744 2007-03-23] (TOSHIBA Corporation)
HKLM\...\Run: [Camera Assistant Software] => C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [413696 2007-03-21] (Chicony)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [282624 2007-04-27] (Apple Inc.)
HKLM\...\Run: [NPCTray] => C:\Program Files\Norman\npc\bin\npc_tray.exe /LOAD
HKLM\...\Run: [NeroCheck] => C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
Winlogon\Notify\psfus: C:\Windows\system32\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [TOSCDSPD] => TOSCDSPD.EXE
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [222128 2007-03-29] (Macrovision Corporation)
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [MsnMsgr] => C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [KiesHelper] => C:\Program Files\Samsung\Kies\KiesHelper.exe [896912 2011-03-17] (Samsung)
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3373456 2011-03-17] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [KiesPDLR] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [19872 2011-03-17] ()
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [PPS Accelerator] => C:\PROGRA~1\PPStream\ppsap.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [Sony PC Companion] => "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: F - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: G - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {00a71c54-fda5-11e1-a411-001e101f3315} - E:\AutoRun.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {31b6579f-6954-11de-b90f-00a0c6000000} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {3b604e09-768d-11dd-9170-00a0d19e3fe4} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {3fc001f1-83d0-11e2-8c17-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {41d8e698-4b53-11dd-8e66-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {41d8e69f-4b53-11dd-8e66-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {49894942-45de-11dd-8868-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {4e3deb82-484d-11dd-89f6-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {4e3deb84-484d-11dd-89f6-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {679afe2a-0227-11e1-8a32-001de09c5925} - E:\Startme.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {8dfa9f1a-45d5-11dd-aaa1-00a0d19e3fe4} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {a359200c-3abc-11dd-9086-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {a3592013-3abc-11dd-9086-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {b21a31cf-6147-11dd-ad43-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {b21a31df-6147-11dd-ad43-001de09c5925} - F:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {b9df555a-f98e-11e0-920b-00a0d19e3fe4} - E:\AutoRun.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {b9df5568-f98e-11e0-920b-001e101f2500} - E:\AutoRun.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {ee4bdfe5-4b26-11dd-99fb-806e6f6e6963} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {ee4be012-4b26-11dd-99fb-001de09c5925} - E:\StartVMCLite.exe
AppInit_DLLs: C:\PROGRA~1\COMMON~1\JAKSTA~1\AUDIOC~1\jaudcap.dll => C:\Program Files\Common Files\Jaksta Technologies\Audio Capture\jaudcap.dll [268064 2013-07-09] (Jaksta Technologies Pty Ltd)
Lsa: [Notification Packages] scecli psqlpwd
Startup: C:\Users\Tan LT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fliptoast.lnk
ShortcutTarget: fliptoast.lnk -> C:\Program Files\fliptoast\fliptoast.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sg.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://xin.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xADF946D09659CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-sg
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15112/CTPID.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:
========
FF ProfilePath: C:\Users\Tan LT\AppData\Roaming\Mozilla\Firefox\Profiles\wlfk1t8l.default
FF DefaultSearchEngine: Ask Search
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Ask Search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Tan LT\AppData\Roaming\Mozilla\Firefox\Profiles\wlfk1t8l.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-03-30]
FF Extension: FireTube - C:\Users\Tan LT\AppData\Roaming\Mozilla\Firefox\Profiles\wlfk1t8l.default\Extensions\jid0-w1UVmoLd6VGudaIERuRJCPQx1dQ@jetpack.xpi [2013-08-04]
FF Extension: Ask Toolbar - C:\Users\Tan LT\AppData\Roaming\Mozilla\Firefox\Profiles\wlfk1t8l.default\Extensions\toolbar_ORJ-V7@apn.ask.com.xpi [2013-07-27]
FF Extension: Freecorder YouTube Download Wizard - C:\Users\Tan LT\AppData\Roaming\Mozilla\Firefox\Profiles\wlfk1t8l.default\Extensions\ytvdw@pgport.com.xpi [2012-05-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchKeyword: google.com.sg
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\Tan LT\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Tan LT\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Tan LT\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll No File
CHR Plugin: (Babylon Chrome Plugin) - C:\Users\Tan LT\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Tan LT\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Angry Birds) - C:\Users\Tan LT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-10-09]
CHR Extension: (No Name) - C:\Users\Tan LT\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb [2011-10-09]
CHR Extension: (No Name) - C:\Users\Tan LT\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge [2013-08-04]

========================== Services (Whitelisted) =================

S3 Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2011-05-15] (BOONTY) [File not signed]
R2 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-15] (TOSHIBA CORPORATION) [File not signed]
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [643072 2007-02-22] (Intel Corporation) [File not signed]
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [217088 2010-12-20] (Teruten) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-02-22] (Intel Corporation) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]
R2 TNaviSrv; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [114688 2007-03-29] (TOSHIBA Corporation) [File not signed]
R2 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-26] (TOSHIBA Corporation) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-24] (Ulead Systems, Inc.) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

 

