Untitled

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.18.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19400
Oni :: ONI-PC [administrator]

2/18/2013 5:50:42 PM
mbam-log-2013-02-18 (17-50-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 208162
Time elapsed: 10 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Oni\AppData\Local\temp\doehuzxdz\doehuzxdz.dll (Trojan.Labedo) -> Quarantined and deleted successfully.

(end)


MiniToolBox by Farbar  Version:10-01-2013
Ran by Oni (administrator) on 18-02-2013 at 18:18:03
Running from "C:\Users\Oni\Desktop"
Windows Vista (TM) Home Basic Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter = Wireless Network Connection (Connected)
Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Local Area Connection* 19" address=10.21.16.66


popd
# End of IPv4 configuration


Windows IP Configuration

   Host Name . . . . . . . . . . . . : Oni-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Local Area Connection* 19:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Anchorfree HSS Adapter
   Physical Address. . . . . . . . . : 00-FF-E5-C9-79-09
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
   Physical Address. . . . . . . . . : 00-1E-33-D3-59-41
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : Belkin
   Description . . . . . . . . . . . : Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
   Physical Address. . . . . . . . . : 00-22-5F-CD-B8-FD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.2.5(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, February 18, 2013 6:05:49 PM
   Lease Expires . . . . . . . . . . : Friday, March 28, 2149 12:46:45 AM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DNS Servers . . . . . . . . . . . : 192.168.2.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:
Address:  192.168.2.1

Name:    google.com
Addresses:  2607:f8b0:4002:801::100e
	  74.125.134.113
	  74.125.134.138
	  74.125.134.139
	  74.125.134.100
	  74.125.134.101
	  74.125.134.102


Pinging google.com [74.125.134.102] with 32 bytes of data:

Reply from 74.125.134.102: bytes=32 time=28ms TTL=44

Reply from 74.125.134.102: bytes=32 time=28ms TTL=44


Ping statistics for 74.125.134.102:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 28ms, Maximum = 28ms, Average = 28ms

Server:
Address:  192.168.2.1

Name:    yahoo.com
Addresses:  98.138.253.109
	  98.139.183.24
	  206.190.36.45


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=805ms TTL=43

Reply from 98.138.253.109: bytes=32 time=746ms TTL=43


Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 746ms, Maximum = 805ms, Average = 775ms


Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128


Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 23 ...00 ff e5 c9 79 09 ...... Anchorfree HSS Adapter
 17 ...00 1e 33 d3 59 41 ...... Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
 10 ...00 22 5f cd b8 fd ...... Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
  1 ........................... Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1      192.168.2.5     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.2.0    255.255.255.0         On-link       192.168.2.5    281
      192.168.2.5  255.255.255.255         On-link       192.168.2.5    281
    192.168.2.255  255.255.255.255         On-link       192.168.2.5    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.2.5    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.2.5    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/18/2013 06:06:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/18/2013 11:56:55 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4727

Error: (02/18/2013 11:56:55 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4727

Error: (02/18/2013 11:56:55 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/18/2013 11:56:54 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3541

Error: (02/18/2013 11:56:54 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3541

Error: (02/18/2013 11:56:54 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/18/2013 11:56:53 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2137

Error: (02/18/2013 11:56:53 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2137

Error: (02/18/2013 11:56:53 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (02/18/2013 05:14:55 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer DANIEL-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{9D493B71-F767-4098-8252-DAA7B357.
The master browser is stopping or an election is being forced.

Error: (02/18/2013 05:14:55 PM) (Source: netbt) (User: )
Description: A duplicate name has been detected on the TCP network.  The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.

Error: (02/18/2013 05:14:55 PM) (Source: netbt) (User: )
Description: A duplicate name has been detected on the TCP network.  The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.

Error: (02/18/2013 05:14:55 PM) (Source: netbt) (User: )
Description: A duplicate name has been detected on the TCP network.  The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.

Error: (02/18/2013 05:14:55 PM) (Source: netbt) (User: )
Description: A duplicate name has been detected on the TCP network.  The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.

Error: (02/18/2013 05:14:49 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{9D493B71-F767-4098-8252-DAA7B357177C}.
The backup browser is stopping.

Error: (02/18/2013 11:23:05 AM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{9D493B71-F767-4098-8252-DAA7B357177C}.
The backup browser is stopping.

Error: (02/18/2013 08:18:56 AM) (Source: DCOM) (User: )
Description: {6295DF2D-35EE-11D1-8707-00C04FD93327}

Error: (02/18/2013 01:00:01 AM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{9D493B71-F767-4098-8252-DAA7B357177C}.
The backup browser is stopping.

Error: (02/17/2013 05:16:36 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer DANIEL-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{9D493B71-F767-4098-8252-DAA7B357.
The master browser is stopping or an election is being forced.


Microsoft Office Sessions:
=========================
Error: (02/18/2013 06:02:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 83250 seconds with 1020 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-02-18 17:57:44.946
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 17:57:44.355
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 17:57:43.731
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 17:57:43.113
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 17:57:42.531
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 17:57:41.952
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 17:57:41.309
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 17:57:40.721
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 17:57:40.120
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-18 17:57:39.524
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Adobe Flash Player 11 Plugin (Version: 11.5.502.149)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Amazon Links (Version: 1.0)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ASIO4ALL
ASPCA Reminder V7F+AU by We-Care.com (Version: 4.0.5.5)
AVG 2011 (Version: 10.0.1430)
AVG 2011 (Version: 10.0.2639)
AVG PC Tuneup 2011 10.0.0.24 (Version: 10.0.0.24)
Bonjour (Version: 3.0.0.10)
CD/DVD Drive Acoustic Silencer (Version: 2.02.03)
Compatibility Pack for the 2007 Office system (Version: 12.0.4518.1014)
Dell V505
Dropbox (Version: 1.6.16)
DVD Flick 1.3.0.6 (Version: 1.3.0.6)
DVD MovieFactory for TOSHIBA (Version: 5.51)
ESET Online Scanner v3
Google Chrome (Version: 24.0.1312.57)
Google Talk Plugin (Version: 3.13.2.11592)
Google Update Helper (Version: 1.3.21.135)
HiJackThis (Version: 1.0.0)
HitmanPro 3.6 (Version: 3.6.0.160)
Hotspot Shield 2.53 (Version: 2.53)
ImgBurn (Version: 2.4.2.0)
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.5.1)
Java(TM) 6 Update 26 (Version: 6.0.260)
League of Legends (Version: 1.3)
LiveUpdate 2.6 (Symantec Corporation) (Version: 2.6.18.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 4.0.50917.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Works (Version: 9.7.0621)
Microsoft XML Parser (Version: 8.20.8730.4)
Move Media Player
Mozilla Firefox (3.6.6) (Version: 3.6.6 (en-US))
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Pando Media Booster (Version: 2.6.0.8)
Picasa 3 (Version: 3.1)
PowerISO (Version: 4.8)
QuickBooks Financial Center (Version: 1.10.0000)
QuickTime (Version: 7.72.80.56)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5599)
REALTEK RTL8187B Wireless LAN Driver (Version: Package:1.00.0026 Driver:6.1116.1226.2007)
Realtek USB 2.0 Card Reader (Version: 6.0.6000.20130)
Realtek WiFi Protected Setup Library (Version: 1.00.0026)
SafeConnect
Skype Click to Call (Version: 5.6.8442)
Skype™ 6.1 (Version: 6.1.129)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spotify (Version: 0.8.5.1333.g822e0de8)
Synaptics Pointing Device Driver (Version: 10.1.8.0)
TOSHIBA Assist (Version: 2.01.08)
TOSHIBA ConfigFree (Version: 7.2.20)
TOSHIBA Desktop Links (Version: 1.7)
TOSHIBA Disc Creator (Version: 2.0.1.3)
TOSHIBA DVD PLAYER (Version: 1.31.14)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Hardware Setup (Version: 2.00.08)
TOSHIBA Recovery Disc Creator (Version: 2.0.0.2)
Toshiba Registration (Version: 1.00.0000)
TOSHIBA Service Station (Version: 1.1.14)
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.00.04)
TOSHIBA Value Added Package (Version: 1.1.24)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Office 2007 (KB934528)
Update for Office System 2007 Setup (KB929722)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 2.0.1 (Version: 2.0.1)
WildTangent Games (Version: 1.0.0.62)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.3374)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Yahoo! Software Update

========================= Devices: ================================

Name: isatap.{0913D5A8-EAAD-4D04-821E-DF2C6404AAB0}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: isatap.launchmodem.com
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: isatap.PBA.EDU
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 2939.26 MB
Available physical RAM: 1793.59 MB
Total Pagefile: 5947.54 MB
Available Pagefile: 4422.85 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.32 MB

========================= Partitions: =====================================

1 Drive c: (SQ004981V02) (Fixed) (Total:224.2 GB) (Free:85.38 GB) NTFS

========================= Users: ========================================

User accounts for \\ONI-PC

Administrator            Guest                    Oni


**** End of log ****


Farbar Service Scanner Version: 18-02-2013
Ran by Oni (administrator) on 18-02-2013 at 18:21:25
Running from "C:\Users\Oni\Desktop"
Windows Vista (TM) Home Basic Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-02-13 12:04] - [2013-01-04 06:28] - 0905576 ____A (Microsoft Corporation) 74E2D020C47BB2B2FCCBA29A518A7EB4

