OTL logfile created on: 1/24/2013 9:35:28 AM - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\jerry\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.91 Gb Total Physical Memory | 1.81 Gb Available Physical Memory | 46.20% Memory free
7.83 Gb Paging File | 5.37 Gb Available in Paging File | 68.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 913.66 Gb Total Space | 832.88 Gb Free Space | 91.16% Space Free | Partition Type: NTFS
Drive F: | 372.61 Gb Total Space | 103.79 Gb Free Space | 27.85% Space Free | Partition Type: NTFS
 
Computer Name: JERRY-DELL | User Name: jerry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\jerry\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe ()
PRC - C:\ProgramData\ActivePath\ActiveMail\UpdateClient.exe (ActivePath Ltd.)
PRC - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Ad-Aware Antivirus\AdAware.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GbR)
PRC - C:\Program Files (x86)\PDF Architect\ConversionService.exe (pdfforge GbR)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
PRC - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
PRC - C:\Users\jerry\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe ()
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Program Files (x86)\24x7Help\App24x7Svc.exe (PCRx.com, LLC)
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (Wajam)
PRC - C:\apache\bin\httpd.exe (Apache Software Foundation)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - c:\Program Files (x86)\ScriptLogic\Databases\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\WINDOWS\Dell\PanelMgr\SSMMgr.exe ()
PRC - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc)
PRC - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc.)
PRC - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe (SafeNet, Inc.)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\Speaking Clock\spclock.exe (Lux Aeterna Software)
PRC - C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\acrotray.exe (Adobe Systems Inc.)
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\SiteSafety.dll ()
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\07ea9ea39e1fddc8e4fe8850c849309e\System.WorkflowServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\WINDOWS\Dell\PanelMgr\SSMMgr.exe ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files (x86)\Speaking Clock\voice\American English (female).dll ()
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:[b]64bit:[/b] - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV:[b]64bit:[/b] - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:[b]64bit:[/b] - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (Samsung UPD Service) -- C:\WINDOWS\SysNative\SUPDSvc.exe (Samsung Electronics CO., LTD.)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AppMgmt) -- C:\WINDOWS\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (vToolbarUpdater14.0.1) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Ad-Aware Service) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (PDF Architect Helper Service) -- C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GbR)
SRV - (PDF Architect Service) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe (pdfforge GbR)
SRV - (SBAMSvc) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SRV - (WINZIPSSDiskOptimizer) -- C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDefragSrv64.exe (WinZip Computing, S.L. (WinZip Computing))
SRV - (DefaultTabUpdate) -- C:\Users\jerry\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe ()
SRV - (ST2012_Svc) -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe (Crawler.com)
SRV - (24x7HelpSvc) -- C:\Program Files (x86)\24x7Help\App24x7Svc.exe (PCRx.com, LLC)
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (cphs) -- C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (WajamUpdater) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (Wajam)
SRV - (Apache2.2) -- C:\apache\bin\httpd.exe (Apache Software Foundation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (MSSQL$DESKTOPAUTHORITY) -- c:\Program Files (x86)\ScriptLogic\Databases\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (SentinelProtectionServer) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc)
SRV - (SentinelKeysServer) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc.)
SRV - (SentinelSecurityRuntime) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe (SafeNet, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - (avgtp) -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:[b]64bit:[/b] - (gfibto) -- C:\WINDOWS\SysNative\drivers\gfibto.sys (GFI Software)
DRV:[b]64bit:[/b] - (taphss6) -- C:\WINDOWS\SysNative\drivers\taphss6.sys (Anchorfree Inc.)
DRV:[b]64bit:[/b] - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswNdis2) -- C:\Windows\SysNative\drivers\aswNdis2.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswMonFlt) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswFW) -- C:\Windows\SysNative\drivers\aswFW.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswRdr) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:[b]64bit:[/b] - (USBAAPL64) -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:[b]64bit:[/b] - (NisDrv) -- C:\WINDOWS\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:[b]64bit:[/b] - (taphss) -- C:\WINDOWS\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:[b]64bit:[/b] - (sp_rsdrv2) -- C:\WINDOWS\SysNative\drivers\stflt.sys (Windows (R) Win 7 DDK provider)
DRV:[b]64bit:[/b] - (igfx) -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (vpcvmm) -- C:\WINDOWS\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (vpcnfltr) -- C:\WINDOWS\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (vpcbus) -- C:\WINDOWS\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (vpcusb) -- C:\WINDOWS\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (amdsata) -- C:\WINDOWS\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\WINDOWS\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (aswNdis) -- C:\WINDOWS\SysNative\drivers\aswNdis.sys (ALWIL Software)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (pneteth) -- C:\WINDOWS\SysNative\drivers\pneteth.sys (June Fabrics Technology Inc.)