==================== Drivers (Whitelisted) ====================

R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2010-12-20] () [File not signed]
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2013-02-24] (Scott)
R3 UVCFTR; C:\Windows\System32\DRIVERS\UVCFTR_S.SYS [11264 2007-03-12] (Chicony Electronics Co., Ltd.)
S3 w810bus; C:\Windows\System32\DRIVERS\w810bus.sys [58288 2006-02-21] (MCCI)
S3 w810mdfl; C:\Windows\System32\DRIVERS\w810mdfl.sys [8336 2006-02-21] (MCCI)
S3 w810mdm; C:\Windows\System32\DRIVERS\w810mdm.sys [94064 2006-02-21] (MCCI)
S3 w810mgmt; C:\Windows\System32\DRIVERS\w810mgmt.sys [85408 2006-02-21] (MCCI)
S3 w810obex; C:\Windows\System32\DRIVERS\w810obex.sys [83344 2006-02-21] (MCCI)
S3 ZTEusbnet; C:\Windows\System32\DRIVERS\ZTEusbnet.sys [110080 2008-11-12] (ZTE Corporation)
S3 ZTEusbvoice; C:\Windows\System32\DRIVERS\ZTEusbvoice.sys [104960 2008-11-12] (ZTE Incorporated)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 cnnctfy2MP; system32\DRIVERS\cnnctfy2.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCASp50; System32\Drivers\PCASp50.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-16 04:37 - 2014-06-16 04:37 - 00000000 ____D () C:\FRST
2014-06-16 04:29 - 2014-06-16 04:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-16 04:14 - 2014-06-09 14:28 - 04686336 _____ () C:\Users\Tan LT\Desktop\RogueKiller.exe
2014-06-16 04:06 - 2014-06-16 04:17 - 00026624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-06-16 03:54 - 2014-06-16 03:54 - 00000000 ____D () C:\Windows\ERUNT
2014-06-16 03:25 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-06-16 03:23 - 2014-06-16 03:27 - 00000000 ____D () C:\AdwCleaner
2014-06-16 02:46 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-16 02:45 - 2014-05-07 15:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-06-16 02:45 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-16 02:45 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-16 02:41 - 2014-06-16 02:45 - 00006014 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log
2014-06-16 02:23 - 2014-06-16 03:27 - 00000000 ____D () C:\Users\Tan LT\Desktop\Brother Bear

==================== One Month Modified Files and Folders =======

2014-06-16 04:38 - 2008-06-15 17:17 - 00000000 ____D () C:\Users\Tan LT\AppData\Local\Temp
2014-06-16 04:38 - 2008-06-15 17:13 - 01642158 _____ () C:\Windows\WindowsUpdate.log
2014-06-16 04:37 - 2014-06-16 04:37 - 00000000 ____D () C:\FRST
2014-06-16 04:29 - 2014-06-16 04:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-16 04:29 - 2012-06-25 00:21 - 00001890 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-16 04:24 - 2012-06-25 00:21 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-16 04:17 - 2014-06-16 04:06 - 00026624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-06-16 03:54 - 2014-06-16 03:54 - 00000000 ____D () C:\Windows\ERUNT
2014-06-16 03:32 - 2009-04-03 23:25 - 00000000 ____D () C:\Users\Tan LT\Tracing
2014-06-16 03:31 - 2012-01-08 17:24 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-06-16 03:30 - 2006-11-02 21:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-16 03:30 - 2006-11-02 20:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-16 03:30 - 2006-11-02 20:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-16 03:29 - 2008-06-16 08:01 - 00400278 _____ () C:\Windows\PFRO.log
2014-06-16 03:28 - 2012-06-25 00:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-16 03:28 - 2011-10-30 13:31 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-16 03:28 - 2006-11-02 21:01 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-16 03:27 - 2014-06-16 03:23 - 00000000 ____D () C:\AdwCleaner
2014-06-16 03:27 - 2014-06-16 02:23 - 00000000 ____D () C:\Users\Tan LT\Desktop\Brother Bear
2014-06-16 03:08 - 2006-11-02 18:33 - 00703516 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-16 02:47 - 2007-04-19 05:29 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-16 02:45 - 2014-06-16 02:41 - 00006014 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log
2014-06-16 02:45 - 2007-04-19 05:29 - 00000000 ____D () C:\Program Files\Java
2014-06-16 02:36 - 2006-11-02 20:52 - 00093531 _____ () C:\Windows\setupact.log
2014-06-16 01:38 - 2010-10-20 20:25 - 00000000 ____D () C:\Users\Tan LT\AppData\Local\Windows Live
2014-06-16 01:32 - 2010-04-03 17:21 - 00000000 ____D () C:\Users\Tan LT\AppData\Local\Trend Micro
2014-06-16 01:32 - 2010-04-03 17:19 - 00000000 ____D () C:\Users\Public\Documents\Trend Micro
2014-06-09 14:28 - 2014-06-16 04:14 - 04686336 _____ () C:\Users\Tan LT\Desktop\RogueKiller.exe
2014-06-08 16:06 - 2012-02-19 18:30 - 00000000 ____D () C:\Users\Tan LT\AppData\Roaming\Applian FLV and Media Player
2014-06-08 15:52 - 2012-04-08 21:05 - 00000000 ____D () C:\Users\Tan LT\AppData\Roaming\vlc
2014-06-08 15:47 - 2012-01-25 16:34 - 00000000 ____D () C:\Users\Tan LT\Desktop\lalu
2014-06-08 15:19 - 2008-07-06 20:56 - 00017408 _____ () C:\Users\Tan LT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-08 14:19 - 2009-04-19 14:46 - 00002555 _____ () C:\Users\Tan LT\Desktop\Microsoft Word.lnk
2014-06-08 14:12 - 2013-11-02 21:16 - 00000000 ____D () C:\Users\Tan LT\Desktop\samsung note 8
2014-06-08 13:52 - 2014-03-20 22:30 - 00000000 ____D () C:\Users\Tan LT\Desktop\itsjudyslife
2014-05-26 23:49 - 2014-03-20 22:36 - 00000000 ____D () C:\Users\Tan LT\Desktop\faith
2014-05-25 19:37 - 2011-10-23 16:28 - 00000000 ____D () C:\game
2014-05-25 19:36 - 2011-10-18 22:05 - 00000000 ____D () C:\Program Files\Mobile Partner
2014-05-25 19:34 - 2008-12-21 15:42 - 00000000 ____D () C:\Users\Tan LT\Documents\FinePrint files
2014-05-24 00:57 - 2014-05-14 09:58 - 00000000 ____D () C:\Users\Tan LT\Desktop\xiao yu er

Files to move or delete:
====================
C:\Users\Tan LT\AppData\Roaming\desktop.ini