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v2.112 - Logfile created 02/18/2013 at 18:22:59
# Updated 10/02/2013 by Xplode
# Operating system : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# User : Oni - ONI-PC
# Boot Mode : Normal
# Running from : C:\Users\Oni\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\.autoreg
File Found : C:\Users\Oni\AppData\Roaming\Mozilla\Firefox\Profiles\z4yq8eld.default\searchplugins\Conduit.xml
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\Free Offers from Freeze.com
Folder Found : C:\Program Files\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Premium
Folder Found : C:\ProgramData\WeCareReminder
Folder Found : C:\Users\Oni\AppData\Local\Conduit
Folder Found : C:\Users\Oni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Found : C:\Users\Oni\AppData\LocalLow\Conduit
Folder Found : C:\Users\Oni\AppData\Roaming\Mozilla\Firefox\Profiles\z4yq8eld.default\Conduit
Folder Found : C:\Users\Oni\AppData\Roaming\Mozilla\Firefox\Profiles\z4yq8eld.default\ConduitEngine
Folder Found : C:\Users\Oni\AppData\Roaming\Mozilla\Firefox\Profiles\z4yq8eld.default\CT2765711
Folder Found : C:\Users\Oni\AppData\Roaming\Mozilla\Firefox\Profiles\z4yq8eld.default\extensions\{f0381dbd-e018-4e07-ae40-d96ab15083f0}
Folder Found : C:\Users\Oni\AppData\Roaming\Mozilla\Firefox\Profiles\z4yq8eld.default\extensions\wecarereminder@bryan

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\wecarereminder
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\SOFTWARE\Software
Key Found : HKU\S-1-5-21-1508737220-1151108484-2550500073-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKU\S-1-5-21-1508737220-1151108484-2550500073-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.19400

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.hotspotshield.com/g/?c=h

-\\ Mozilla Firefox v3.6.6 (en-US)

File : C:\Users\Oni\AppData\Roaming\Mozilla\Firefox\Profiles\z4yq8eld.default\prefs.js

Found : user_pref("CT2765711..clientLogIsEnabled", false);
Found : user_pref("CT2765711..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2765711..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2765711.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2765711.CTID", "CT2765711");
Found : user_pref("CT2765711.Chat.Meebo.ServerLastCheckTime", "Sun Sep 25 2011 06:08:46 GMT-0400 (Eastern Da[...]
Found : user_pref("CT2765711.Chat.Meebo.ServerLastResponseTime", "Sun Sep 25 2011 06:08:46 GMT-0400 (Eastern[...]
Found : user_pref("CT2765711.Chat.Meebo.rooms.2030dff2c5edb1", 0);
Found : user_pref("CT2765711.Chat.Meebo.rooms.30plusa87dca4f", 0);
Found : user_pref("CT2765711.Chat.Meebo.rooms.communitychat7d6a306c", 0);
Found : user_pref("CT2765711.Chat.Meebo.rooms.entertainmentc0ed09fb", 0);
Found : user_pref("CT2765711.Chat.Meebo.rooms.health3693b665", 0);
Found : user_pref("CT2765711.Chat.Meebo.rooms.musicj375cf270", 2);
Found : user_pref("CT2765711.Chat.Meebo.rooms.newsxu117b840d", 3);
Found : user_pref("CT2765711.Chat.Meebo.rooms.recreationab17d1f9", 0);
Found : user_pref("CT2765711.Chat.Meebo.rooms.spirituality39155c53", 0);
Found : user_pref("CT2765711.Chat.Meebo.rooms.sports522528d3", 4);
Found : user_pref("CT2765711.Chat.Meebo.rooms.technology8bb9fd5b", 1);
Found : user_pref("CT2765711.Chat.Meebo.rooms.teenagers833b8249", 0);
Found : user_pref("CT2765711.Chat.Meebo.rooms.travel8c2e48db", 0);
Found : user_pref("CT2765711.Chat.Meebo.rooms.videogames2fe066e0", 0);
Found : user_pref("CT2765711.Chat.ServerLastCheckTime", "Sun Sep 25 2011 01:55:06 GMT-0400 (Eastern Daylight[...]
Found : user_pref("CT2765711.CurrentServerDate", "2-9-2012");
Found : user_pref("CT2765711.DialogsAlignMode", "LTR");
Found : user_pref("CT2765711.DownloadReferralCookieData", "");
Found : user_pref("CT2765711.FirstServerDate", "28-3-2011");
Found : user_pref("CT2765711.FirstTime", true);
Found : user_pref("CT2765711.FirstTimeFF3", true);
Found : user_pref("CT2765711.FixPageNotFoundErrors", false);
Found : user_pref("CT2765711.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2765711.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2765711.HasUserGlobalKeys", true);
Found : user_pref("CT2765711.Initialize", true);
Found : user_pref("CT2765711.InitializeCommonPrefs", true);
Found : user_pref("CT2765711.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2765711.InstalledDate", "Sun Mar 27 2011 23:43:51 GMT-0400 (Eastern Daylight Time)");
Found : user_pref("CT2765711.InvalidateCache", false);
Found : user_pref("CT2765711.IsGrouping", false);
Found : user_pref("CT2765711.IsMulticommunity", false);
Found : user_pref("CT2765711.IsOpenThankYouPage", true);
Found : user_pref("CT2765711.IsOpenUninstallPage", true);
Found : user_pref("CT2765711.LanguagePackLastCheckTime", "Sun Sep 02 2012 16:45:04 GMT-0400 (Eastern Dayligh[...]
Found : user_pref("CT2765711.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2765711.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2765711.LastLogin_3.2.1.3", "Sun Sep 02 2012 16:45:04 GMT-0400 (Eastern Daylight Time)"[...]
Found : user_pref("CT2765711.LatestVersion", "3.14.1.0");
Found : user_pref("CT2765711.Locale", "en-us");
Found : user_pref("CT2765711.MCDetectTooltipHeight", "83");
Found : user_pref("CT2765711.MCDetectTooltipShow", false);
Found : user_pref("CT2765711.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2765711.MCDetectTooltipWidth", "295");
Found : user_pref("CT2765711.RadioIsPodcast", false);
Found : user_pref("CT2765711.RadioLastCheckTime", "Tue Jan 31 2012 09:04:41 GMT-0500 (Eastern Standard Time)[...]
Found : user_pref("CT2765711.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2765711.RadioLastUpdateServer", "3");
Found : user_pref("CT2765711.RadioMediaID", "9962");
Found : user_pref("CT2765711.RadioMediaType", "Media Player");
Found : user_pref("CT2765711.RadioMenuSelectedID", "EBRadioMenu_CT27657119962");
Found : user_pref("CT2765711.RadioStationName", "California%20Rock");
Found : user_pref("CT2765711.RadioStationURL", "hxxp://feedlive.net/california.asx");
Found : user_pref("CT2765711.SHRINK_TOOLBAR", 1);
Found : user_pref("CT2765711.SearchBoxWidth", 138);
Found : user_pref("CT2765711.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2765711.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT276[...]
Found : user_pref("CT2765711.SearchInNewTabEnabled", true);
Found : user_pref("CT2765711.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2765711.SearchInNewTabLastCheckTime", "Sun Sep 02 2012 16:45:01 GMT-0400 (Eastern Dayli[...]
Found : user_pref("CT2765711.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2765711.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Found : user_pref("CT2765711.ServiceMapLastCheckTime", "Sun Sep 02 2012 16:45:01 GMT-0400 (Eastern Daylight [...]
Found : user_pref("CT2765711.SettingsLastCheckTime", "Sun Sep 02 2012 16:45:00 GMT-0400 (Eastern Daylight Ti[...]
Found : user_pref("CT2765711.SettingsLastUpdate", "1346236827");
Found : user_pref("CT2765711.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2765711.ThirdPartyComponentsLastCheck", "Sun Sep 02 2012 16:45:00 GMT-0400 (Eastern Day[...]
Found : user_pref("CT2765711.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2765711.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Found : user_pref("CT2765711.Uninstall", false);
Found : user_pref("CT2765711.UserID", "UN24486662282570515");
Found : user_pref("CT2765711.ValidationData_Search", 2);
Found : user_pref("CT2765711.ValidationData_Toolbar", 2);
Found : user_pref("CT2765711.alertChannelId", "1157832");
Found : user_pref("CT2765711.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Found : user_pref("CT2765711.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Found : user_pref("CT2765711.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Found : user_pref("CT2765711.backendstorage./9b+7e.:2z527", "247E6F727174354379453A3D2A722C757A787D312833232[...]
Found : user_pref("CT2765711.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Found : user_pref("CT2765711.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Found : user_pref("CT2765711.backendstorage./9b+7e06cg5el8:", "6E6D6F6F737273707572");
Found : user_pref("CT2765711.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737575797879767B78242F4B4947[...]