DRV:[b]64bit:[/b] - (LMouFilt) -- C:\WINDOWS\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:[b]64bit:[/b] - (LEqdUsb) -- C:\WINDOWS\SysNative\drivers\LEqdUsb.sys (Logitech, Inc.)
DRV:[b]64bit:[/b] - (LHidFilt) -- C:\WINDOWS\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:[b]64bit:[/b] - (LHidEqd) -- C:\WINDOWS\SysNative\drivers\LHidEqd.sys (Logitech, Inc.)
DRV:[b]64bit:[/b] - (RTL8167) -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:[b]64bit:[/b] - (PSoCUSB) -- C:\WINDOWS\SysNative\drivers\cypress\miniprog3\PSoCUSB.sys (Cypress Semiconductor)
DRV:[b]64bit:[/b] - (CnxtHdAudService) -- C:\WINDOWS\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:[b]64bit:[/b] - (ssadbus) -- C:\WINDOWS\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RMCAST) -- C:\WINDOWS\SysNative\drivers\rmcast.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (netvsc) -- C:\WINDOWS\SysNative\drivers\netvsc60.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (dmvsc) -- C:\WINDOWS\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (SynthVid) -- C:\WINDOWS\SysNative\drivers\VMBusVideoM.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (TsUsbGD) -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (MEIx64) -- C:\WINDOWS\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (IntcDAud) -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:[b]64bit:[/b] - (htcnprot) -- C:\WINDOWS\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:[b]64bit:[/b] - (PxHlpa64) -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:[b]64bit:[/b] - (HTCAND64) -- C:\WINDOWS\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:[b]64bit:[/b] - (Sentinel64) -- C:\WINDOWS\SysNative\drivers\sentinel64.sys (SafeNet, Inc.)
DRV:[b]64bit:[/b] - (SSPORT) -- C:\WINDOWS\SysNative\drivers\SSPORT.sys (Samsung Electronics)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\WINDOWS\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\WINDOWS\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (ROOTMODEM) -- C:\WINDOWS\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (usb_rndisx) -- C:\WINDOWS\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (USB_RNDIS_VISTA) -- C:\WINDOWS\SysNative\drivers\usb8023.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\WINDOWS\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (DgiVecp) -- C:\WINDOWS\SysNative\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.)
DRV:[b]64bit:[/b] - (pnetmdm) -- C:\WINDOWS\SysNative\drivers\pnetmdm64.sys (June Fabrics Technology)
DRV:[b]64bit:[/b] - (WimFltr) -- C:\WINDOWS\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (MRESP50) -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MREMP50) -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (WIMMount) -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0CzzzzyDtDzzyDtDyC0BtN0D0Tzu0CtBtDyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=261313562
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=114&systemid=406&sr=0&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2437}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0CzzzzyDtDzzyDtDyC0BtN0D0Tzu0CtBtDyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=261313562
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0CzzzzyDtDzzyDtDyC0BtN0D0Tzu0CtBtDyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=261313562
IE - HKLM\..\URLSearchHook: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWin0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2437}
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=02594994-a960-47f9-9d77-9fa87b86da1a&searchtype=ds&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2E93BB57-586F-0A79-54A1-3B2924EDE487}: "URL" = http://www.searchqu.com/web?src=ieb&appid=GAW&systemid=437&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=114&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2437}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0CzzzzyDtDzzyDtDyC0BtN0D0Tzu0CtBtDyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=261313562
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.babylon.com/?affID=109935&tt=060612_5_&babsrc=HP_ss&mntrId=e61e506b000000000000d4bed9c88508
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=02594994-a960-47f9-9d77-9fa87b86da1a&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=02594994-a960-47f9-9d77-9fa87b86da1a&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bayoftheholyspirit.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.facebook.com/#!/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=02594994-a960-47f9-9d77-9fa87b86da1a&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=02594994-a960-47f9-9d77-9fa87b86da1a&searchtype=ds&q={searchTerms}
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=02594994-a960-47f9-9d77-9fa87b86da1a&searchtype=ds&q={searchTerms}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=44444&tt=040912_mnt_3612_7&babsrc=SP_ss&mntrId=e61e506b000000000000d4bed9c88508
IE - HKCU\..\SearchScopes\{196CB35C-F5C6-49DE-99B2-C945068463FF}: "URL" = http://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{1D54F4FE-DD03-4F30-8C0A-E9357382A69F}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3106777
IE - HKCU\..\SearchScopes\{2E93BB57-586F-0A79-54A1-3B2924EDE487}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=109935&tt=060612_5_&babsrc=SP_ss&mntrId=e61e506b000000000000d4bed9c88508
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = https://search.blekko.com/ws/?source=fd56a584&tbp=rbox&toolbarid=searchcom_003&u=20120423DFC848AB86060230C636E37D&q={searchTerms}
IE - HKCU\..\SearchScopes\{408017F0-9B7D-4D5E-A5EA-7A6A8918214C}: "URL" = http://www.mysearchresults.com/search?&c=2635&t=03&q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={D41CC0CA-68E6-485F-B176-C8A22F0ED1A7}&mid=fe0527c9b16547d08e34d12949cbf00e-f6aefa65952f8f697c4794d1cb570dfb3f7f47a4&lang=en&ds=pd011&pr=sa&d=2012-09-11 10:40:03&v=14.0.2.14&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=114&systemid=406&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2437}: "URL" = http://www.searchqu.com/web?src=ieb&appid=GAW&systemid=437&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}: "URL" = http://www.amazon.com/websearch/ref=bit_bds-p18_serp_ie_us_display?ie=UTF8&tag=bds-p18-serp-us-ie-20&tagbase=bds-p18&tbrId=v1_abb-channel-18_48fec8b9ba464822ae4adc6a76ac6239_18_38_20121129_US_ie_ds_OC1&query={searchTerms}