Some content of TEMP:
====================
C:\Users\Tan LT\AppData\Local\Temp\63976uninstall.exe
C:\Users\Tan LT\AppData\Local\Temp\Absolutist_Games.exe
C:\Users\Tan LT\AppData\Local\Temp\AdobeUpdater12345.exe
C:\Users\Tan LT\AppData\Local\Temp\APNSetup.exe
C:\Users\Tan LT\AppData\Local\Temp\atl80.dll
C:\Users\Tan LT\AppData\Local\Temp\AutoDetect.exe
C:\Users\Tan LT\AppData\Local\Temp\BackupSetup.exe
C:\Users\Tan LT\AppData\Local\Temp\contentDATs.exe
C:\Users\Tan LT\AppData\Local\Temp\DeltaTB.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate02.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate03.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate04.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate05.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate06.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate07.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate08.exe
C:\Users\Tan LT\AppData\Local\Temp\GLF8A4D.tmp.tbFree.dll
C:\Users\Tan LT\AppData\Local\Temp\GLFA710.tmp.tbFree.dll
C:\Users\Tan LT\AppData\Local\Temp\GLFE1BF.tmp.tbFree.dll
C:\Users\Tan LT\AppData\Local\Temp\InstallAX.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-6u15-windows-i586-iftw.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-6u19-windows-i586-iftw-rv.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Tan LT\AppData\Local\Temp\libexpat.dll
C:\Users\Tan LT\AppData\Local\Temp\mfc80.dll
C:\Users\Tan LT\AppData\Local\Temp\mfc80u.dll
C:\Users\Tan LT\AppData\Local\Temp\mfcm80.dll
C:\Users\Tan LT\AppData\Local\Temp\mfcm80u.dll
C:\Users\Tan LT\AppData\Local\Temp\mPlayer.dj.dll
C:\Users\Tan LT\AppData\Local\Temp\msvcm80.dll
C:\Users\Tan LT\AppData\Local\Temp\msvcp80.dll
C:\Users\Tan LT\AppData\Local\Temp\msvcr80.dll
C:\Users\Tan LT\AppData\Local\Temp\nlsdl.dll
C:\Users\Tan LT\AppData\Local\Temp\nsj560D.tmp.ConduitEngineEmbbed.exe
C:\Users\Tan LT\AppData\Local\Temp\nsm6806.tmp.ConduitEngineEmbbed.exe
C:\Users\Tan LT\AppData\Local\Temp\Quarantine.exe
C:\Users\Tan LT\AppData\Local\Temp\scs.exe
C:\Users\Tan LT\AppData\Local\Temp\Sqlite3.dll
C:\Users\Tan LT\AppData\Local\Temp\Stp61FF_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\Stp74A4_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\Stp7F9C_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\Stp88FF_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\Stp8BCC_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\Stp9609_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\Stp9697_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpBA9B_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpC082_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpC277_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpCAEF_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpCE3A_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpD099_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpD146_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpD433_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpD6E1_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpD885_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpD8B4_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpDAC7_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpE1C8_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpE2C2_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpED7B_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\tbFre2.dll
C:\Users\Tan LT\AppData\Local\Temp\tbFree.dll
C:\Users\Tan LT\AppData\Local\Temp\TB_4ECD.exe
C:\Users\Tan LT\AppData\Local\Temp\tmdbg32.dll
C:\Users\Tan LT\AppData\Local\Temp\uninst1.exe
C:\Users\Tan LT\AppData\Local\Temp\VMC2700.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\VMC2B72.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\VMC4173.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\VMC6132.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\VMCA38E.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\VMCCB1C.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\VMCD190.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\VMCD75B.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\wlsetup-cvr.exe

 