Found : user_pref("CT2765711.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Found : user_pref("CT2765711.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Found : user_pref("CT2765711.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Found : user_pref("CT2765711.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Found : user_pref("CT2765711.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Found : user_pref("CT2765711.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Found : user_pref("CT2765711.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Found : user_pref("CT2765711.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Found : user_pref("CT2765711.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Found : user_pref("CT2765711.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Found : user_pref("CT2765711.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Found : user_pref("CT2765711.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Found : user_pref("CT2765711.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Found : user_pref("CT2765711.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Found : user_pref("CT2765711.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Found : user_pref("CT2765711.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Found : user_pref("CT2765711.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Found : user_pref("CT2765711.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Found : user_pref("CT2765711.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Found : user_pref("CT2765711.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Found : user_pref("CT2765711.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Found : user_pref("CT2765711.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Found : user_pref("CT2765711.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Found : user_pref("CT2765711.backendstorage./9b-0?3g>d", "6A6A6B3F6C3F75437A747075472049784D7A25797D4F522A25[...]
Found : user_pref("CT2765711.backendstorage./9b-0?3g@6:5;", "");
Found : user_pref("CT2765711.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Found : user_pref("CT2765711.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Found : user_pref("CT2765711.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Found : user_pref("CT2765711.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484775213F3E484F4E4D464[...]
Found : user_pref("CT2765711.backendstorage./9b5ba==9cjag", "3E6A3F6E3D3F43417A7844447B734878784D4F5120");
Found : user_pref("CT2765711.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F6F737273707673777972");
Found : user_pref("CT2765711.backendstorage./9b9643g3/9e", "6A");
Found : user_pref("CT2765711.backendstorage./9b<:222h64<", "393F352F3E");
Found : user_pref("CT2765711.backendstorage./9b=+03eh8h8j?:", "4443");
Found : user_pref("CT2765711.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Found : user_pref("CT2765711.backendstorage./9b?b0d:8aj62<h", "6D");
Found : user_pref("CT2765711.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Found : user_pref("CT2765711.backendstorage.cb_experience_000", "31");
Found : user_pref("CT2765711.backendstorage.cb_firstuse0100", "31");
Found : user_pref("CT2765711.backendstorage.cb_user_id_000", "43423537383839363039313833395F46697265666F78")[...]
Found : user_pref("CT2765711.backendstorage.cbcountry_000", "5553");
Found : user_pref("CT2765711.backendstorage.cbcountry_001", "5553");
Found : user_pref("CT2765711.backendstorage.cbfirsttime", "5765642044656320323820323031312031333A31393A31332[...]
Found : user_pref("CT2765711.backendstorage.gk_hsselite_notif_sent", "73656E74");
Found : user_pref("CT2765711.backendstorage.gk_iolo_notif2_sent", "73656E74");
Found : user_pref("CT2765711.backendstorage.gk_webroot_notif_sent", "73656E74");
Found : user_pref("CT2765711.backendstorage.hss_gk_notif_sent", "73656E74");
Found : user_pref("CT2765711.backendstorage.installationdate0.2180191645578123", "31333235303936333531343937[...]
Found : user_pref("CT2765711.backendstorage.installationdate0.2646799591156723", "31333339363632383332303736[...]
Found : user_pref("CT2765711.backendstorage.installationdate0.2690270998198123", "31333335303634393637393336[...]
Found : user_pref("CT2765711.backendstorage.installationdate0.2690291778262231", "31333136383330333135363439[...]
Found : user_pref("CT2765711.backendstorage.printitgreenstatus", "74727565");
Found : user_pref("CT2765711.backendstorage.shoppingapp.gk.exipres", "4672692053657020303720323031322031363A[...]
Found : user_pref("CT2765711.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");
Found : user_pref("CT2765711.backendstorage.toolbarappheartbeat", "7B223132393736363335343839303631323838342[...]
Found : user_pref("CT2765711.backendstorage.toolbarnotificationheartbeat", "7B2274797065223A2268656172746265[...]
Found : user_pref("CT2765711.backendstorage.toolbarnotificationqueue", "5B7B22617070223A302E3236343637393935[...]
Found : user_pref("CT2765711.backendstorage.toolbarnotificationsettings", "7B2273656E644E6F74696669636174696[...]
Found : user_pref("CT2765711.backendstorage.toolbarnotificationuserid", "3136313035353533363632");
Found : user_pref("CT2765711.backendstorage.url_history", "687474703A2F2F7777772E676E632E636F6D2F70726F64756[...]
Found : user_pref("CT2765711.backendstorage.url_history0001", "68747470733A2F2F7777772E676F6F676C652E636F6D3[...]
Found : user_pref("CT2765711.backendstorage.url_history_time", "31333236303537343033373633");
Found : user_pref("CT2765711.backendstorage.welcome_dialog_displayed", "646973706C61796564");
Found : user_pref("CT2765711.components.1000034", false);
Found : user_pref("CT2765711.components.1000082", false);
Found : user_pref("CT2765711.components.1000234", false);
Found : user_pref("CT2765711.myStuffEnabled", true);
Found : user_pref("CT2765711.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2765711.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2765711.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2765711.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2765711.testingCtid", "");
Found : user_pref("CT2765711.toolbarAppMetaDataLastCheckTime", "Sun Sep 02 2012 16:45:03 GMT-0400 (Eastern D[...]
Found : user_pref("CT2765711.toolbarContextMenuLastCheckTime", "Sun Mar 27 2011 23:43:51 GMT-0400 (Eastern D[...]
Found : user_pref("CT2765711.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2765711/CT2765711[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1157832/1153519/US", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2765711", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"c912886ea3ba02[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2765711&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2765711/CT2765711[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Found : user_pref("CommunityToolbar.EngineOwner", "CT2765711");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{f0381dbd-e018-4e07-ae40-d96ab15083f0}");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "af-hss");
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2765711");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{f0381dbd-e018-4e07-ae40-d96ab15083f0}");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "af-hss");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2765711");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2765711");
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Sep 02 2012 16:44:59 GMT-0400 (Easte[...]
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Sep 02 2012 16:44:59 GMT-0400 (Eastern D[...]
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "a5ce8d29-6915-4a24-af2f-a1934459ab2c");
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2765711");
Found : user_pref("ConduitEngine.FirstServerDate", "03/28/2011 06");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstalledDate", "Sun Mar 27 2011 23:43:49 GMT-0400 (Eastern Daylight Time)"[...]
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Jun 27 2011 21:35:53 GMT-0400 (Eastern Day[...]
Found : user_pref("ConduitEngine.LastLogin_3.2.1.3", "Mon Jun 27 2011 21:35:53 GMT-0400 (Eastern Daylight Ti[...]
Found : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Jun 27 2011 21:35:48 GMT-0400 (Eastern Dayligh[...]
Found : user_pref("ConduitEngine.UserID", "UN87942782515198346");
Found : user_pref("ConduitEngine.engineLocale", "en-US");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Jun 27 2011 21:35:53 GMT-0400 (Easte[...]
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("browser.search.defaultthis.engineName", "AF-HSS Customized Web Search");
Found : user_pref("browser.startup.homepage", "hxxp://search.hotspotshield.com/g/?c=h");