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80308&lng=en
IE - HKCU\..\SearchScopes\{D9DAC5B9-7C7F-4070-BBC5-53D5FC7EB29C}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AD&o=101997&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=K9&apn_dtid=YYYYYYYYUS&apn_uid=3173C7CF-CA69-42CC-B581-C5114E705948&apn_sauid=60E36DAB-60D3-4356-A958-D4634C7C8827
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@GamingWonderland.com/Plugin: C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\@winzip.com/Winzip Courier: C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tightropeinteractive.com/Plugin: C:\Users\jerry\AppData\Local\Tightrope\TNT2\npTNT2.dll (Tightrope)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\jerry\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gtffxtbr@GamingWonderland.com: C:\Program Files (x86)\GamingWonderland\bar\1.bin [2012/05/22 09:04:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{74c841e3-b59f-479e-8d7a-e26a942a87c8}: C:\Program Files (x86)\WinZip Courier\FFExt [2012/04/24 18:15:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\siteranker@siteranker.com: C:\Program Files (x86)\SiteRanker\firefox\ [2012/05/11 08:57:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fbdownloader@KMcore: C:\Program Files (x86)\SDIV 2.0\Lib\xpi [2012/05/14 13:04:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/07 08:06:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.0.2.14 [2013/01/24 08:18:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012/11/29 11:27:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012/12/12 10:13:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012/12/12 10:13:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/22 14:16:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/01/13 08:35:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/22 14:16:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/01/13 08:35:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012/08/16 09:58:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jerry\AppData\Roaming\mozilla\Extensions
[2013/01/16 14:23:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jerry\AppData\Roaming\mozilla\Firefox\Profiles\l6iynxxx.default\extensions
[2012/09/10 10:02:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jerry\AppData\Roaming\mozilla\Firefox\Profiles\l6iynxxx.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2012/10/16 14:35:32 | 000,000,000 | ---D | M] (ActiveMail) -- C:\Users\jerry\AppData\Roaming\mozilla\Firefox\Profiles\l6iynxxx.default\extensions\activemail@activepath.com
[2013/01/16 14:23:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jerry\AppData\Roaming\mozilla\Firefox\Profiles\l6iynxxx.default\extensions\staged
[2013/01/22 14:15:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jerry\AppData\Roaming\mozilla\Firefox\Profiles\q3c6h38q.default-1347292834700\extensions
[2013/01/22 14:15:45 | 000,000,000 | ---D | M] (Ad-Aware Security Add-on) -- C:\Users\jerry\AppData\Roaming\mozilla\Firefox\Profiles\q3c6h38q.default-1347292834700\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2013/01/20 08:48:58 | 000,000,000 | ---D | M] (Hotspot Shield) -- C:\Users\jerry\AppData\Roaming\mozilla\Firefox\Profiles\q3c6h38q.default-1347292834700\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
[2012/12/29 15:12:46 | 000,000,000 | ---D | M] (SaveByclick) -- C:\Users\jerry\AppData\Roaming\mozilla\Firefox\Profiles\q3c6h38q.default-1347292834700\extensions\50df5db089d32@50df5db089d6b.com
[2012/10/16 14:35:36 | 000,000,000 | ---D | M] (ActiveMail) -- C:\Users\jerry\AppData\Roaming\mozilla\Firefox\Profiles\q3c6h38q.default-1347292834700\extensions\activemail@activepath.com
[2013/01/22 14:15:49 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\jerry\AppData\Roaming\mozilla\Firefox\Profiles\q3c6h38q.default-1347292834700\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012/09/25 11:11:31 | 000,000,000 | ---D | M] (SelectionLinks) -- C:\Users\jerry\AppData\Roaming\mozilla\Firefox\Profiles\q3c6h38q.default-1347292834700\extensions\plugin@selectionlinks.com
[2012/12/01 15:32:33 | 000,491,479 | ---- | M] () (No name found) -- C:\Users\jerry\AppData\Roaming\mozilla\firefox\profiles\q3c6h38q.default-1347292834700\extensions\abb@amazon.com.xpi
[2012/12/19 15:27:32 | 000,052,190 | ---- | M] () (No name found) -- C:\Users\jerry\AppData\Roaming\mozilla\firefox\profiles\q3c6h38q.default-1347292834700\extensions\fabtab@captaincaveman.nl.xpi
[2012/12/19 15:15:34 | 000,455,379 | ---- | M] () (No name found) -- C:\Users\jerry\AppData\Roaming\mozilla\firefox\profiles\q3c6h38q.default-1347292834700\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2012/11/23 12:40:35 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\jerry\AppData\Roaming\mozilla\firefox\profiles\q3c6h38q.default-1347292834700\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/01/21 09:12:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/12/06 12:04:24 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/01/24 08:16:17 | 000,003,593 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/09/05 09:43:30 | 000,002,359 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/09/05 19:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/04/02 09:20:57 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/04/23 11:33:27 | 000,002,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml
[2012/08/15 09:01:24 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012/10/12 08:14:53 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
 
O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (ActiveMail) - {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\ProgramData\ActivePath\ActiveMail\ActiveMailBHO64.dll (ActivePath Ltd.)