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-16 03:47

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:09-06-2014
Ran by Tan LT at 2014-06-16 04:38:55
Running from E:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions (HKLM\...\Digital Editions) (Version: - )
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader 8.3.1 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A83000000003}) (Version: 8.3.1 - Adobe Systems Incorporated)
Ahead Nero 6 Demo (HKLM\...\Nero - Burning Rom!UninstallKey) (Version: - )
Applian FLV and Media Player 3.1.1.12 (HKLM\...\Applian FLV and Media Player) (Version: 3.1.1.12 - Applian Technologies)
ArcSoft Panorama Maker 4 (HKLM\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version: - ArcSoft)
Ask Toolbar (HKLM\...\{4F524A2D-5637-006A-76A7-A758B70C0C02}) (Version: 12.12.2.82 - APN, LLC) <==== ATTENTION
AVIConverter CHN-EN Package (HKLM\...\AVIConverter) (Version: CHN-EN Package - )
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v5.10.06(T) - )
Camera Assistant Software for Toshiba (HKLM\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.126.0326 - Chicony Electronics Co.,Ltd.)
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.00.03 - TOSHIBA)
Cheetah Audio Converter (HKLM\...\{B1914510-38B5-4835-83D8-A188073E542F}) (Version: - )
Cheetah WMA Installer (HKLM\...\{BDB7CDB2-40E6-4893-95E9-7A551AF865CD}) (Version: - )
Chinese Simplified Fonts Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-2447-0000-800000000003}) (Version: 8.0.0 - Adobe Systems)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version: - )
DVD MovieFactory for TOSHIBA (HKLM\...\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}) (Version: 5.3 - Ulead Systems, Inc.)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVDFab 8.0.2.2 (01/10/2010) (HKLM\...\DVDFab 8_is1) (Version: - Fengtao Software Inc.)
DVDFab 9.0.7.2 (18/10/2013) (HKLM\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
Freecorder 8 Applications (8.0.1.0) (HKLM\...\Freecorder 8 Applications) (Version: 8.0.1.0 - Applian Technologies)
Freecorder extension for Firefox (HKLM\...\Freecorder extension for Firefox) (Version: 7.0.0.13 - Applian Technologies, Inc.)
Intel Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Intel(R) PROSet/Wireless Software (HKLM\...\ProInst) (Version: 11.01.0000 - Intel Corporation)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden
Java(TM) 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Java(TM) SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.98.2 for Audacity (HKLM\...\LAME for Audacity_is1) (Version: - )
Marvell Miniport Driver (HKLM\...\{C950420B-4182-49EA-850A-A6A2ABF06C6B}) (Version: 10.0.4.3 - Marvell)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
mCore (Version: 9.03.0000 - Intel Corporation) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
mHelp (Version: 9.03.0000 - Intel) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office XP Small Business (HKLM\...\{91130409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft XML Parser (Version: 8.20.8730.4 - Microsoft Corporation) Hidden
mMHouse (Version: 9.03.0000 - Intel Corporation) Hidden
Mozilla Firefox 22.0 (x86 en-US) (HKLM\...\Mozilla Firefox 22.0 (x86 en-US)) (Version: 22.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 22.0 - Mozilla)
mPfMgr (Version: 9.03.0000 - Intel Corporation) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OverDrive Media Console (HKLM\...\{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}) (Version: 3.2.5 - OverDrive, Inc.)
Prism Video File Converter (HKLM\...\Prism) (Version: - NCH Software)
Protector Suite QL 5.6 (HKLM\...\{10113A44-CBFF-4FF7-8A13-BD1EC4180C56}) (Version: 5.6.0.3284 - UPEK Inc.)
QuickTime (HKLM\...\{08094E03-AFE4-4853-9D31-6D0743DF5328}) (Version: 7.1.6.200 - Apple Computer, Inc.)
Real Alternative 1.9.0 Lite (HKLM\...\RealAlt_is1) (Version: 1.9.0 - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5386 - Realtek Semiconductor Corp.)
SA25x5 & SA26x5 Device Manager (HKLM\...\{62682265-C7EB-4EC7-986B-666FE2785900}) (Version: 01.01.00.1018 - Philips)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.0.11032_12 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.0.0.11032_12 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2250.0 - SAMSUNG Electronics Co., Ltd.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Sony Ericsson Update Engine (HKLM\...\Update Engine) (Version: 2.13.3.43 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.136 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.136 - Sony)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.14.0 - Synaptics)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}) (Version: 2.00.0001 - Texas Instruments Inc.)
TIPCI (Version: 2.00.0001 - Texas Instruments Inc.) Hidden
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.00.03 - )
TOSHIBA ConfigFree (HKLM\...\{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}) (Version: 7.00.27 - TOSHIBA)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.0.7a - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 1.00.14 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00 - TOSHIBA Corporation) Hidden
TOSHIBA Hardware Setup (HKLM\...\{BFC85CDC-BD7C-4FDD-9507-8D74B5A79404}) (Version: 2.00.03 - )
TOSHIBA Recovery Disc Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.0.0.1 - TOSHIBA Corporation)
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.8.1.1 - TOSHIBA)
TOSHIBA Software Modem (HKLM\...\TOSHIBA Software Modem) (Version: 2.1.77 (SM2177ALD03) - Agere Systems)
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )
TOSHIBA Supervisor Password (HKLM\...\{2BDF38E0-1A7F-4220-B4B7-118DD45E5E13}) (Version: 2.00.02 - )
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.0.17 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.0.17 - TOSHIBA Corporation) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2836940) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{620E77C0-CDFE-4C14-AAEB-830ABB65864C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{525A4A44-8940-40AD-ABA0-14501199D2F0}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{8153EC80-C988-4336-8DAF-6D99C0D26E0C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{51242368-A3AC-4123-B2F2-7BD39EC4AEF9}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
VLC media player 2.0.1 (HKLM\...\VLC media player) (Version: 2.0.1 - VideoLAN)

 

ive Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Media Encoder 9 Series (Version: 9.00.3374 - Microsoft Corporation) Hidden
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
YTD Video Downloader 3.9.4 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: - GreenTree Applications SRL)

==================== Restore Points =========================

21-07-2013 12:08:14 Windows Update
02-08-2013 16:17:19 Windows Update
04-08-2013 01:52:53 Windows Update
04-08-2013 10:00:24 Removed Bing Bar
04-08-2013 10:04:20 Removed Creative Media Lite
04-08-2013 10:11:50 Removed Nikon Message Center
04-08-2013 10:12:48 Removed PlayStation(R)Network Downloader.
04-08-2013 10:13:49 Removed PlayStation(R)Store.
04-08-2013 12:00:13 Windows Update
04-08-2013 13:11:01 Installed MyDSC2
04-08-2013 13:21:09 Removed MyDSC2
04-08-2013 13:37:20 Removed Java(TM) 6 Update 31
04-08-2013 13:38:58 Installed Java 7 Update 25
18-08-2013 08:54:35 Windows Update
15-06-2014 18:34:53 Installed Java 7 Update 60

==================== Hosts content: ==========================

2006-11-02 18:23 - 2006-09-19 05:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {6C9C4FDE-99AF-4C02-A897-00A8963927BC} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-19] (Microsoft Corporation)
Task: {6E888936-96FC-4C6B-88ED-355F49CA7464} - System32\Tasks\Microsoft\Windows\RestartManager\{F457B351-0BBC-442e-8139-790795E3EF9B} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {80F58020-45C1-446D-A7EC-2B90FD7021A7} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {94C9277E-704E-4229-8C3D-D35CB260EDBE} - System32\Tasks\NCH Software\prismShakeIcon => C:\Program Files\NCH Software\Prism\Prism.exe [2010-08-10] (NCH Software)
Task: {B05FCC49-5878-4D2C-B9D2-A5A26B87125B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-16] (Adobe Systems Incorporated)
Task: {CE6CD646-8204-4A3E-B46B-714FE2D82A8E} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{DC158206-0E2F-4BD9-A1F7-CFBAFB74C82F}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2006-10-18 07:13 - 2006-10-18 07:13 - 01167360 _____ () C:\Program Files\Intel\Wireless\Bin\acAuth.dll
2007-02-22 02:13 - 2007-02-22 02:13 - 00118784 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2007-04-19 05:11 - 2007-03-06 11:34 - 00249856 _____ () C:\Windows\system32\igfxTMM.dll
2006-11-09 18:27 - 2006-11-09 18:27 - 00090112 _____ () C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
2007-04-19 05:58 - 2006-10-11 02:44 - 00009728 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2006-11-08 18:08 - 2006-11-08 18:08 - 00009216 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
2007-04-19 05:59 - 2006-10-21 04:49 - 00009216 _____ () C:\Program Files\Toshiba\ConfigFree\NotifyCFF.dll
2006-10-08 02:57 - 2006-10-08 02:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2006-12-01 18:55 - 2006-12-01 18:55 - 00009216 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll
2011-03-17 23:07 - 2011-03-17 23:07 - 00019872 _____ () C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
2011-04-19 23:01 - 2011-04-19 23:01 - 00055816 _____ () C:\Users\Tan LT\AppData\Local\Temp\e3c74ee6-7482-4280-b9c3-f233b390296e\CliSecureRT.dll
2005-07-23 12:30 - 2005-07-23 12:30 - 00065536 _____ () C:\Windows\system32\TosCommAPI.dll
2004-10-15 01:18 - 2004-10-15 01:18 - 00040960 _____ () C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtAfh.dll
2008-06-15 17:21 - 2007-03-26 10:52 - 04442624 _____ () C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
2014-06-16 04:14 - 2014-06-09 14:28 - 04686336 _____ () C:\Users\Tan LT\Desktop\RogueKiller.exe
2013-08-04 19:24 - 2013-08-04 19:24 - 03285912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-06-16 03:28 - 2014-06-16 03:28 - 16361136 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============



HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\Software\Classes\.exe: => <===== ATTENTION!

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: USB Device(VID_1f3a_PID_efe8)
Description: USB Device(VID_1f3a_PID_efe8)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: USB Devices
Service: usbUDisc
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (04/24/2011 06:35:02 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 41 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/27/2010 09:02:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2014-06-16 01:26:11.235
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-16 01:26:10.969
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-16 01:26:10.735
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-16 01:26:10.501
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-16 01:24:31.504
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-16 01:24:31.270
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-16 01:24:31.020
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-16 01:24:30.771
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-08-06 20:51:31.137
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Freecorder\Applian_Audio_Plugin.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-08-06 20:51:30.923
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Freecorder\Applian_Audio_Plugin.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 96%
Total physical RAM: 2037.69 MB
Available physical RAM: 64.41 MB
Total Pagefile: 4318.39 MB
Available Pagefile: 2709.59 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.07 MB

==================== Drives ================================

Drive c: (S3A6130D004) (Fixed) (Total:226.35 GB) (Free:51.61 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (USB DISK) (Removable) (Total:0.96 GB) (Free:0.85 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 6292180D)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=226 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=5 GB) - (Type=17)

========================================================
Disk: 1 (Size: 984 MB) (Disk ID: C865BD45)
Partition 1: (Active) - (Size=983 MB) - (Type=0E)

==================== End Of Log ============================

 

haha....thank you 2og, my IE finally working!!! Thank you very much.....

 

Yeah, I know but you have a lot of malware and junk that didn't get fixed just yet.
Do you want to finish cleaning it??
I would suggest it so that it won't come back to haunt you.. As for right now, you don't have a AntiVirus installed and I suggest you download Avast Free AV and install it to keep any further malware from infecting you..

What say?

 

Hi, 2OG, I would like to continue cleaning before my laptop becomes haunted, heeee. Please advise me to do the rest. Thank you.

 

Yeah, that Vista is a well used machine and really needs some TLC...
I will go through the logs and put together a Fix for you.. Please be patient cause there are a lot of things that need attention.
I will get back to you as soon as I can, it may be a day or two so hang in there...

 

Hi, 2oG. This is a the lastest Farbar Recovery Scan log. Great Thanks. I really never expect my laptop to be that that BAD! Lucky u great guy there.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-06-2014
Ran by Tan LT (administrator) on TANLT-PC on 16-06-2014 11:55:34
Running from C:\Users\Tan LT\Desktop
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(UPEK Inc.) C:\Program Files\Protector Suite QL\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Chicony) C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
(Apple Inc.) C:\Program Files\QuickTime\qttask.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(TOSHIBA) C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(UPEK Inc.) C:\Program Files\Protector Suite QL\psqltray.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
() C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
() C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_13_0_0_214_ActiveX.exe