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Oni\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [27585 octets] - [18/02/2013 18:22:59]

########## EOF - C:\AdwCleaner[R1].txt - [27646 octets] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.5 (02.18.2013:1)
OS: Windows Vista (TM) Home Basic x86
Ran by Oni on Mon 02/18/2013 at 18:36:49.64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


~~~ Services


~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{f0381dbd-e018-4e07-ae40-d96ab15083f0}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-1508737220-1151108484-2550500073-1000\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-1508737220-1151108484-2550500073-1000\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{d4027c7f-154a-4066-a1ad-4243d8127440}


~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_local_machine\software\freeze.com
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduitsearchscopes
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\iehelperv2.5.0.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\yontooieclient.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\iehelperv250.wecarereminder
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\iehelperv250.wecarereminder.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\yontooieclient.api
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\yontooieclient.api.1
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{d824f0de-3d60-4f57-9eb1-66033ecd8abb}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{d824f0de-3d60-4f57-9eb1-66033ecd8abb}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{f9e4a054-e9b1-4bc3-83a3-76a1ae736170}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{f9e4a054-e9b1-4bc3-83a3-76a1ae736170}


~~~ Files


~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\wecarereminder"
Successfully deleted: [Folder] "C:\Users\Oni\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Oni\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Oni\appdata\locallow\whitesmoketoolbar"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\free offers from freeze.com"
Successfully deleted: [Folder] "C:\Program Files\whitesmoketoolbar"


~~~ FireFox

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\bing-zugo.xml"
Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\websearch.xml"
Successfully deleted: [File] C:\Users\Oni\AppData\Roaming\mozilla\firefox\profiles\z4yq8eld.default\searchplugins\conduit.xml
Successfully deleted: [Folder] C:\Users\Oni\AppData\Roaming\mozilla\firefox\profiles\z4yq8eld.default\extensions\wecarereminder@bryan
Successfully deleted the following from C:\Users\Oni\AppData\Roaming\mozilla\firefox\profiles\z4yq8eld.default\prefs.js

user_pref("CT2765711..clientLogIsEnabled", false);
user_pref("CT2765711..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2765711..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2765711.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2765711.CTID", "CT2765711");
user_pref("CT2765711.Chat.Meebo.ServerLastCheckTime", "Sun Sep 25 2011 06:08:46 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2765711.Chat.Meebo.ServerLastResponseTime", "Sun Sep 25 2011 06:08:46 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2765711.Chat.Meebo.rooms.2030dff2c5edb1", 0);
user_pref("CT2765711.Chat.Meebo.rooms.30plusa87dca4f", 0);
user_pref("CT2765711.Chat.Meebo.rooms.communitychat7d6a306c", 0);
user_pref("CT2765711.Chat.Meebo.rooms.entertainmentc0ed09fb", 0);
user_pref("CT2765711.Chat.Meebo.rooms.health3693b665", 0);
user_pref("CT2765711.Chat.Meebo.rooms.musicj375cf270", 2);
user_pref("CT2765711.Chat.Meebo.rooms.newsxu117b840d", 3);
user_pref("CT2765711.Chat.Meebo.rooms.recreationab17d1f9", 0);
user_pref("CT2765711.Chat.Meebo.rooms.spirituality39155c53", 0);
user_pref("CT2765711.Chat.Meebo.rooms.sports522528d3", 4);
user_pref("CT2765711.Chat.Meebo.rooms.technology8bb9fd5b", 1);
user_pref("CT2765711.Chat.Meebo.rooms.teenagers833b8249", 0);
user_pref("CT2765711.Chat.Meebo.rooms.travel8c2e48db", 0);
user_pref("CT2765711.Chat.Meebo.rooms.videogames2fe066e0", 0);
user_pref("CT2765711.Chat.ServerLastCheckTime", "Sun Sep 25 2011 01:55:06 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2765711.CurrentServerDate", "2-9-2012");
user_pref("CT2765711.DialogsAlignMode", "LTR");
user_pref("CT2765711.DownloadReferralCookieData", "");
user_pref("CT2765711.FirstServerDate", "28-3-2011");
user_pref("CT2765711.FirstTime", true);
user_pref("CT2765711.FirstTimeFF3", true);
user_pref("CT2765711.FixPageNotFoundErrors", false);
user_pref("CT2765711.GroupingServerCheckInterval", 1440);
user_pref("CT2765711.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2765711.HasUserGlobalKeys", true);
user_pref("CT2765711.Initialize", true);
user_pref("CT2765711.InitializeCommonPrefs", true);
user_pref("CT2765711.InstallationAndCookieDataSentCount", 3);
user_pref("CT2765711.InstalledDate", "Sun Mar 27 2011 23:43:51 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2765711.InvalidateCache", false);
user_pref("CT2765711.IsGrouping", false);
user_pref("CT2765711.IsMulticommunity", false);
user_pref("CT2765711.IsOpenThankYouPage", true);
user_pref("CT2765711.IsOpenUninstallPage", true);
user_pref("CT2765711.LanguagePackLastCheckTime", "Sun Sep 02 2012 16:45:04 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2765711.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2765711.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2765711.LastLogin_3.2.1.3", "Sun Sep 02 2012 16:45:04 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2765711.LatestVersion", "3.14.1.0");
user_pref("CT2765711.Locale", "en-us");
user_pref("CT2765711.MCDetectTooltipHeight", "83");
user_pref("CT2765711.MCDetectTooltipShow", false);
user_pref("CT2765711.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2765711.MCDetectTooltipWidth", "295");
user_pref("CT2765711.RadioIsPodcast", false);
user_pref("CT2765711.RadioLastCheckTime", "Tue Jan 31 2012 09:04:41 GMT-0500 (Eastern Standard Time)");
user_pref("CT2765711.RadioLastUpdateIPServer", "3");
user_pref("CT2765711.RadioLastUpdateServer", "3");
user_pref("CT2765711.RadioMediaID", "9962");
user_pref("CT2765711.RadioMediaType", "Media Player");
user_pref("CT2765711.RadioMenuSelectedID", "EBRadioMenu_CT27657119962");
user_pref("CT2765711.RadioStationName", "California%20Rock");
user_pref("CT2765711.RadioStationURL", "hxxp://feedlive.net/california.asx");
user_pref("CT2765711.SHRINK_TOOLBAR", 1);
user_pref("CT2765711.SearchBoxWidth", 138);
user_pref("CT2765711.SearchFromAddressBarIsInit", true);
user_pref("CT2765711.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2765711&q=");
user_pref("CT2765711.SearchInNewTabEnabled", true);
user_pref("CT2765711.SearchInNewTabIntervalMM", 1440);
user_pref("CT2765711.SearchInNewTabLastCheckTime", "Sun Sep 02 2012 16:45:01 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2765711.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2765711.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
user_pref("CT2765711.ServiceMapLastCheckTime", "Sun Sep 02 2012 16:45:01 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2765711.SettingsLastCheckTime", "Sun Sep 02 2012 16:45:00 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2765711.SettingsLastUpdate", "1346236827");
user_pref("CT2765711.ThirdPartyComponentsInterval", 504);
user_pref("CT2765711.ThirdPartyComponentsLastCheck", "Sun Sep 02 2012 16:45:00 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2765711.ThirdPartyComponentsLastUpdate", "1331805997");
user_pref("CT2765711.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
user_pref("CT2765711.Uninstall", false);
user_pref("CT2765711.UserID", "UN24486662282570515");
user_pref("CT2765711.ValidationData_Search", 2);
user_pref("CT2765711.ValidationData_Toolbar", 2);
user_pref("CT2765711.alertChannelId", "1157832");
user_pref("CT2765711.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D474549484C5952594B335E5356432C45333438334A414C546660576364676F6A5E4B766B6E5B
user_pref("CT2765711.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C4748402C574C4F3C253E2C2E2B2F433A454E59505B57676A66426D62455E69543D56444643465B
user_pref("CT2765711.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462B554A4D4B4749594D33535D4F432C45333439344A414C565B5E6C656E706C7164736D4D786D
user_pref("CT2765711.backendstorage./9b+7e.:2z527", "247E6F727174354379453A3D2A722C757A787D31283323242B4953542E594E513E27402A2B3230453C47323B3C5564606A436E6366533C553F4447445A
user_pref("CT2765711.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F564654524C474A595A4851505E51523964595C49324B393C3B3E5047525D6C6A6B6F786D6850
user_pref("CT2765711.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C4343534E2D585B3C253E2C302E34433A45515862695E675A416C6164513A5341454348584F5A66
user_pref("CT2765711.backendstorage./9b+7e06cg5el8:", "6E6D6F6F737273707572");
user_pref("CT2765711.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737575797879767B78242F4B49474F42357D5D5C3D");
user_pref("CT2765711.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E41295547484D515A4E5A59325D5255422B443237303749404B585E685E706E6E6674626E696B4D786D
user_pref("CT2765711.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473E454745482F5A4F523F2841302D2F33463D48566265685C6B675F6D70604873686B58415A49
user_pref("CT2765711.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D3229344356554E472E594E51325E4F412A4335373231483F4A59655F5F626C5B717369756975744D786D
user_pref("CT2765711.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352C37474B59574B4A4858584E5E3762573A535E49324B3A3D3F3B504752626C625D75786D766A
user_pref("CT2765711.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A522B55553A233C2B2F282941384354515E5D56615F56685C426D6265523B544346494A59505B
user_pref("CT2765711.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D49564A50592E594E314A55402942322E332F473E495B5D595A6A5E58707262674974696C59425B
user_pref("CT2765711.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B364953545259585A5A50524E36615659462F4838353D3C4D444F626C6D6B72716A77614D786D
user_pref("CT2765711.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A312833474745445159575B504B504B4D5E545553533A655A5D4A334C3C3B3A395148536775636367757567
user_pref("CT2765711.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E782332293449565540472E594E513E274030323533453C475C5558636A656E625E6C616B7068734B766B6E5B