O2:[b]64bit:[/b] - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files (x86)\SiteRanker\SiteRank.dll (Crawler, LLC)
O2 - BHO: (Search.com searchbox) - {25f91356-743d-4a72-85bf-c49033ffa72b} - C:\Program Files (x86)\searchcom_003\searchcom_001X.dll ()
O2 - BHO: (no name) - {300BEC06-B743-4D19-86B9-11DC711D7FFB} - No CLSID value found.
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (WinZipBar Toolbar) - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWin0.dll (Conduit Ltd.)
O2 - BHO: (FBDownloader BHO) - {553318DA-D010-469E-84B1-496563CAE1BF} - C:\Program Files (x86)\HTTO Group, Ltd\FBDownloader IE Add-on\FBDownloader.dll (HTTO Group, Ltd)
O2 - BHO: (Bucksbee Loyalty Plugin - Guppy Media) - {652B399A-4CE6-ADF4-C9A0-DAE7374EE2FE} - C:\Program Files (x86)\Bucksbee Loyalty Plugin - Guppy Media\BucksBee Loyalty Plugin.dll (Freecause Inc.)
O2 - BHO: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - No CLSID value found.
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\jerry\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll ()
O2 - BHO: (WinZip Courier BHO) - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\Program Files (x86)\WinZip Courier\wzwmcie.dll (WinZip Computing, S.L.)
O2 - BHO: (no name) - {ab5d199e-9659-47a2-930b-fc3b69061353} - No CLSID value found.
O2 - BHO: (no name) - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - No CLSID value found.
O2 - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~2\INBOXT~1\Inbox.dll File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ActiveMail) - {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\ProgramData\ActivePath\ActiveMail\ActiveMailBHO.dll (ActivePath Ltd.)
O2 - BHO: (AlxHelper Class) - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll File not found
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (Search.com searchbox) - {25f91356-743d-4a72-85bf-c49033ffa72b} - C:\Program Files (x86)\searchcom_003\searchcom_001X.dll ()
O3 - HKLM\..\Toolbar: (no name) - {4EBB7828-9766-48AD-8230-7E6B03E01F51} - No CLSID value found.
O3 - HKLM\..\Toolbar: (WinZipBar Toolbar) - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~2\INBOXT~1\Inbox.dll File not found
O3 - HKLM\..\Toolbar: (Amazon Browser Bar) - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:HKU - HKCU\..\Toolbar\WebBrowser: (Search.us.com Toolbar) - {4EBB7828-9766-48AD-8230-7E6B03E01F51} - C:\Users\jerry\AppData\Local\Tightrope\TNT2\ietoolbar.dll (Freshy.com)
O3 - HKCU\..\Toolbar\WebBrowser: (WinZipBar Toolbar) - {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} - C:\Program Files (x86)\WinZipBar\prxtbWin0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~2\INBOXT~1\Inbox.dll File not found
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4:[b]64bit:[/b] - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [ADBlocker] C:\Program Files (x86)\anvisoft\Anvi AD Blocker\ADBlockerTray.exe -tray File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell PanelMgr] C:\WINDOWS\Dell\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE (Corel Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Facebook Update] C:\Users\jerry\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Speaking Clock Lite] C:\Program Files (x86)\Speaking Clock\spclock.exe (Lux Aeterna Software)
O4 - Startup: C:\Users\jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: Copy to &Lightning Note - c:\Program Files (x86)\Corel\WordPerfect Lightning\Programs\WPLightningCopyToNote.hta ()
O8:[b]64bit:[/b] - Extra context menu item: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\WPLauncher.hta ()
O8 - Extra context menu item: Copy to &Lightning Note - c:\Program Files (x86)\Corel\WordPerfect Lightning\Programs\WPLightningCopyToNote.hta ()
O8 - Extra context menu item: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\WPLauncher.hta ()
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Reg Error: Key error.)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Reg Error: Key error.)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {682C59F5-478C-4421-9070-AD170D143B77} http://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab (Launcher Class)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/PCMagnum/controls/PCPitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06B976E5-47C4-44A1-A269-34D58F1AF18A}: DhcpNameServer = 192.168.100.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D344855-CD3F-428E-B08D-0A101CE60B47}: DhcpNameServer = 192.168.2.1
O18:[b]64bit:[/b] - Protocol\Handler\cozi - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\inbox - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.1\ViProtocol.dll ()
O18:[b]64bit:[/b] - Protocol\Filter\text/xml - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/01/07 08:56:59 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/01/22 14:22:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013/01/22 14:22:53 | 000,000,000 | ---D | C] -- C:\Users\jerry\AppData\Roaming\LavasoftStatistics