==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4399104 2007-03-14] (Realtek Semiconductor)
HKLM\...\Run: [NDSTray.exe] => NDSTray.exe
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [835584 2007-02-02] (Synaptics, Inc.)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\Protector Suite QL\launcher.exe [49168 2006-12-03] (UPEK Inc.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [411768 2006-12-19] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [448632 2007-03-22] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [538744 2007-03-23] (TOSHIBA Corporation)
HKLM\...\Run: [Camera Assistant Software] => C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [413696 2007-03-21] (Chicony)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [282624 2007-04-27] (Apple Inc.)
HKLM\...\Run: [NPCTray] => C:\Program Files\Norman\npc\bin\npc_tray.exe /LOAD
HKLM\...\Run: [NeroCheck] => C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-06-16] (AVAST Software)
Winlogon\Notify\psfus: C:\Windows\system32\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [TOSCDSPD] => TOSCDSPD.EXE
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [222128 2007-03-29] (Macrovision Corporation)
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [MsnMsgr] => C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [KiesHelper] => C:\Program Files\Samsung\Kies\KiesHelper.exe [896912 2011-03-17] (Samsung)
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3373456 2011-03-17] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [KiesPDLR] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [19872 2011-03-17] ()
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [PPS Accelerator] => C:\PROGRA~1\PPStream\ppsap.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\Run: [Sony PC Companion] => "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: F - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: G - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {00a71c54-fda5-11e1-a411-001e101f3315} - E:\AutoRun.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {31b6579f-6954-11de-b90f-00a0c6000000} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {3b604e09-768d-11dd-9170-00a0d19e3fe4} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {3fc001f1-83d0-11e2-8c17-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {41d8e698-4b53-11dd-8e66-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {41d8e69f-4b53-11dd-8e66-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {49894942-45de-11dd-8868-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {4e3deb82-484d-11dd-89f6-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {4e3deb84-484d-11dd-89f6-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {679afe2a-0227-11e1-8a32-001de09c5925} - E:\Startme.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {8dfa9f1a-45d5-11dd-aaa1-00a0d19e3fe4} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {a359200c-3abc-11dd-9086-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {a3592013-3abc-11dd-9086-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {b21a31cf-6147-11dd-ad43-001de09c5925} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {b21a31df-6147-11dd-ad43-001de09c5925} - F:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {b9df555a-f98e-11e0-920b-00a0d19e3fe4} - E:\AutoRun.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {b9df5568-f98e-11e0-920b-001e101f2500} - E:\AutoRun.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {ee4bdfe5-4b26-11dd-99fb-806e6f6e6963} - E:\StartVMCLite.exe
HKU\S-1-5-21-1836403861-1296277500-4197250034-1000\...\MountPoints2: {ee4be012-4b26-11dd-99fb-001de09c5925} - E:\StartVMCLite.exe
AppInit_DLLs: C:\PROGRA~1\COMMON~1\JAKSTA~1\AUDIOC~1\jaudcap.dll => C:\Program Files\Common Files\Jaksta Technologies\Audio Capture\jaudcap.dll [268064 2013-07-09] (Jaksta Technologies Pty Ltd)
Lsa: [Notification Packages] scecli psqlpwd
Startup: C:\Users\Tan LT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fliptoast.lnk
ShortcutTarget: fliptoast.lnk -> C:\Program Files\fliptoast\fliptoast.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://xin.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-sg
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE08EEEE11589CF01
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15112/CTPID.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:
========
FF ProfilePath: C:\Users\Tan LT\AppData\Roaming\Mozilla\Firefox\Profiles\wlfk1t8l.default
FF DefaultSearchEngine: Ask Search
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Ask Search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Tan LT\AppData\Roaming\Mozilla\Firefox\Profiles\wlfk1t8l.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-03-30]
FF Extension: FireTube - C:\Users\Tan LT\AppData\Roaming\Mozilla\Firefox\Profiles\wlfk1t8l.default\Extensions\jid0-w1UVmoLd6VGudaIERuRJCPQx1dQ@jetpack.xpi [2013-08-04]
FF Extension: Ask Toolbar - C:\Users\Tan LT\AppData\Roaming\Mozilla\Firefox\Profiles\wlfk1t8l.default\Extensions\toolbar_ORJ-V7@apn.ask.com.xpi [2013-07-27]
FF Extension: Freecorder YouTube Download Wizard - C:\Users\Tan LT\AppData\Roaming\Mozilla\Firefox\Profiles\wlfk1t8l.default\Extensions\ytvdw@pgport.com.xpi [2012-05-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-16]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchKeyword: google.com.sg
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\Tan LT\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Tan LT\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Tan LT\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll No File
CHR Plugin: (Babylon Chrome Plugin) - C:\Users\Tan LT\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Tan LT\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Angry Birds) - C:\Users\Tan LT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-10-09]
CHR Extension: (No Name) - C:\Users\Tan LT\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb [2011-10-09]
CHR Extension: (No Name) - C:\Users\Tan LT\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge [2013-08-04]
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-16] (AVAST Software)
S3 Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2011-05-15] (BOONTY) [File not signed]
R2 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-15] (TOSHIBA CORPORATION) [File not signed]
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [643072 2007-02-22] (Intel Corporation) [File not signed]
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [217088 2010-12-20] (Teruten) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-02-22] (Intel Corporation) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]
R2 TNaviSrv; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [114688 2007-03-29] (TOSHIBA Corporation) [File not signed]
R2 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-26] (TOSHIBA Corporation) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-24] (Ulead Systems, Inc.) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-06-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-06-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-06-16] (AVAST Software)
S0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-06-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-06-16] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-06-16] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-06-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-06-16] ()
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2010-12-20] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2013-02-24] (Scott)
R3 UVCFTR; C:\Windows\System32\DRIVERS\UVCFTR_S.SYS [11264 2007-03-12] (Chicony Electronics Co., Ltd.)
S3 w810bus; C:\Windows\System32\DRIVERS\w810bus.sys [58288 2006-02-21] (MCCI)
S3 w810mdfl; C:\Windows\System32\DRIVERS\w810mdfl.sys [8336 2006-02-21] (MCCI)
S3 w810mdm; C:\Windows\System32\DRIVERS\w810mdm.sys [94064 2006-02-21] (MCCI)
S3 w810mgmt; C:\Windows\System32\DRIVERS\w810mgmt.sys [85408 2006-02-21] (MCCI)
S3 w810obex; C:\Windows\System32\DRIVERS\w810obex.sys [83344 2006-02-21] (MCCI)
S3 ZTEusbnet; C:\Windows\System32\DRIVERS\ZTEusbnet.sys [110080 2008-11-12] (ZTE Corporation)
S3 ZTEusbvoice; C:\Windows\System32\DRIVERS\ZTEusbvoice.sys [104960 2008-11-12] (ZTE Incorporated)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 cnnctfy2MP; system32\DRIVERS\cnnctfy2.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCASp50; System32\Drivers\PCASp50.sys [X]
==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========
2014-06-16 11:55 - 2014-06-16 11:55 - 00027219 _____ () C:\Users\Tan LT\Desktop\FRST.txt
2014-06-16 11:54 - 2014-06-16 11:56 - 00000000 ____D () C:\Users\Tan LT\Desktop\FRST-OlderVersion
2014-06-16 11:52 - 2014-06-16 11:54 - 01072640 _____ (Farbar) C:\Users\Tan LT\Desktop\FRST.exe
2014-06-16 10:30 - 2014-06-16 10:32 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-16 10:29 - 2014-06-16 10:29 - 00000870 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-16 10:29 - 2014-06-16 10:29 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-16 10:29 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-16 10:29 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-16 10:29 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-16 10:20 - 2014-06-16 10:20 - 00001844 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-16 10:20 - 2014-06-16 10:20 - 00000000 ____D () C:\Users\Tan LT\AppData\Roaming\AVAST Software
2014-06-16 10:18 - 2014-06-16 10:19 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-16 10:18 - 2014-06-16 10:19 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-16 10:18 - 2014-06-16 10:19 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswrdr.sys
2014-06-16 10:18 - 2014-06-16 10:18 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402885168653
2014-06-16 10:18 - 2014-06-16 10:18 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402885168653
2014-06-16 10:18 - 2014-06-16 10:18 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-16 10:18 - 2014-06-16 10:18 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-16 10:18 - 2014-06-16 10:18 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-16 10:18 - 2014-06-16 10:18 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-06-16 10:18 - 2014-06-16 10:18 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswrdr.sys.1402885168653
2014-06-16 10:18 - 2014-06-16 10:18 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-16 10:18 - 2014-06-16 10:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-16 10:18 - 2014-06-16 10:18 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-16 10:16 - 2014-06-16 10:16 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-16 04:53 - 2014-06-10 06:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Tan LT\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-16 04:52 - 2014-06-10 03:59 - 94714880 _____ (AVAST Software) C:\Users\Tan LT\Downloads\avast_free_antivirus_setup.exe
2014-06-16 04:52 - 2014-06-10 03:59 - 94714880 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup.exe
2014-06-16 04:37 - 2014-06-16 11:55 - 00000000 ____D () C:\FRST
2014-06-16 04:29 - 2014-06-16 04:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-16 04:06 - 2014-06-16 04:17 - 00026624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-06-16 03:54 - 2014-06-16 03:54 - 00000000 ____D () C:\Windows\ERUNT
2014-06-16 03:25 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-06-16 03:23 - 2014-06-16 03:27 - 00000000 ____D () C:\AdwCleaner
2014-06-16 02:46 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-16 02:45 - 2014-05-07 15:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-06-16 02:45 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-16 02:45 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-16 02:41 - 2014-06-16 02:45 - 00006014 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log
2014-06-16 02:23 - 2014-06-16 03:27 - 00000000 ____D () C:\Users\Tan LT\Desktop\Brother Bear