user_pref("CT2765711.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4F44504C4754585C5048345F5457442D46373135344B424D636B5D5F5F73696B4A756A6D5A43
user_pref("CT2765711.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A30273249485545442C574C4F3C253E2F2A2D2D433A455C67555B5E3F6A5F624F3851423D403F564D586F7A68
user_pref("CT2765711.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354D462C574C4F3C253E2F2B2B31433A455D6356575C5C5A416C6164513A5344404045584F5A72
user_pref("CT2765711.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352C37502E4F4747315C5154412A4334313738483F4A635F5A6A645E625A4772676A5740594A47
user_pref("CT2765711.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B36505459574C554F515B345F5457442D46373637384B424D676B706E606F61666B63664D786D
user_pref("CT2765711.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A35504F5346482F5A4F523F28413233342F463D48635C5D66626A436E6366533C55464748425A51
user_pref("CT2765711.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3652504C5249555256525C35605558452E47383B38364C434E6A706F5F65635D736F67757868
user_pref("CT2765711.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2A554A2D46513C253E302B332C433A45626756516259655F5F436E63465F6A553E5749444C44
user_pref("CT2765711.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A52404548564F58315C5154412A4335342F37483F4A68646B645D5E626462616D6971726B6C78
user_pref("CT2765711.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57");
user_pref("CT2765711.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352C37565949484E4F51525C4E4C55535B54605A5A3E695E614E37503B3D41544B567575656D73
user_pref("CT2765711.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E3128335351565551575A4F584C5E335E5356432C4534383649404B6B59566C686B46716669563F58474B48
user_pref("CT2765711.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C484A2C574C2F48533E27403233433A45665B68505C5E406B6E4F38514343544B56776C79616D
user_pref("CT2765711.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215642542D584D503D263F2D2E2E2E443B4635645E6669595C6062686F5C7363716F696467764F
user_pref("CT2765711.backendstorage./9b-0?3g>d", "6A6A6B3F6C3F75437A747075472049784D7A25797D4F522A25295856242C2A59592C602B");
user_pref("CT2765711.backendstorage./9b-0?3g@6:5;", "");
user_pref("CT2765711.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
user_pref("CT2765711.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232C2F30313237425C6453685A64536C56685C5C676264523B6F756B65745D
user_pref("CT2765711.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
user_pref("CT2765711.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484775213F3E484F4E4D4648502B564B4E2E5959595F4C564F3764535750");
user_pref("CT2765711.backendstorage./9b5ba==9cjag", "3E6A3F6E3D3F43417A7844447B734878784D4F5120");
user_pref("CT2765711.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F6F737273707673777972");
user_pref("CT2765711.backendstorage./9b9643g3/9e", "6A");
user_pref("CT2765711.backendstorage./9b<:222h64<", "393F352F3E");
user_pref("CT2765711.backendstorage./9b=+03eh8h8j?:", "4443");
user_pref("CT2765711.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
user_pref("CT2765711.backendstorage./9b?b0d:8aj62<h", "6D");
user_pref("CT2765711.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
user_pref("CT2765711.backendstorage.cb_experience_000", "31");
user_pref("CT2765711.backendstorage.cb_firstuse0100", "31");
user_pref("CT2765711.backendstorage.cb_user_id_000", "43423537383839363039313833395F46697265666F78");
user_pref("CT2765711.backendstorage.cbcountry_000", "5553");
user_pref("CT2765711.backendstorage.cbcountry_001", "5553");
user_pref("CT2765711.backendstorage.cbfirsttime", "5765642044656320323820323031312031333A31393A313320474D542D3035303020284561737465726E205374616E646172642054696D6529");
user_pref("CT2765711.backendstorage.gk_hsselite_notif_sent", "73656E74");
user_pref("CT2765711.backendstorage.gk_iolo_notif2_sent", "73656E74");
user_pref("CT2765711.backendstorage.gk_webroot_notif_sent", "73656E74");
user_pref("CT2765711.backendstorage.hss_gk_notif_sent", "73656E74");
user_pref("CT2765711.backendstorage.installationdate0.2180191645578123", "31333235303936333531343937");
user_pref("CT2765711.backendstorage.installationdate0.2646799591156723", "31333339363632383332303736");
user_pref("CT2765711.backendstorage.installationdate0.2690270998198123", "31333335303634393637393336");
user_pref("CT2765711.backendstorage.installationdate0.2690291778262231", "31333136383330333135363439");
user_pref("CT2765711.backendstorage.printitgreenstatus", "74727565");
user_pref("CT2765711.backendstorage.shoppingapp.gk.exipres", "4672692053657020303720323031322031363A34353A313620474D542D3034303020284561737465726E204461796C696768742054696D652
user_pref("CT2765711.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");
user_pref("CT2765711.backendstorage.toolbarappheartbeat", "7B22313239373636333534383930363132383834223A313333393636323833323036317D");
user_pref("CT2765711.backendstorage.toolbarnotificationheartbeat", "7B2274797065223A22686561727462656174222C2274696D65223A313333393636333438383433312C2275726C223A2268747470733
user_pref("CT2765711.backendstorage.toolbarnotificationqueue", "5B7B22617070223A302E323634363739393539313135363732332C2261726773223A7B226964223A302E323634363739393539313135363
user_pref("CT2765711.backendstorage.toolbarnotificationsettings", "7B2273656E644E6F74696669636174696F6E73223A7B22616C6C223A747275652C2261707073223A7B22302E32363930323931373738
user_pref("CT2765711.backendstorage.toolbarnotificationuserid", "3136313035353533363632");
user_pref("CT2765711.backendstorage.url_history", "687474703A2F2F7777772E676E632E636F6D2F70726F647563742F696E6465782E6A73703F70726F6475637449643D31313439393836322663703D333539
user_pref("CT2765711.backendstorage.url_history0001", "68747470733A2F2F7777772E676F6F676C652E636F6D3A3A3A636C69636B68616E646C65723A3A3A313333393636333932363833382C2C2C68747470
user_pref("CT2765711.backendstorage.url_history_time", "31333236303537343033373633");
user_pref("CT2765711.backendstorage.welcome_dialog_displayed", "646973706C61796564");
user_pref("CT2765711.components.1000034", false);
user_pref("CT2765711.components.1000082", false);
user_pref("CT2765711.components.1000234", false);
user_pref("CT2765711.myStuffEnabled", true);
user_pref("CT2765711.myStuffPublihserMinWidth", 400);
user_pref("CT2765711.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2765711.myStuffServiceIntervalMM", 1440);
user_pref("CT2765711.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2765711.testingCtid", "");
user_pref("CT2765711.toolbarAppMetaDataLastCheckTime", "Sun Sep 02 2012 16:45:03 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2765711.toolbarContextMenuLastCheckTime", "Sun Mar 27 2011 23:43:51 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2765711.usagesFlag", 2);
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2765711/CT2765711", "\"3c0dfcc67fcf730e92b5ed03c477c1852\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1157832/1153519/US", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2765711", "\"1323697829\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "L+tncv4eqt6Qm5T3dzChdA==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "0uSPYx+Kl2jpu8sJZMeHjw==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "QmycQXJXVyFVAzIiNllWhQ==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "K4Vqu91uAzWURlxJRdXJOg==");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"c912886ea3ba021d3a9ef2d6ad700899\"");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2765711&octid=CT2765711", "\"1322149503\"");
user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2765711/CT2765711", "\"1316671580\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer_dead.gif", "\"0a8c48d3330c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.gif", "\"0e2106f3030c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif", "\"0f475394430c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif", "\"08d9ef44430c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif", "\"066e8863030c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"42a238c571d281fb3cd99a6a8f620954\"");
user_pref("CommunityToolbar.EngineOwner", "CT2765711");
user_pref("CommunityToolbar.EngineOwnerGuid", "{f0381dbd-e018-4e07-ae40-d96ab15083f0}");
user_pref("CommunityToolbar.EngineOwnerToolbarId", "af-hss");
user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_ext_msg_key_22210766", "356x332");
user_pref("CommunityToolbar.OriginalEngineOwner", "CT2765711");
user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{f0381dbd-e018-4e07-ae40-d96ab15083f0}");
user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "af-hss");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2765711");
user_pref("CommunityToolbar.ToolbarsList2", "CT2765711");
user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Sep 02 2012 16:44:59 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Sep 02 2012 16:44:59 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "a5ce8d29-6915-4a24-af2f-a1934459ab2c");
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2765711");
user_pref("ConduitEngine.FirstServerDate", "03/28/2011 06");
user_pref("ConduitEngine.FirstTime", true);
user_pref("ConduitEngine.FirstTimeFF3", true);
user_pref("ConduitEngine.HasUserGlobalKeys", true);
user_pref("ConduitEngine.Initialize", true);
user_pref("ConduitEngine.InitializeCommonPrefs", true);
user_pref("ConduitEngine.InstalledDate", "Sun Mar 27 2011 23:43:49 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.IsMulticommunity", false);
user_pref("ConduitEngine.IsOpenThankYouPage", false);
user_pref("ConduitEngine.IsOpenUninstallPage", true);
user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Jun 27 2011 21:35:53 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.LastLogin_3.2.1.3", "Mon Jun 27 2011 21:35:53 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.PublisherContainerWidth", 0);
user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Jun 27 2011 21:35:48 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.UserID", "UN87942782515198346");
user_pref("ConduitEngine.engineLocale", "en-US");
user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Jun 27 2011 21:35:53 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.initDone", true);
user_pref("browser.search.defaultthis.engineName", "AF-HSS Customized Web Search");
user_pref("browser.startup.homepage", "hxxp://search.hotspotshield.com/g/?c=h");
user_pref("extentions.y2layers.installId", "d9406a3e-c3df-4213-a3b3-cc198456737b");