[2013/01/22 14:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2013/01/22 14:17:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013/01/22 14:17:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2013/01/22 14:16:53 | 000,047,496 | ---- | C] (GFI Software) -- C:\Windows\SysNative\sbbd.exe
[2013/01/22 14:16:53 | 000,014,456 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013/01/22 14:16:01 | 000,000,000 | ---D | C] -- C:\Users\jerry\AppData\Local\adawarebp
[2013/01/22 14:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2013/01/22 14:15:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2013/01/22 14:15:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb
[2013/01/22 14:14:19 | 000,000,000 | ---D | C] -- C:\Users\jerry\AppData\Roaming\Ad-Aware Antivirus
[2013/01/20 08:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2013/01/20 08:44:51 | 000,103,936 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2013/01/20 08:44:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2013/01/18 09:49:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
[2013/01/18 09:43:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SQL Server Setup
[2013/01/18 09:42:54 | 000,000,000 | ---D | C] -- C:\Users\jerry\AppData\Local\ApplicationHistory
[2013/01/18 09:42:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScriptLogic
[2013/01/18 09:37:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/01/18 09:36:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
[2013/01/17 10:23:29 | 000,000,000 | ---D | C] -- C:\Users\jerry\Documents\webbackup
[2013/01/16 14:21:05 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/01/15 11:31:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/01/15 10:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\XoftSpySE
[2013/01/13 08:35:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013/01/10 13:44:02 | 000,042,184 | ---- | C] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys
[2013/01/10 13:33:50 | 000,042,696 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[2013/01/10 10:37:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/10 10:37:24 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/01/10 10:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/01/09 11:49:23 | 000,000,000 | ---D | C] -- C:\Users\jerry\Documents\Redirected to i.trkjmp.com Virus  How to Remove Browser Hijacker _ PC Problem Fix_files
[2013/01/08 12:35:29 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\04670863.sys
[2013/01/08 11:34:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/01/07 10:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/01/07 09:30:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013/01/07 09:30:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/01/07 08:56:39 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/01/07 08:55:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/01/04 10:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2013/01/01 12:42:53 | 000,000,000 | ---D | C] -- C:\Users\jerry\AppData\Roaming\24x7 Help
[2013/01/01 11:41:58 | 000,776,192 | ---- | C] (Motive Systems) -- C:\Windows\MFRes_7_0_2589_6.dll
[2012/12/29 14:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\SaveByclick
[2012/12/28 15:35:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alibre PhotoRender
[2012/12/28 09:29:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alibre Design
[2012/12/28 09:29:17 | 000,000,000 | ---D | C] -- C:\Program Files\Alibre Design
[2012/03/29 20:14:52 | 000,332,144 | ---- | C] (Corel) -- C:\Program Files (x86)\Common Files\MediaOrganizer.dll
[2012/03/29 20:14:52 | 000,033,136 | ---- | C] (Corel-V1E) -- C:\Program Files (x86)\Common Files\FlickrProvider.dll
[2012/03/29 20:14:51 | 000,465,264 | ---- | C] (Corel) -- C:\Program Files (x86)\Common Files\AppFramework.dll
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Users\jerry\*.tmp files -> C:\Users\jerry\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/01/24 09:38:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2013/01/24 09:35:00 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\ActiveMail Chrome Watcher.job
[2013/01/24 09:33:00 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2013/01/24 09:25:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/24 08:56:02 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/24 08:37:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2210559641-1880241116-1518061268-1001UA.job
[2013/01/24 08:37:01 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2210559641-1880241116-1518061268-1001Core.job
[2013/01/24 08:24:39 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/24 08:24:38 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/24 08:18:51 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2013/01/24 08:17:38 | 000,025,600 | ---- | M] () -- C:\Users\jerry\Documents\jan2013.qpw