 

==================== One Month Modified Files and Folders =======
2014-06-16 11:59 - 2014-06-16 11:55 - 00027219 _____ () C:\Users\Tan LT\Desktop\FRST.txt
2014-06-16 11:59 - 2008-06-15 17:17 - 00000000 ____D () C:\Users\Tan LT\AppData\Local\Temp
2014-06-16 11:56 - 2014-06-16 11:54 - 00000000 ____D () C:\Users\Tan LT\Desktop\FRST-OlderVersion
2014-06-16 11:55 - 2014-06-16 04:37 - 00000000 ____D () C:\FRST
2014-06-16 11:54 - 2014-06-16 11:52 - 01072640 _____ (Farbar) C:\Users\Tan LT\Desktop\FRST.exe
2014-06-16 11:24 - 2012-06-25 00:21 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-16 10:56 - 2012-04-08 21:04 - 00000830 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-16 10:55 - 2012-04-08 21:05 - 00000000 ____D () C:\Users\Tan LT\AppData\Roaming\vlc
2014-06-16 10:50 - 2008-06-15 17:13 - 01719977 _____ () C:\Windows\WindowsUpdate.log
2014-06-16 10:43 - 2013-08-04 19:24 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-16 10:32 - 2014-06-16 10:30 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-16 10:29 - 2014-06-16 10:29 - 00000870 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-16 10:29 - 2014-06-16 10:29 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-16 10:20 - 2014-06-16 10:20 - 00001844 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-16 10:20 - 2014-06-16 10:20 - 00000000 ____D () C:\Users\Tan LT\AppData\Roaming\AVAST Software
2014-06-16 10:19 - 2014-06-16 10:18 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-16 10:19 - 2014-06-16 10:18 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-16 10:19 - 2014-06-16 10:18 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswrdr.sys
2014-06-16 10:18 - 2014-06-16 10:18 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402885168653
2014-06-16 10:18 - 2014-06-16 10:18 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402885168653
2014-06-16 10:18 - 2014-06-16 10:18 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-16 10:18 - 2014-06-16 10:18 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-16 10:18 - 2014-06-16 10:18 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-16 10:18 - 2014-06-16 10:18 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-06-16 10:18 - 2014-06-16 10:18 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswrdr.sys.1402885168653
2014-06-16 10:18 - 2014-06-16 10:18 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-16 10:18 - 2014-06-16 10:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-16 10:18 - 2014-06-16 10:18 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-16 10:18 - 2006-11-02 20:37 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-06-16 10:16 - 2014-06-16 10:16 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-16 10:08 - 2012-01-08 17:24 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-06-16 10:08 - 2009-04-03 23:25 - 00000000 ____D () C:\Users\Tan LT\Tracing
2014-06-16 10:08 - 2006-11-02 21:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-16 10:08 - 2006-11-02 20:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-16 10:08 - 2006-11-02 20:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-16 05:44 - 2006-11-02 21:01 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-16 04:29 - 2014-06-16 04:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-16 04:29 - 2012-06-25 00:21 - 00001890 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-16 04:17 - 2014-06-16 04:06 - 00026624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-06-16 03:54 - 2014-06-16 03:54 - 00000000 ____D () C:\Windows\ERUNT
2014-06-16 03:29 - 2008-06-16 08:01 - 00400278 _____ () C:\Windows\PFRO.log
2014-06-16 03:28 - 2012-06-25 00:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-16 03:28 - 2011-10-30 13:31 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-16 03:27 - 2014-06-16 03:23 - 00000000 ____D () C:\AdwCleaner
2014-06-16 03:27 - 2014-06-16 02:23 - 00000000 ____D () C:\Users\Tan LT\Desktop\Brother Bear
2014-06-16 03:08 - 2006-11-02 18:33 - 00703516 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-16 02:47 - 2007-04-19 05:29 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-16 02:45 - 2014-06-16 02:41 - 00006014 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log
2014-06-16 02:45 - 2007-04-19 05:29 - 00000000 ____D () C:\Program Files\Java
2014-06-16 02:36 - 2006-11-02 20:52 - 00093531 _____ () C:\Windows\setupact.log
2014-06-16 01:38 - 2010-10-20 20:25 - 00000000 ____D () C:\Users\Tan LT\AppData\Local\Windows Live
2014-06-16 01:32 - 2010-04-03 17:21 - 00000000 ____D () C:\Users\Tan LT\AppData\Local\Trend Micro
2014-06-16 01:32 - 2010-04-03 17:19 - 00000000 ____D () C:\Users\Public\Documents\Trend Micro
2014-06-10 06:01 - 2014-06-16 04:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Tan LT\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-10 03:59 - 2014-06-16 04:52 - 94714880 _____ (AVAST Software) C:\Users\Tan LT\Downloads\avast_free_antivirus_setup.exe
2014-06-10 03:59 - 2014-06-16 04:52 - 94714880 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup.exe
2014-06-08 16:06 - 2012-02-19 18:30 - 00000000 ____D () C:\Users\Tan LT\AppData\Roaming\Applian FLV and Media Player
2014-06-08 15:47 - 2012-01-25 16:34 - 00000000 ____D () C:\Users\Tan LT\Desktop\lalu
2014-06-08 15:19 - 2008-07-06 20:56 - 00017408 _____ () C:\Users\Tan LT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-08 14:19 - 2009-04-19 14:46 - 00002555 _____ () C:\Users\Tan LT\Desktop\Microsoft Word.lnk
2014-06-08 14:12 - 2013-11-02 21:16 - 00000000 ____D () C:\Users\Tan LT\Desktop\samsung note 8
2014-05-26 23:49 - 2014-03-20 22:36 - 00000000 ____D () C:\Users\Tan LT\Desktop\faith
2014-05-25 19:37 - 2011-10-23 16:28 - 00000000 ____D () C:\game
2014-05-25 19:36 - 2011-10-18 22:05 - 00000000 ____D () C:\Program Files\Mobile Partner
2014-05-25 19:34 - 2008-12-21 15:42 - 00000000 ____D () C:\Users\Tan LT\Documents\FinePrint files
2014-05-24 00:57 - 2014-05-14 09:58 - 00000000 ____D () C:\Users\Tan LT\Desktop\xiao yu er
Files to move or delete:
====================
C:\Users\Tan LT\AppData\Roaming\desktop.ini