~~~ Chrome

Dumping contents of C:\Users\Oni\appdata\local\Google\Chrome\User Data\Default\Default
C:\Users\Oni\appdata\local\Google\Chrome\User Data\Default\Default\aadigfdidjdhgdgcdfgddgdidededagd
C:\Users\Oni\appdata\local\Google\Chrome\User Data\Default\Default\aadigfdidjdhgdgcdfgddgdidededagd\ContentScript.js
C:\Users\Oni\appdata\local\Google\Chrome\User Data\Default\Default\aadigfdidjdhgdgcdfgddgdidededagd\manifest.json

Successfully deleted: [Folder] C:\Users\Oni\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\niapdbllcanepiiimjjndipklodoedlc


~~~ Event Viewer Logs were cleared


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 02/18/2013 at 18:44:11.95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/18/2013 06:47:47 PM in x86 mode.
Windows Version: Windows Vista (TM) Home Basic Service Pack 2

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
  * HKCU\SOFTWARE\Classes\.exe has been deleted!
  * HKCU\SOFTWARE\Classes\.bat "@" exists and is set to batfile!
  * HKCU\SOFTWARE\Classes\.bat has been deleted!
  * HKCU\SOFTWARE\Classes\.com "@" exists and is set to comfile!
  * HKCU\SOFTWARE\Classes\.com has been deleted!

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Automatic

 * msiserver => %systemroot%\system32\msiexec.exe /V [Incorrect ImagePath]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 02/18/2013 06:48:09 PM
Execution time: 0 hours(s), 0 minute(s), and 22 seconds(s)


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"	""	""	""
+ "rdpclip"	""	""	"File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "00TCrdMain"	"TOSHIBA Flash Cards"	"TOSHIBA Corporation"	"c:\program files\toshiba\flashcards\tcrdmain.exe"
+ "Adobe ARM"	"Adobe Reader and Acrobat Manager"	"Adobe Systems Incorporated"	"c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon"	"Apple Push"	"Apple Inc."	"c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "AVG_TRAY"	"AVG Tray Monitor"	"AVG Technologies CZ, s.r.o."	"c:\program files\avg\avg10\avgtray.exe"
+ "Dell V505 Fax Server"	"Fax Man Server"	""	"c:\program files\dell v505\fm3032.exe"
+ "dldwamon"	""	""	"c:\program files\dell v505\dldwamon.exe"
+ "dldwmon.exe"	"Printer Device Monitor"	""	"c:\program files\dell v505\dldwmon.exe"
+ "GrooveMonitor"	"GrooveMonitor Utility"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\groovemonitor.exe"
+ "HotKeysCmds"	"hkcmd Module"	"Intel Corporation"	"c:\windows\system32\hkcmd.exe"
+ "iTunesHelper"	"iTunesHelper"	"Apple Inc."	"c:\program files\itunes\ituneshelper.exe"
+ "Persistence"	"persistence Module"	"Intel Corporation"	"c:\windows\system32\igfxpers.exe"
+ "PWRISOVM.EXE"	"PowerISO Virtual Drive Manager"	"PowerISO Computing, Inc."	"c:\program files\poweriso\pwrisovm.exe"
+ "QuickTime Task"	"QuickTime Task"	"Apple Inc."	"c:\program files\quicktime\qttask.exe"
+ "RtHDVCpl"	"HD Audio Control Panel"	"Realtek Semiconductor"	"c:\windows\rthdvcpl.exe"
+ "SynTPEnh"	"Synaptics TouchPad Enhancements"	"Synaptics, Inc."	"c:\program files\synaptics\syntp\syntpenh.exe"
+ "TPwrMain"	"TOSHIBA Power Saver"	"TOSHIBA Corporation"	"c:\program files\toshiba\power saver\tpwrmain.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"	""	""	""
+ "SafeConnect.lnk"	"SafeConnect Client"	"Impulse Point, LLC"	"c:\program files\safeconnect\scclient.exe"
"C:\Users\Oni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"	""	""	""
+ "Dropbox.lnk"	"Dropbox"	"Dropbox, Inc."	"c:\users\oni\appdata\roaming\dropbox\bin\dropbox.exe"
+ "OneNote 2007 Screen Clipper and Launcher.lnk"	"Microsoft Office OneNote Quick Launcher"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"	""	""	""
+ "Microsoft Windows Mail 7"	"Windows Mail"	"Microsoft Corporation"	"c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "Google Update"	"Google Installer"	"Google Inc."	"c:\users\oni\appdata\local\google\update\googleupdate.exe"
+ "Pando Media Booster"	"Pando Media Booster"	""	"c:\program files\pando networks\media booster\pmb.exe"
+ "Skype"	"Skype "	"Skype Technologies S.A."	"c:\program files\skype\phone\skype.exe"
+ "Spotify Web Helper"	"SpotifyWebHelper"	"Spotify Ltd"	"c:\users\oni\appdata\roaming\spotify\data\spotifywebhelper.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter"	""	""	""
+ "text/xml"	"Microsoft Office XML MIME Filter"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler"	""	""	""
+ "grooveLocalGWS"	"GrooveSystemServices Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\groovesystemservices.dll"
+ "linkscanner"	"Safe Search pluggable protocol"	"AVG Technologies CZ, s.r.o."	"c:\program files\avg\avg10\avgpp.dll"
+ "ms-help"	"Microsoft® Help Data Services Module"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\help\hxds.dll"
+ "ms-itss"	"Microsoft® InfoTech Storage System Library"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\information retrieval\msitss.dll"
+ "skype-ie-addon-data"	"Skype Click to Call for Internet Explorer"	"Skype Technologies S.A."	"c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "skype4com"	"Skype for COM API"	"Skype Technologies"	"c:\program files\common files\skype\skype4com.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"	""	""	""
+ "Groove GFS Stub Execution Hook"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "DropboxExt"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\oni\appdata\roaming\dropbox\bin\dropboxext.17.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "AVG9 Shell Extension"	"AVG Shell Extension"	"AVG Technologies CZ, s.r.o."	"c:\program files\avg\avg10\avgse.dll"
+ "PowerISO"	"PowerISOShell DLL"	"PowerISO Computing, Inc."	"c:\program files\poweriso\pwrisosh.dll"
+ "XXX Groove GFS Context Menu Handler XXX"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"	""	""	""
+ "MBAMShlExt"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "DropboxExt"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\oni\appdata\roaming\dropbox\bin\dropboxext.17.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "PowerISO"	"PowerISOShell DLL"	"PowerISO Computing, Inc."	"c:\program files\poweriso\pwrisosh.dll"
+ "XXX Groove GFS Context Menu Handler XXX"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "DropboxExt"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\oni\appdata\roaming\dropbox\bin\dropboxext.17.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "igfxcui"	"igfxpph Module"	"Intel Corporation"	"c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"	""	""	""
+ "PDF Shell Extension"	"PDF Shell Extension"	"Adobe Systems, Inc."	"c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"	""	""	""
+ "AVG9 Shell Extension"	"AVG Shell Extension"	"AVG Technologies CZ, s.r.o."	"c:\program files\avg\avg10\avgse.dll"
+ "MBAMShlExt"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "PowerISO"	"PowerISOShell DLL"	"PowerISO Computing, Inc."	"c:\program files\poweriso\pwrisosh.dll"
+ "XXX Groove GFS Context Menu Handler XXX"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"	""	""	""
+ "DropboxExt1"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\oni\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt2"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\oni\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt3"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\oni\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt4"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\oni\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""
+ "Adobe PDF Link Helper"	"Adobe PDF Helper for Internet Explorer"	"Adobe Systems Incorporated"	"c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Safe Search"	"Safe Search for Internet Explorer"	"AVG Technologies CZ, s.r.o."	"c:\program files\avg\avg10\avgssie.dll"
+ "Groove GFS Browser Helper"	"GrooveShellExtensions Module"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Java(tm) Plug-In 2 SSV Helper"	"Java(TM) Platform SE binary"	"Sun Microsystems, Inc."	"c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Skype Browser Helper"	"Skype Click to Call for Internet Explorer"	"Skype Technologies S.A."	"c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"	""	""	""
+ "S&end to OneNote"	"Microsoft Office OneNote Internet Explorer Add-in"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\onbttnie.dll"
+ "Skype Click to Call"	"Skype Click to Call for Internet Explorer"	"Skype Technologies S.A."	"c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler"	""	""	""
+ "\Adobe Flash Player Updater"	"Adobe® Flash® Player Update Service 11.5 r502"	"Adobe Systems Incorporated"	"c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate"	"Apple Software Update"	"Apple Inc."	"c:\program files\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskMachineCore"	"Google Installer"	"Google Inc."	"c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA"	"Google Installer"	"Google Inc."	"c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1508737220-1151108484-2550500073-1000Core"	"Google Installer"	"Google Inc."	"c:\users\oni\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1508737220-1151108484-2550500073-1000UA"	"Google Installer"	"Google Inc."	"c:\users\oni\appdata\local\google\update\googleupdate.exe"
+ "\Installation App Launcher"	""	""	"c:\program files\dell v505\dldwamon.exe"
+ "\Microsoft\Windows\WindowsCalendar\Reminders - Oni"	"Windows Calendar"	"Microsoft Corporation"	"c:\program files\windows calendar\wincal.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo"	""	""	"c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo"	""	""	"c:\windows\system32\gatherwirelessinfo.vbs"
+ "\ROC_REG_JAN_DELETE"	""	""	"c:\programdata\avg january 2013 campaign\roc.exe"
+ "\{8BAB8E71-854F-4718-8E73-E422FF8DE45D}"	"Skype "	"Skype Technologies S.A."	"c:\program files\skype\phone\skype.exe"
+ "\{D5AC6903-0B38-4DBF-B280-BB863F341CD6}"	"Skype "	"Skype Technologies S.A."	"c:\program files\skype\phone\skype.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "AdobeARMservice"	"Adobe Acrobat Updater keeps your Adobe software up to date."	"Adobe Systems Incorporated"	"c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc"	"This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."	"Adobe Systems Incorporated"	"c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device"	"Provides the interface to Apple mobile devices."	"Apple Inc."	"c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVGIDSAgent"	"Provides Identity Protection Against Cyber Crime."	"AVG Technologies CZ, s.r.o."	"c:\program files\avg\avg10\identity protection\agent\bin\avgidsagent.exe"