[2013/01/24 08:15:09 | 000,005,278 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2013/01/24 08:14:46 | 000,037,720 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/01/24 08:14:16 | 000,001,906 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013/01/24 08:13:27 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/24 08:12:50 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\ActiveMail Updater.job
[2013/01/24 08:12:25 | 000,000,516 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Update Version3 Startup Task.job
[2013/01/24 08:10:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/24 08:10:26 | 3152,523,264 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/23 09:50:17 | 000,119,173 | ---- | M] () -- C:\Users\jerry\Documents\pio60.pdf
[2013/01/22 14:16:52 | 000,047,496 | ---- | M] (GFI Software) -- C:\Windows\SysNative\sbbd.exe
[2013/01/22 14:16:52 | 000,014,456 | ---- | M] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013/01/22 12:00:11 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\CypressUpdateManager.job
[2013/01/21 12:03:40 | 000,095,575 | ---- | M] () -- C:\Users\jerry\Documents\CHild reams.pdf
[2013/01/20 08:44:59 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2013/01/19 08:54:55 | 000,811,568 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/19 08:54:55 | 000,717,932 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/19 08:54:55 | 000,144,402 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/18 09:43:04 | 000,000,093 | ---- | M] () -- C:\Users\jerry\AppData\Local\fusioncache.dat
[2013/01/17 12:16:10 | 000,000,510 | ---- | M] () -- C:\Windows\tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days.job
[2013/01/16 14:22:53 | 000,001,000 | ---- | M] () -- C:\Users\Public\Desktop\7-zip.lnk
[2013/01/16 12:33:57 | 000,225,317 | ---- | M] () -- C:\Users\jerry\Malware Removal Guide for Windows.pdf
[2013/01/15 09:37:53 | 002,813,721 | ---- | M] () -- C:\Users\jerry\Documents\13_3 Bo Ex 10 1 to 13 16.pdf
[2013/01/13 18:00:00 | 000,000,492 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2013/01/13 09:31:20 | 000,002,116 | ---- | M] () -- C:\Users\jerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2013/01/13 09:07:44 | 000,002,058 | ---- | M] () -- C:\Users\jerry\Desktop\WYSIWYG Web Builder 8.lnk
[2013/01/13 09:05:44 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2013/01/12 15:47:45 | 000,087,911 | ---- | M] () -- C:\Users\jerry\Documents\jannl2013l.pdf
[2013/01/12 11:27:50 | 000,001,956 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013/01/12 11:27:36 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/01/11 11:39:42 | 000,103,936 | ---- | M] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2013/01/10 14:56:08 | 000,000,464 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Update Version3.job
[2013/01/10 14:56:08 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Pro.job
[2013/01/10 13:44:02 | 000,042,184 | ---- | M] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys
[2013/01/10 13:33:50 | 000,042,696 | ---- | M] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[2013/01/10 12:03:15 | 000,523,912 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/10 11:59:21 | 000,774,812 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/10 09:25:42 | 000,002,057 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013/01/09 11:52:06 | 000,048,180 | ---- | M] () -- C:\Users\jerry\Documents\Redirected to i.trkjmp.com Virus  How to Remove Browser Hijacker _ PC Problem Fix.htm
[2013/01/08 12:35:30 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\04670863.sys
[2013/01/07 10:24:57 | 000,017,399 | ---- | M] () -- C:\Users\jerry\Documents\BAY OF THE HOLY SPIRITFor such a time as this.pdf
[2013/01/07 09:30:48 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/01/07 08:56:59 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013/01/07 08:26:29 | 000,160,951 | ---- | M] () -- C:\Users\jerry\Documents\pio59.pdf
[2013/01/01 11:14:49 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2012/12/29 14:59:00 | 000,009,049 | ---- | M] () -- C:\Users\jerry\Documents\HOLYIt is all about holiness.pdf
[2012/12/28 09:29:59 | 000,001,127 | ---- | M] () -- C:\Users\Public\Desktop\Alibre Design.lnk
[2012/12/26 08:56:54 | 000,157,039 | ---- | M] () -- C:\Users\jerry\Documents\12_12 Vayechi Gen 47 28 to 50 26.pdf
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Users\jerry\*.tmp files -> C:\Users\jerry\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/01/24 08:18:51 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2013/01/23 09:50:16 | 000,119,173 | ---- | C] () -- C:\Users\jerry\Documents\pio60.pdf
[2013/01/22 14:17:35 | 000,001,906 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013/01/20 08:44:59 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2013/01/20 08:42:05 | 000,095,575 | ---- | C] () -- C:\Users\jerry\Documents\CHild reams.pdf