Some content of TEMP:
====================
C:\Users\Tan LT\AppData\Local\Temp\63976uninstall.exe
C:\Users\Tan LT\AppData\Local\Temp\Absolutist_Games.exe
C:\Users\Tan LT\AppData\Local\Temp\AdobeUpdater12345.exe
C:\Users\Tan LT\AppData\Local\Temp\APNSetup.exe
C:\Users\Tan LT\AppData\Local\Temp\atl80.dll
C:\Users\Tan LT\AppData\Local\Temp\AutoDetect.exe
C:\Users\Tan LT\AppData\Local\Temp\BackupSetup.exe
C:\Users\Tan LT\AppData\Local\Temp\contentDATs.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate02.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate03.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate04.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate05.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate06.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate07.exe
C:\Users\Tan LT\AppData\Local\Temp\FlashPlayerUpdate08.exe
C:\Users\Tan LT\AppData\Local\Temp\GLF8A4D.tmp.tbFree.dll
C:\Users\Tan LT\AppData\Local\Temp\GLFA710.tmp.tbFree.dll
C:\Users\Tan LT\AppData\Local\Temp\GLFE1BF.tmp.tbFree.dll
C:\Users\Tan LT\AppData\Local\Temp\InstallAX.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-6u15-windows-i586-iftw.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-6u19-windows-i586-iftw-rv.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Tan LT\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Tan LT\AppData\Local\Temp\libexpat.dll
C:\Users\Tan LT\AppData\Local\Temp\mfc80.dll
C:\Users\Tan LT\AppData\Local\Temp\mfc80u.dll
C:\Users\Tan LT\AppData\Local\Temp\mfcm80.dll
C:\Users\Tan LT\AppData\Local\Temp\mfcm80u.dll
C:\Users\Tan LT\AppData\Local\Temp\mPlayer.dj.dll
C:\Users\Tan LT\AppData\Local\Temp\msvcm80.dll
C:\Users\Tan LT\AppData\Local\Temp\msvcp80.dll
C:\Users\Tan LT\AppData\Local\Temp\msvcr80.dll
C:\Users\Tan LT\AppData\Local\Temp\nlsdl.dll
C:\Users\Tan LT\AppData\Local\Temp\nsj560D.tmp.ConduitEngineEmbbed.exe
C:\Users\Tan LT\AppData\Local\Temp\nsm6806.tmp.ConduitEngineEmbbed.exe
C:\Users\Tan LT\AppData\Local\Temp\Quarantine.exe
C:\Users\Tan LT\AppData\Local\Temp\scs.exe
C:\Users\Tan LT\AppData\Local\Temp\Sqlite3.dll
C:\Users\Tan LT\AppData\Local\Temp\Stp61FF_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\Stp74A4_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\Stp7F9C_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\Stp88FF_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\Stp8BCC_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\Stp9609_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\Stp9697_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpBA9B_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpC082_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpC277_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpCAEF_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpCE3A_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpD099_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpD146_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpD433_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpD6E1_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpD885_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpD8B4_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpDAC7_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpE1C8_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpE2C2_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\StpED7B_TMP.EXE
C:\Users\Tan LT\AppData\Local\Temp\tbFre2.dll
C:\Users\Tan LT\AppData\Local\Temp\tbFree.dll
C:\Users\Tan LT\AppData\Local\Temp\TB_4ECD.exe
C:\Users\Tan LT\AppData\Local\Temp\tmdbg32.dll
C:\Users\Tan LT\AppData\Local\Temp\uninst1.exe
C:\Users\Tan LT\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\Tan LT\AppData\Local\Temp\VMC2700.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\VMC2B72.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\VMC4173.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\VMC6132.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\VMCA38E.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\VMCCB1C.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\VMCD190.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\VMCD75B.tmphelper.exe
C:\Users\Tan LT\AppData\Local\Temp\wlsetup-cvr.exe

==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-16 10:14
==================== End Of Log ============================

 

This time no additional.txt log.

 

BTW, I've McAfee Security Scan on my laptop, do I have to uninstall to prevent complication?