+ "avgwd"	"AVG Watchdog Service"	"AVG Technologies CZ, s.r.o."	"c:\program files\avg\avg10\avgwdsvc.exe"
+ "Bonjour Service"	"Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."	"Apple Inc."	"c:\program files\bonjour\mdnsresponder.exe"
+ "ConfigFree Service"	"You can't stop this service, if you want to keep ConfigFree functionality fine."	"TOSHIBA CORPORATION"	"c:\program files\toshiba\configfree\cfsvcs.exe"
+ "dldw_device"	"Printer Communication System"	" "	"c:\windows\system32\dldwcoms.exe"
+ "dldwCATSCustConnectService"	"Service Executable"	""	"c:\windows\system32\spool\drivers\w32x86\3\dldwserv.exe"
+ "GameConsoleService"	"GameConsole management services"	"WildTangent, Inc."	"c:\program files\toshiba games\toshiba game console\gameconsoleservice.exe"
+ "gupdate"	"Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."	"Google Inc."	"c:\program files\google\update\googleupdate.exe"
+ "gupdatem"	"Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."	"Google Inc."	"c:\program files\google\update\googleupdate.exe"
+ "gusvc"	"Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work."	"Google"	"c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "hshld"	""	""	"c:\program files\hotspot shield\bin\openvpnas.exe"
+ "HssSrv"	""	"AnchorFree Inc."	"c:\program files\hotspot shield\hsswpr\hsssrv.exe"
+ "HssTrayService"	""	""	"c:\program files\hotspot shield\bin\hsstrayservice.exe"
+ "HssWd"	""	""	"c:\program files\hotspot shield\bin\hsswd.exe"
+ "IAANTMON"	"RAID Monitor"	"Intel Corporation"	"c:\program files\intel\intel matrix storage manager\iaantmon.exe"
+ "IDriverT"	"Provides support for the Running Object Table for InstallShield Drivers"	"Macrovision Corporation"	"c:\program files\common files\installshield\driver\1150\intel 32\idrivert.exe"
+ "iPod Service"	"iPod hardware management services"	"Apple Inc."	"c:\program files\ipod\bin\ipodservice.exe"
+ "MBAMScheduler"	"Malwarebytes Anti-Malware scheduler"	"Malwarebytes Corporation"	"c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService"	"Malwarebytes Anti-Malware service"	"Malwarebytes Corporation"	"c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft Office Groove Audit Service"	"Groove Audit Service"	"Microsoft Corporation"	"c:\program files\microsoft office\office12\grooveauditservice.exe"
+ "odserv"	"Run portions of Microsoft Office Diagnostics."	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose"	"Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "SCManager"	"SafeConnect Service"	"Impulse Point, LLC"	"c:\program files\safeconnect\scmanager.sys"
+ "SkypeUpdate"	"Enables the detection, download and installation of updates for Skype."	"Skype Technologies"	"c:\program files\skype\updater\updater.exe"
+ "TMachInfo"	"TOSHIBA Machine Information Service"	"TOSHIBA Corporation"	"c:\program files\toshiba\toshiba service station\tmachinfo.exe"
+ "TNaviSrv"	"TOSHIBA Navi Support Service"	"TOSHIBA Corporation"	"c:\program files\toshiba\toshiba dvd player\tnavisrv.exe"
+ "TODDSrv"	"TDCSrv Application"	"TOSHIBA Corporation"	"c:\windows\system32\toddsrv.exe"
+ "TosCoSrv"	"TOSHIBA Power Saver manages power saving settings supported by TOSHIBA. These settings will not work if the service has stopped."	"TOSHIBA Corporation"	"c:\program files\toshiba\power saver\toscosrv.exe"
+ "TOSHIBA SMART Log Service"	"TosIPCSrv.exe"	"TOSHIBA Corporation"	"c:\program files\toshiba\smartlogservice\tosipcsrv.exe"
+ "UleadBurningHelper"	"ULCDRSvr"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe"
+ "WinDefend"	"Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions."	"Microsoft Corporation"	"c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc"	"Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService"	"Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements."	"Yahoo! Inc."	"c:\program files\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "AgereSoftModem"	"SoftModem Device Driver"	"Agere Systems"	"c:\windows\system32\drivers\agrsm.sys"
+ "AVGIDSDriver"	"AVG Technologies IDS Application Activity Monitor Driver"	"AVG Technologies CZ, s.r.o. "	"c:\windows\system32\drivers\avgidsdriver.sys"
+ "AVGIDSEH"	"AVG Technologies IDS Application Activity Monitor Helper Driver"	"AVG Technologies CZ, s.r.o. "	"c:\windows\system32\drivers\avgidseh.sys"
+ "AVGIDSFilter"	"AVG Technologies IDS Application Activity Monitor Filter Driver"	"AVG Technologies CZ, s.r.o. "	"c:\windows\system32\drivers\avgidsfilter.sys"
+ "AVGIDSShim"	"AVG Technologies IDS Application Activity Monitor Shim Loader Driver"	"AVG Technologies CZ, s.r.o. "	"c:\windows\system32\drivers\avgidsshim.sys"
+ "Avgldx86"	"AVG AVI Loader Driver"	"AVG Technologies CZ, s.r.o."	"c:\windows\system32\drivers\avgldx86.sys"
+ "Avgmfx86"	"AVG Resident Shield Minifilter Driver"	"AVG Technologies CZ, s.r.o."	"c:\windows\system32\drivers\avgmfx86.sys"
+ "Avgrkx86"	"AVG Anti-Rootkit Driver"	"AVG Technologies CZ, s.r.o."	"c:\windows\system32\drivers\avgrkx86.sys"
+ "Avgtdix"	"AVG Network connection watcher"	"AVG Technologies CZ, s.r.o."	"c:\windows\system32\drivers\avgtdix.sys"
+ "BrFiltLo"	"Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"	"Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer"	"Brother USB Serial Driver"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbser.sys"
+ "E1G60"	"Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver"	"Intel Corporation"	"c:\windows\system32\drivers\e1g60i32.sys"
+ "FwLnk"	"TOSHIBA Firmware Linkage 32-bit Driver"	"TOSHIBA Corporation"	"c:\windows\system32\drivers\fwlnk.sys"
+ "GEARAspiWDM"	"CD DVD Filter"	"GEAR Software Inc."	"c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HssDrv"	"Hotspot Shield Routing Driver"	"AnchorFree Inc."	"c:\windows\system32\drivers\hssdrv.sys"
+ "iaStor"	"Intel Matrix Storage Manager driver - ia32"	"Intel Corporation"	"c:\windows\system32\drivers\iastor.sys"
+ "igfx"	"Intel Graphics Kernel Mode Driver"	"Intel Corporation"	"c:\windows\system32\drivers\igdkmd32.sys"
+ "IntcAzAudAddService"	"Realtek(r) High Definition Audio Function Driver"	"Realtek Semiconductor Corp."	"c:\windows\system32\drivers\rtkvhda.sys"
+ "IO_Memory"	""	""	"File not found: C:\Windows\System32\Drivers\IO_Memory.sys"
+ "IpInIp"	"IP in IP Tunnel Driver"	""	"File not found: C:\Windows\System32\Drivers\IpInIp.sys"
+ "LVUVC"	""	""	"File not found: system32\DRIVERS\lvuvc.sys"
+ "MBAMProtector"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\windows\system32\drivers\mbam.sys"
+ "NwlnkFlt"	"IPX Traffic Filter Driver"	""	"File not found: C:\Windows\System32\Drivers\NwlnkFlt.sys"
+ "NwlnkFwd"	"IPX Traffic Forwarder Driver"	""	"File not found: C:\Windows\System32\Drivers\NwlnkFwd.sys"
+ "PxHelp20"	"Px Engine Device Driver for Windows 2000/XP"	"Sonic Solutions"	"c:\windows\system32\drivers\pxhelp20.sys"
+ "RTL8169"	"Realtek 8101E/8168/8169 NDIS6 32-bit Driver                    "	"Realtek Corporation                                            "	"c:\windows\system32\drivers\rtlh86.sys"
+ "RTL8187B"	"Realtek RTL8187B NDIS Driver"	"Realtek Semiconductor Corporation                           "	"c:\windows\system32\drivers\rtl8187b.sys"
+ "RtlProt"	"Realtke RtlProt WLAN Utility Protocol Driver"	"Windows (R) Codename Longhorn DDK provider"	"c:\windows\system32\drivers\rtlprot.sys"
+ "RTSTOR"	"Realtek USB Mass Storage Driver for Vista"	"Realtek Semiconductor Corp."	"c:\windows\system32\drivers\rtstor.sys"
+ "SCDEmu"	"PowerISO Virtual Drive"	"PowerISO Computing, Inc."	"c:\windows\system32\drivers\scdemu.sys"
+ "secdrv"	"Macrovision SECURITY Driver"	"Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."	"c:\windows\system32\drivers\secdrv.sys"
+ "SVRPEDRV"	"Inventec Preinstall Environment Service"	"Inventec Corporation"	"c:\windows\system32\sysprep\pedrv.sys"
+ "SynTP"	"Synaptics Touchpad Driver"	"Synaptics, Inc."	"c:\windows\system32\drivers\syntp.sys"
+ "taphss"	"TAP-Win32 Virtual Network Driver"	"AnchorFree Inc"	"c:\windows\system32\drivers\taphss.sys"
+ "tdcmdpst"	"TOSHIBA ODD Writing Driver for x86."	"TOSHIBA Corporation."	"c:\windows\system32\drivers\tdcmdpst.sys"
+ "tos_sps32"	"tos_sps2"	"TOSHIBA Corporation"	"c:\windows\system32\drivers\tos_sps32.sys"
+ "TVALZ"	"TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver"	"TOSHIBA Corporation"	"c:\windows\system32\drivers\tvalz_o.sys"
+ "USBAAPL"	"Apple Mobile Device USB Driver"	"Apple, Inc."	"c:\windows\system32\drivers\usbaapl.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""
+ "msacm.dvacm"	"Ulead DV Audio ACM Driver"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\vio\dvacm.acm"
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\system32\l3codeca.acm"
+ "msacm.vorbis"	"Ogg Vorbis CODEC for MSACM"	"HMS http://hp.vector.co.jp/authors/VA012897/"	"c:\windows\system32\vorbis.acm"
+ "vidc.cvid"	"Cinepak® Codec"	"Radius Inc."	"c:\windows\system32\iccvid.dll"
+ "vidc.i420"	""	""	"File not found: lvcodec2.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""
+ "9x8Resize"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "AAC Encoder"	"AACEnc"	"InterVider"	"c:\program files\intervideo\common\bin\aacenc.ax"
+ "Allocator Fix"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "Audio Source"	"Windows Media Preview Object"	"Microsoft Corporation"	"c:\program files\windows media components\encoder\wmprevu.dll"
+ "Bitmap"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "Dib Output"	""	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\filters\diboutput.ax"
+ "Dib Receive"	""	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\filters\dibreceive.ax"
+ "DV ACM V/A Source Filter"	""	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\filters\dvsf.ax"
+ "DV V/A Source Filter"	""	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\filters\dvsf.ax"
+ "DV Video Source Filter"	""	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\filters\dvsf.ax"