[2013/01/18 09:43:04 | 000,000,093 | ---- | C] () -- C:\Users\jerry\AppData\Local\fusioncache.dat
[2013/01/16 14:22:53 | 000,001,000 | ---- | C] () -- C:\Users\Public\Desktop\7-zip.lnk
[2013/01/16 12:33:55 | 000,225,317 | ---- | C] () -- C:\Users\jerry\Malware Removal Guide for Windows.pdf
[2013/01/16 09:50:59 | 000,000,380 | ---- | C] () -- C:\Windows\tasks\ActiveMail Updater.job
[2013/01/16 09:50:56 | 000,000,396 | ---- | C] () -- C:\Windows\tasks\ActiveMail Chrome Watcher.job
[2013/01/15 09:37:51 | 002,813,721 | ---- | C] () -- C:\Users\jerry\Documents\13_3 Bo Ex 10 1 to 13 16.pdf
[2013/01/12 15:47:44 | 000,087,911 | ---- | C] () -- C:\Users\jerry\Documents\jannl2013l.pdf
[2013/01/10 14:37:27 | 000,000,492 | ---- | C] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2013/01/10 14:37:10 | 000,000,516 | ---- | C] () -- C:\Windows\tasks\SpeedyPC Update Version3 Startup Task.job
[2013/01/10 14:37:09 | 000,000,464 | ---- | C] () -- C:\Windows\tasks\SpeedyPC Update Version3.job
[2013/01/10 14:37:07 | 000,000,420 | ---- | C] () -- C:\Windows\tasks\SpeedyPC Pro.job
[2013/01/10 09:25:42 | 000,002,057 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013/01/09 11:49:22 | 000,048,180 | ---- | C] () -- C:\Users\jerry\Documents\Redirected to i.trkjmp.com Virus  How to Remove Browser Hijacker _ PC Problem Fix.htm
[2013/01/07 10:24:56 | 000,017,399 | ---- | C] () -- C:\Users\jerry\Documents\BAY OF THE HOLY SPIRITFor such a time as this.pdf
[2013/01/07 09:30:48 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/01/07 09:30:36 | 000,002,115 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/01/07 08:56:59 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013/01/07 08:26:28 | 000,160,951 | ---- | C] () -- C:\Users\jerry\Documents\pio59.pdf
[2013/01/01 11:14:49 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012/12/29 14:58:59 | 000,009,049 | ---- | C] () -- C:\Users\jerry\Documents\HOLYIt is all about holiness.pdf
[2012/12/28 09:29:59 | 000,001,127 | ---- | C] () -- C:\Users\Public\Desktop\Alibre Design.lnk
[2012/12/26 08:56:51 | 000,157,039 | ---- | C] () -- C:\Users\jerry\Documents\12_12 Vayechi Gen 47 28 to 50 26.pdf
[2012/12/24 15:24:43 | 000,001,728 | ---- | C] () -- C:\Users\jerry\.recently-used.xbel
[2012/12/22 16:15:16 | 000,021,960 | ---- | C] () -- C:\Users\jerry\bohs-shortnote.svg
[2012/12/04 14:11:11 | 000,013,042 | ---- | C] () -- C:\Users\jerry\drawing-1.svg
[2012/12/04 13:51:55 | 000,224,630 | ---- | C] () -- C:\Users\jerry\path2991.bmp
[2012/12/04 13:49:21 | 000,006,370 | ---- | C] () -- C:\Users\jerry\drawing.svg
[2012/12/04 13:48:44 | 000,033,254 | ---- | C] () -- C:\Users\jerry\path2991.png
[2012/11/08 12:45:32 | 000,030,132 | ---- | C] () -- C:\Users\jerry\rect2991.png
[2012/10/09 15:10:54 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2012/10/09 14:59:32 | 000,000,100 | ---- | C] () -- C:\Windows\1FB169BC-703B-4282-BD96-2CCF743D3814.ini
[2012/10/09 14:40:21 | 000,000,036 | ---- | C] () -- C:\ProgramData\InstallAlibre.config
[2012/09/13 14:03:14 | 000,000,254 | ---- | C] () -- C:\Users\jerry\.ImageJ_3D_Viewer.props
[2012/08/24 16:24:39 | 000,000,000 | ---- | C] () -- C:\Users\jerry\AppData\Local\rx_image32.Cache
[2012/08/06 10:20:16 | 000,102,248 | ---- | C] () -- C:\Users\jerry\GoToAssistDownloadHelper.exe
[2012/07/26 08:09:51 | 000,384,844 | ---- | C] () -- C:\Users\jerry\AppData\Local\funmoods-speeddial.crx
[2012/07/11 11:35:01 | 000,000,703 | ---- | C] () -- C:\Users\jerry\AppData\Local\recently-used.xbel
[2012/06/25 11:38:47 | 000,484,592 | ---- | C] () -- C:\Windows\SSndii.exe
[2012/04/24 15:13:31 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\nnr.dll
[2012/04/16 13:40:32 | 000,258,864 | ---- | C] () -- C:\Windows\SUPDRun.exe
[2012/04/09 09:56:17 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/04/06 14:26:36 | 000,000,008 | RHS- | C] () -- C:\ProgramData\9952AE61A1.sys
[2012/04/05 13:49:41 | 000,002,955 | ---- | C] () -- C:\Users\jerry\AppData\Roaming\SAS7_000.DAT
[2012/03/29 20:14:52 | 000,130,416 | ---- | C] () -- C:\Program Files (x86)\Common Files\PluginCommon.dll
[2012/03/29 20:14:51 | 000,402,800 | ---- | C] () -- C:\Program Files (x86)\Common Files\facebook.dll
[2012/03/29 20:14:51 | 000,148,177 | ---- | C] () -- C:\Program Files (x86)\Common Files\BookViewer.xap
[2012/03/27 15:35:45 | 000,003,584 | ---- | C] () -- C:\Users\jerry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/27 14:01:04 | 000,000,157 | ---- | C] () -- C:\Users\jerry\AppData\Roaming\cntp.ini
[2012/03/27 14:00:22 | 000,002,808 | ---- | C] () -- C:\Users\jerry\AppData\Roaming\cntp.nws
[2012/03/27 13:07:26 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/03/27 07:36:06 | 000,005,305 | ---- | C] () -- C:\Users\jerry\AppData\Roaming\flexadmin.xml