+ "Frame Eater"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "Intervideo 3gFileSource"	"Intervideo 3G File Source Filter"	"Microsoft Corporation"	"c:\program files\intervideo\common\bin\source3g.ax"
+ "Intervideo 3gFileWrite"	"Intervideo 3G File Write Filter"	"Microsoft Corporation"	"c:\program files\intervideo\common\bin\write3g.ax"
+ "InterVideo AAC (XForm) Decoder"	"InterVideo AAC Decoder"	"InterVideo Inc."	"c:\program files\intervideo\common\bin\iviaacdec.ax"
+ "Intervideo AMR Decoder"	"IVI AMR Decoding"	"Intervideo, Inc."	"c:\program files\intervideo\common\bin\amrdec.ax"
+ "Intervideo AMR Encoder"	"IVI AMR Encoding"	"Intervideo, Inc."	"c:\program files\intervideo\common\bin\amrenc.ax"
+ "InterVideo Audio Encoder"	"InterVideo?Audio Encoder Filter"	"InterVideo Inc."	"c:\program files\intervideo\common\bin\iviaenc.ax"
+ "InterVideo Demux"	"InterVideo® MPEG System Demultiplexer Filter"	"InterVideo Inc."	"c:\program files\intervideo\common\bin\ividemxx.ax"
+ "InterVideo Down Scale Filter"	"InterVideo® Down Scale Filter"	"InterVideo Inc."	"c:\program files\intervideo\common\bin\ividowns.ax"
+ "InterVideo DV Pre-Process"	"InterVideo DV Pre-Process Filter"	"InterVideo"	"c:\program files\intervideo\common\bin\dvprocs.ax"
+ "InterVideo DVB DSM-CC Filter"	"InterVideo DVB DSM-CC Decoder"	"InterVideo, Inc."	"c:\program files\intervideo\common\bin\dvbdsmcc.ax"
+ "InterVideo DVB Subpicture Filter"	"InterVideo DVB Subtitle Decoder"	"InterVideo, Inc."	"c:\program files\intervideo\common\bin\dvbspic.ax"
+ "InterVideo File Writer"	"InterVideo® File Writer Filter"	"InterVideo Inc."	"c:\program files\intervideo\common\bin\iviwrite.ax"
+ "InterVideo MPEG4 Video Decoder"	"InterVideo® MPEG4 Video Decoder Filter"	"InterVideo Inc."	"c:\program files\intervideo\common\bin\mp4vdec.ax"
+ "InterVideo MPEG4 Video Encoder"	"InterVideo® MPEG4 Video Encoder Filter"	"InterVideo Inc."	"c:\program files\intervideo\common\bin\mp4venc.ax"
+ "InterVideo Multiplexer"	"InterVideo® MPEG System Multiplexer Filter"	"InterVideo Inc."	"c:\program files\intervideo\common\bin\ivimux.ax"
+ "InterVideo Pre-scaling Filter"	"InterVideo® PreScale Filter"	"InterVideo Inc."	"c:\program files\intervideo\common\bin\iviscale.ax"
+ "InterVideo PSIP/SI Filter"	"InterVideo PSIP/SI Sections/Tables Filter"	"InterVideo, Inc."	"c:\program files\intervideo\common\bin\psidecod.ax"
+ "InterVideo Still Capture"	"InterVideo® Still Capture Filter"	"InterVideo Inc."	"c:\program files\intervideo\common\bin\iviscapt.ax"
+ "InterVideo Stream Buffer Filter"	"InterVideo Stream Buffer Filter"	"InterVideo Inc."	"c:\program files\intervideo\common\bin\smbuffer.ax"
+ "InterVideo Stream Writer"	"InterVideo© Stream File Writer"	"InterVideo, Inc."	"c:\program files\intervideo\common\bin\stmrite.ax"
+ "InterVideo Time Shift"	"InterVideo Time Shifting Filter"	"InterVideo Inc."	"c:\program files\intervideo\common\bin\ivits.ax"
+ "InterVideo Transport to Program Stream"	"InterVideo© Transport to Program Stream Converter"	"InterVideo, Inc."	"c:\program files\intervideo\common\bin\trtoprog.ax"
+ "InterVideo VBI Decoder"	"InterVideo VBI Decoder Filter"	"InterVideo, Inc."	"c:\program files\intervideo\common\bin\ivvbidec.ax"
+ "InterVideo Video Encoder"	"InterVideo® MPEG Video Encoder Filter"	"InterVideo Inc."	"c:\program files\intervideo\common\bin\ivivenc.ax"
+ "MPEG2 TS Source"	""	""	"c:\program files\intervideo\common\bin\mpgtsrdr.ax"
+ "Multiple File Output"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue"	"WME Record Queue"	"Microsoft Corporation"	"c:\program files\windows media components\encoder\wmedque.dll"
+ "Record Queue"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "Stetch"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "TOSHIBA Audio Decoder DVD"	"TOSHIBA Audio Decoder DVD"	"TOSHIBA Corporation"	"c:\program files\toshiba\toshiba dvd player\tosauddecl.ax"
+ "TOSHIBA Audio Rate Converter"	"TOSHIBA Audio Rate Converter"	"TOSHIBA Corporation"	"c:\program files\common files\toshiba shared\tosarc.ax"
+ "TOSHIBA DualMono"	"TOSHIBA DualMono"	"TOSHIBA Corporation"	"c:\program files\common files\toshiba shared\tosdualmono.ax"
+ "TOSHIBA DVD Navigator"	"TOSHIBA DVD Navigator"	"TOSHIBA Corporation"	"c:\program files\toshiba\toshiba dvd player\tdvdnavi.ax"
+ "TOSHIBA DVD VR Navigator"	"TOSHIBA DVD Player"	"TOSHIBA Corporation"	"c:\program files\toshiba\toshiba dvd player\tvrnavi.ax"
+ "TOSHIBA MPEG-2 Video Decoder (DVD)"	"TOSHIBA DVD Video Decoder Filter"	"TOSHIBA Corporation"	"c:\program files\toshiba\toshiba dvd player\tosmp2dvd.ax"
+ "TOSHIBA Progress Monitor"	"TOSHIBA Progress Monitor"	"TOSHIBA Corporation"	"c:\program files\toshiba\toshiba disc creator\tprogmon.ax"
+ "TOSHIBA WAV Converter"	"TOSHIBA Wav Converter"	"TOSHIBA Corporation"	"c:\program files\toshiba\toshiba disc creator\twavconv.ax"
+ "Ulead Audio Dual Channel Filter"	"Ulead Audio Dual Channel Filter"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\mpeg\uaudiodcfilter.ax"
+ "Ulead DV Scene Detect"	"ulDvScDt"	"Ulead system Inc."	"c:\program files\common files\ulead systems\capture\uldvscdt.ax"
+ "Ulead DV Writer"	"ulDVWriter"	"Ulead System Inc."	"c:\program files\common files\ulead systems\capture\uldvrite.ax"
+ "Ulead DVB Parser"	"Ulead DVB Parser Filter"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\mpeg\uldvbparser.ax"
+ "Ulead DVD Audio Decoder 2"	"Audio Decoder"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\mpeg\uldvdaudio.ax"
+ "Ulead DVD Navigator"	"DVD Navigator filter"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\dvd\uleaddvdnavigator.ax"
+ "Ulead DVD Video decoder 2"	"DVD Video Decoder with DxVA Support"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\mpeg\uldvdvideo.ax"
+ "ULead File Source (Async.)"	"Ulead Async Filter"	"Ulead Systems"	"c:\program files\common files\ulead systems\mpeg\ulasync.ax"
+ "ULead File Writer"	"File Dump Filter"	"ULead Systems"	"c:\program files\common files\ulead systems\filters\uldump.ax"
+ "ULead Infinite Pin Tee"	"Ulead Infinite Tee Filter"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\mpeg\uinftee.ax"
+ "Ulead MPEG Audio Decoder"	"Audio Decoder"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\mpeg\uldvdaudio.ax"
+ "Ulead MPEG Encoder"	"MPEG Encoder and Muxer"	"ULead Systems"	"c:\program files\common files\ulead systems\mpeg\ulesmpeg.ax"
+ "Ulead MPEG Muxer"	"MPEG Muxer"	"ULead Systems"	"c:\program files\common files\ulead systems\mpeg\ulmxmpeg.ax"
+ "Ulead MPEG Splitter"	"ULead Mpeg I/II Splitter"	"ULead Systems"	"c:\program files\common files\ulead systems\mpeg\ulspmpeg.ax"
+ "Ulead MPEG Transcoder"	"ulMPGTrans"	"Ulead com"	"c:\program files\common files\ulead systems\mpeg\ulmpgtrans.ax"
+ "Ulead MPEG Video Decoder"	"MPEG Video and Audio Decoder"	"ULead Systems"	"c:\program files\common files\ulead systems\mpeg\uldsmpeg.ax"
+ "Ulead MPEG-4 Audio Decoder"	"MP4 AAC Audio Decoder Filter"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\mpeg\uladmp4.ax"
+ "Ulead MPEG-4 Splitter"	"MP4 Splitter Filter"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\mpeg\ulspmp4.ax"
+ "Ulead MPEG-4 Video Decoder"	"MP4 Video Decoder Filter"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\mpeg\ulvdmp4.ax"
+ "Ulead Ogg Parser"	"ulOggParserFilter"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\mpeg\uloggparserfilter.ax"
+ "Ulead OggVorbis Decoder"	"ulOggVorbisDecoderFilter"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\mpeg\uloggvorbisdecoderfilter.ax"
+ "Ulead OggVorbis Encoder"	"ulOggVorbisEncoderFilter"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\mpeg\uloggvorbisencoderfilter.ax"
+ "Ulead Push Source Filter"	"Ulead Push Source Filter"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\mpeg\ulpushsource.ax"
+ "Ulead Sub-Picture Push Source Filter"	"Ulead Sub-Picture Push Source Filter"	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\mpeg\ulsubpicpushsource.ax"
+ "Ulead Video Deinterlace Filter"	""	"Ulead Systems, Inc."	"c:\program files\common files\ulead systems\filters\deinterlace.ax"
+ "Video Source"	"Windows Media Preview Object"	"Microsoft Corporation"	"c:\program files\windows media components\encoder\wmprevu.dll"
+ "WM VIH2 Fix"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "WMEnc Screen Capture Filter"	"WMESrcWp Module"	"Microsoft Corporation"	"c:\program files\windows media components\encoder\wmesrcwp.dll"
+ "WMT Audio Analyzer"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume"	"Windows Movie Maker Filters"	"Microsoft Corporation"	"c:\program files\movie maker\wmm2filt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute"	""	""	""
+ "C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync"	"AVG Cache Server"	"AVG Technologies CZ, s.r.o."	"c:\program files\avg\avg10\avgchsvx.exe"
+ "C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart"	"AVG Resident Shield Service"	"AVG Technologies CZ, s.r.o."	"c:\program files\avg\avg10\avgrsx.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls"	""	""	""
+ "C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll"	""	""	"File not found: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"	""	""	""
+ "igfxcui"	"igfxdev Module"	"Intel Corporation"	"c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"	""	""	""
+ "mdnsNSP"	"Bonjour Namespace Provider"	"Apple Inc."	"c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"	""	""	""
+ "Canon BJ Language Monitor MP240 series"	"IJ Language Monitor"	"CANON INC."	"c:\windows\system32\cnmlm9h.dll"
+ "Fax Dell V505 Port"	"Print Monitor (Win2k/WinXP)"	""	"c:\windows\system32\dldwpmon.dll"
+ "V505 Port"	"Printer Communication System"	" "	"c:\windows\system32\dldwlmpm.dll"
"C:\Users\Oni\AppData\Local\Microsoft\Windows Sidebar\Settings.ini"	""	""	""
+ "Clock"	"Watch the clock in your own time zone or any city in the world."	"Microsoft Corporation"	"C:\Program Files\windows sidebar\gadgets\Clock.gadget\en-US\Gadget.xml"
+ "Feed Headlines"	"Track the latest news, sports, and entertainment headlines."	"Microsoft Corporation"	"C:\Program Files\windows sidebar\gadgets\RSSFeeds.Gadget\en-US\Gadget.xml"
+ "Slide Show"	"Show a continuous slide show of your pictures."	"Microsoft Corporation"	"C:\Program Files\windows sidebar\gadgets\SlideShow.Gadget\en-US\Gadget.xml"