[2012/03/27 07:28:17 | 000,005,278 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012/03/19 22:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/03/19 22:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/03/19 22:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/03/19 21:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012/03/16 01:41:21 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/02/10 08:33:46 | 000,811,568 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013/01/01 12:42:53 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\24x7 Help
[2013/01/22 15:29:23 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\Ad-Aware Antivirus
[2013/01/10 15:21:11 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\Alibre Design
[2012/11/29 11:28:00 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\APP_NAME_NON_STRING
[2012/04/02 13:41:01 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\Avery
[2012/08/23 06:40:16 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\AVG
[2012/04/27 14:37:56 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\Babylon
[2012/11/17 10:37:23 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\Blender Foundation
[2012/03/27 12:27:18 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\Blio
[2012/10/09 08:19:11 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\CadSoft
[2012/04/02 18:46:04 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/09/02 08:57:25 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\DefaultTab
[2012/04/02 19:18:54 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\DriverCure
[2012/06/18 11:17:23 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\driveridentifier
[2012/03/29 09:21:59 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\eFax Messenger
[2012/11/14 13:30:22 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\eMachineShop
[2012/03/26 19:00:21 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\Fingertapps
[2012/04/09 14:59:54 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\funkitron
[2013/01/16 15:15:24 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\GlobalSCAPE
[2013/01/01 11:40:12 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\inkscape
[2012/03/29 09:22:15 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\j2 Global
[2012/03/28 13:16:49 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\Leadertech
[2012/04/05 13:25:42 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\Nuance
[2012/11/29 11:27:12 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\OpenCandy
[2012/05/17 13:03:58 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\OpenOffice.org
[2012/04/10 08:05:06 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\PC Cleaners
[2012/03/28 11:37:02 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\PCDr
[2012/08/06 09:18:44 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\PCPro
[2012/12/04 09:57:12 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\PDF Architect
[2013/01/20 08:44:59 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\pdfforge
[2012/11/06 10:58:35 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\PGP
[2012/12/10 15:41:02 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\pim
[2012/12/10 15:41:01 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\PTC Download
[2012/06/17 15:59:30 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\Samsung
[2012/04/24 19:12:50 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\searchcom_001
[2012/04/24 19:12:58 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\searchcom_003
[2012/09/24 07:32:46 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\Soft Solutions
[2012/04/02 19:18:54 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\SpeedyPC Software
[2012/07/28 09:38:48 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\Spyware Terminator
[2012/03/26 19:46:35 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\Thunderbird
[2012/12/04 11:53:45 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\Unigraphics Solutions
[2012/07/26 11:19:16 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\WinZip
[2012/04/09 10:01:24 | 000,000,000 | ---D | M] -- C:\Users\jerry\AppData\Roaming\ZinioReader4
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2012/04/01 10:04:39 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?§) -- C:\Windows\SysNative\좠§
[2012/04/01 10:04:39 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?§) -- C:\Windows\SysNative\좠§
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 965 bytes -> C:\Users\jerry\Documents\FW  Look out new world in the morning and it is not good.eml:OECustomProperty
@Alternate Data Stream - 205 bytes -> C:\ProgramData\Temp:F35A93AD
@Alternate Data Stream - 143 bytes -> C:\Users\jerry\AppData\Roaming\cntp.nws:OECustomProperty
@Alternate Data Stream - 1189 bytes -> C:\Users\jerry\Documents\OBAMA LAWYER ADMITS FORGERY BUT DISREGARDS 'IMAGE' AS INDICATION OF OBAMA'S INELIGIBILITY.eml:OECustomProperty
@Alternate Data Stream - 1035 bytes -> C:\Users\jerry\Documents\[revival] A.W. TOZER WRITES....eml:OECustomProperty

< End of report >